public function remove() { $product = Helper::load('data/products/' . $_GET['id'] . '.inc'); $this->warenkorb->remove($product); $_SESSION['warenkorb'] = serialize($this->warenkorb); $this->get(); }
/** * Constructor */ public function __construct() { parent::__construct(); Helper::load('table', 'date', 'eav', 'form'); // Load EAV model $this->db_page = $this->model('Model_Eav', 'page'); }
/** * Constructor */ public function __construct() { parent::__construct(); Helper::load('form', 'date', 'guid'); // Load model $this->db_user = $this->model('Model_User'); }
/** * Handles the DB fields and their values. * @param string $method * @param array $args * @return bool|mixed * @throws Exception_Exido */ public function __call($method, array $args) { if (preg_match('/^set(.*)/', $method, $m) and isset($m[1]) and $field = strtolower($m[1])) { // Set a new property to the $_aData array Helper::load('string'); $this->_aData->{$field} = stringNull(reset($args)); return true; } if (preg_match('/^get(.*)/', $method, $m) and isset($m[1]) and $field = strtolower($m[1])) { // Get a property from the $_aData array if (!isset($this->_aData->{$field})) { throw new Exception_Exido('You suppose to use an undefined method or property %s::%s', array(get_called_class(), $method)); } return $this->_aData->{$field}; } if (preg_match('/^remove(.*)/', $method, $m) and isset($m[1]) and $field = strtolower($m[1])) { // Remove a property from the $_aData array if (!isset($this->_aData->{$field})) { throw new Exception_Exido('You suppose to remove an undefined property %s::%s', array(get_called_class(), $method)); } unset($this->_aData->{$field}); return true; } throw new Exception_Exido('You suppose to use an undefined method %s::%s(%s)', array(get_called_class(), $method, implode(', ', $args))); }
/** * Loads a class and instantiate an object. * @param string $class class name * @param null $params * @param bool $instantiate * @param bool $force_new_object * @return object|bool */ public static function &factory($class, $params = null, $instantiate = true, $force_new_object = false) { $class = strtolower($class); $path = str_replace('_', '/', $class); // If we would like to instantiate a new object, // we do not need to check the class existance. if ($force_new_object) { // Does the class exist? If so, we're done... if (isset(self::$_objects[$class])) { return self::$_objects[$class]; } } $p = explode('/', $path); $filename = end($p); $path = implode('/', array_slice($p, 0, -1)) . '/'; // Try to find a file $file = Exido::findFile($path, $filename, true); if (is_file($file)) { include_once $file; $name = $class; if ($force_new_object) { Helper::load('guid'); $name = $name . '_' . guidGet(); } if ($instantiate == false) { self::$_objects[$name] = true; return self::$_objects[$name]; } self::$_objects[$name] = new $class($params); return self::$_objects[$name]; } return false; }
/** * Gets the singleton instance * @return Input */ public static function &instance() { if (self::$_instance === null) { self::$_instance = new self(); } // Load a required helper Helper::load('array'); if (get_magic_quotes_gpc()) { $_GET = arrayStripSlashes($_GET); $_POST = arrayStripSlashes($_POST); $_COOKIE = arrayStripSlashes($_COOKIE); $_FILES = arrayStripSlashes($_FILES); } return self::$_instance; }
/** * Constructor */ public function __construct() { parent::__construct(); Helper::load('table', 'date'); // UI error notifications if ($text = $this->session->get('action_success')) { $this->view->notify_text = $text; $this->view->notify_style = 'ui-popup-success'; $this->session->set('action_success', false); } if ($text = $this->session->get('action_error')) { $this->view->notify_text = $text; $this->view->notify_style = 'ui-popup-error'; $this->session->set('action_error', false); } }
/** * 保存获取到的微信数据 * * @param type $openID * @param type $token * @param type $wxName */ public function _wxSaveData($openID, $token, $wxName, $sex, $avatar = '') { $wxName = trim($wxName); if (empty($wxName)) { $wxName = 'TA'; } $wxUser['openID'] = $openID; $wxUser['token'] = $token; $wxUser['wxName'] = $wxName; $wxUser['sex'] = $sex; $wxUser['avatar'] = $avatar; $m_wxUser = Helper::load('Wx_user'); $where = array('openID' => $openID); $total = $m_wxUser->Where($where)->Total(); if (!$total) { $m_wxUser->Insert($wxUser); } return $wxUser; }
public function load($model) { return Helper::load($model); }
$registry->set('cart', new Cart($registry)); // ocStore features $registry->set('ocstore', new ocStore($registry)); // Encryption $registry->set('encryption', new Encryption($config->get('config_encryption'))); // Front Controller $controller = new Front($registry); // SEO URL's if (!($seo_type = $config->get('config_seo_url_type'))) { $seo_type = 'seo_url'; } $controller->addPreAction(new Action('common/' . $seo_type)); // Maintenance Mode $controller->addPreAction(new Action('common/maintenance')); //helper $helper = new Helper($registry); if (isset($_helpers) && count($_helpers)) { foreach ($_helpers as $_helper) { $helper->load($_helper); } } // Router if (isset($request->get['route'])) { $action = new Action($request->get['route']); } else { $action = new Action('common/home'); } // Dispatch $controller->dispatch($action, new Action('error/not_found')); // Output $response->output();
protected function load($file) { return Helper::load($file); }
/** * Generate a random entity key. Using when creating an entity. * @param int $chars * @param int $groups * @param string $delimiter * @param bool $lowcase * @return string */ private function _genEntityKey($chars = 8, $groups = 1, $delimiter = '', $lowcase = true) { Helper::load('guid'); return guidGet($chars, $groups, $delimiter, $lowcase); }
function __construct() { // 验证签名 $this->verifySign(); $this->m_article = Helper::load('Article'); }
static function create_new_user_token() { # run only in CLI mode if (php_sapi_name() !== 'cli') { throw new HelperException('allowed in CLI mode only.'); } # check if client is loaded $helper = new Helper(); if ($helper->load(true)) { # configure client to get refresh token $helper->client->setAccessType('offline'); # create auth url $auth_url = $helper->client->createAuthUrl(); # request authorization print "\nplease visit:\n{$auth_url}\n\n"; print "copy and paste the auth code here:\n"; $auth_code = trim(fgets(STDIN)); # exchange auth code for access token $access_token = $helper->client->authenticate($auth_code); # write access token to file if (file_exists($helper->_path_keys . $helper->_file_user_token)) { rename($helper->_path_keys . $helper->_file_user_token, $helper->_path_keys . time() . '_' . $helper->_file_user_token); } file_put_contents($helper->_path_keys . $helper->_file_user_token, $access_token); print "\nuser token saved\n\n"; } else { throw new HelperException('error loading helper.'); } }
/** * Constructor. */ public final function __construct() { Helper::load('html'); }
function eavCreateForm($form_id, array $attributes, $action = '') { // Print form javascript to View object print eavCreateFormValidationJS($form_id, $attributes); if (empty($action)) { $action = uriFull(); } // Print open tag print formOpen($action, array('id' => $form_id, 'class' => '-i-form', 'method' => 'POST')); // Print form fields foreach ($attributes as $field) { // Create form field if ($field->backend_object != null) { // Parse helper name and function name $field_helper = explode('/', $field->backend_object, 2); if (isset($field_helper[0]) and isset($field_helper[1])) { // Load required helper Helper::load($field_helper[0]); if (function_exists($field_helper[1])) { // And execute the function print call_user_func($field_helper[1], $field); } } } } // Print submit print formSubmit(array('class' => '-b-button', 'name' => 'submit', 'value' => __('Save'))); // Close form print formClose(); }
/** * Returns an A tag. * @param string $url * @param string $title * @param string $class * @return string */ function htmlA($url, $title, $class = '') { Helper::load('uri'); return '<a' . (empty($class) ? '' : ' class="' . $class . '"') . ' href="' . uriSite($url) . '">' . $title . "</a>" . EXIDO_EOL; }
public function testLoadAcceptance() { $this->assertEquals('<link rel="stylesheet" media="all" type="text/css" href="/css/test/file.css" />', (string) Helper::load('/css/test/file.css')); }
/** * Constructor. Load helpers */ public function __construct() { // Load helpers Helper::load('file', 'date'); }
/** * XSS Cleaner * * Sanitizes data so that Cross Site Scripting Hacks can be * prevented. This function does a fair amount of work but * it is extremely thorough, designed to prevent even the * most obscure XSS attempts. Nothing is ever 100% foolproof, * of course, but I haven't been able to get anything passed * the filter. * * Note: This function should only be used to deal with data * upon submission. It's not something that should * be used for general runtime processing. * * This function was based in part on some code and ideas I * got from Bitflux: http://channel.bitflux.ch/wiki/XSS_Prevention * * To help develop this script I used this great list of * vulnerabilities along with a few other hacks I've * harvested from examining vulnerabilities in other programs: * http://ha.ckers.org/xss.html * * @param mixed $str * @return string */ public function cleanXSS($str) { // Recursive cleaning if (is_array($str)) { while (list($key) = each($str)) { $str[$key] = $this->cleanXSS($str[$key]); } return $str; } Helper::load('string'); // Remove invisible characters $str = stringRemoveInvisibleChars($str); // Validate Entities in URLs $str = $this->_validateEntities($str); // URL Decode // Just in case stuff like this is submitted: // <a href="http://%77%77%77%2E%67%6F%6F%67%6C%65%2E%63%6F%6D">Google</a> // Note: Use rawurldecode() so it does not remove plus signs $str = rawurldecode($str); // Convert character entities to ASCII // This permits our tests below to work reliably. // We only convert entities that are within tags since // these are the ones that will pose security problems. $str = preg_replace_callback("/[a-z]+=([\\'\"]).*?\\1/si", array($this, '_convertAttribute'), $str); $str = preg_replace_callback("/<\\w+.*?(?=>|<|\$)/si", array($this, '_decodeEntity'), $str); // Remove Invisible Characters Again! $str = stringRemoveInvisibleChars($str); // Convert all tabs to spaces // This prevents strings like this: ja vascript // NOTE: we deal with spaces between characters later. // NOTE: preg_replace was found to be amazingly slow here on // large blocks of data, so we use str_replace. if (strpos($str, "\t") !== false) { $str = str_replace("\t", ' ', $str); } // Remove Strings that are never allowed $str = $this->_doNeverAllowed($str); // Makes PHP/XML tags safe $str = str_replace(array('<?', '?' . '>'), array('<?', '?>'), $str); // Compact any exploded words // This corrects words like: j a v a s c r i p t // These words are compacted back to their correct state. $words = array('javascript', 'expression', 'vbscript', 'script', 'base64', 'applet', 'alert', 'document', 'write', 'cookie', 'window'); foreach ($words as $word) { $temp = ''; for ($i = 0, $wordlen = strlen($word); $i < $wordlen; $i++) { $temp .= substr($word, $i, 1) . "\\s*"; } // We only want to do this when it is followed by a non-word character // That way valid stuff like "dealer to" does not become "dealerto" $str = preg_replace_callback('#(' . substr($temp, 0, -3) . ')(\\W)#is', array($this, '_compactExplodedWords'), $str); } // Remove disallowed Javascript in links or img tags // We used to do some version comparisons and use of stripos for PHP5, // but it is dog slow compared to these simplified non-capturing // preg_match(), especially if the pattern exists in the string do { $original = $str; if (preg_match("/<a/i", $str)) { $str = preg_replace_callback("#<a\\s+([^>]*?)(>|\$)#si", array($this, '_jsLinkRemoval'), $str); } elseif (preg_match("/<img/i", $str)) { $str = preg_replace_callback("#<img\\s+([^>]*?)(\\s?/?>|\$)#si", array($this, '_jsImgRemoval'), $str); } elseif (preg_match("/script/i", $str) or preg_match("/xss/i", $str)) { $str = preg_replace("#<(/*)(script|xss)(.*?)\\>#si", '[removed]', $str); } else { } } while ($original != $str); unset($original); // Remove evil attributes such as style, onclick and xmlns $str = $this->_removeEvilAttributes($str); /* * Sanitize naughty HTML elements * * If a tag containing any of the words in the list * below is found, the tag gets converted to entities. * * So this: <blink> * Becomes: <blink> */ $naughty = 'alert|applet|audio|basefont|base|behavior|bgsound|blink|body|embed|expression|form|frameset|frame|head|html|ilayer|iframe|input|isindex|layer|link|meta|object|plaintext|style|script|textarea|title|video|xml|xss'; $str = preg_replace_callback('#<(/*\\s*)(' . $naughty . ')([^><]*)([><]*)#is', array($this, '_sanitizeNaughtyHtml'), $str); /* * Sanitize naughty scripting elements * * Similar to above, only instead of looking for * tags it looks for PHP and JavaScript commands * that are disallowed. Rather than removing the * code, it simply converts the parenthesis to entities * rendering the code un-executable. * * For example: eval('some code') * Becomes: eval('some code') */ $str = preg_replace('#(alert|cmd|passthru|eval|exec|expression|system|fopen|fsockopen|file|file_get_contents|readfile|unlink)(\\s*)\\((.*?)\\)#si', "\\1\\2(\\3)", $str); // Final clean up // This adds a bit of extra precaution in case // something got through the above filters return $this->_doNeverAllowed($str); }
public function loadHelper($helper) { $helper_class = Inflector::camelize($helper) . 'Helper'; Helper::load($helper_class); return $this->loadedHelpers[$helper] = new $helper_class($this); }
/** * Execute cron tasks * @return bool */ public final function index() { Helper::load('date'); // Get config $cron = Exido::config('cron'); if (!$cron->cron_enabled) { print __('System cron disabled.'); return false; } if (!is_array($cron->cron_allowed_ip)) { $cron->cron_allowed_ip = array($cron->cron_allowed_ip); } // Get the client IP $ip_block = $this->input->ip(true); Helper::load('ip'); foreach ($cron->cron_allowed_ip as $ip) { if ($range = ipRangeParser($ip)) { if (!ipCheckRange($ip_block, $range[0], $range[1])) { if ($range[0] == $range[1]) { print sprintf(__("Your IP %s doesn't match in allowed IP %s"), $this->input->ip(), $ip); } else { print sprintf(__("Your IP %s doesn't match in allowed range %s"), $this->input->ip(), $ip); } return false; } } else { print sprintf(__("Incorrect IP range %s"), $ip); return false; } } $local = dateGetLocal('%M %H %e %m %u'); $srv_time = explode(' ', $local); array_unshift($srv_time, $local); if (is_array($cron->cron_job_list)) { foreach ($cron->cron_job_list as $job_name => $job_data) { if (isset(self::$_has_run[$job_name])) { continue; } $this->_log[$job_name] = ''; // Check job time if (!preg_match('/^([0-9\\*]{1,2})\\s([0-9\\*]{1,2})\\s([0-9\\*]{1,2})\\s([0-9\\*]{1})\\s([0-9\\*]{1})$/', $job_data['starting_at'], $job_time)) { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = sprintf(__('Incorrect starting time for job %s'), $job_name); continue; } // Check day of week if (is_numeric($job_time[5]) and $srv_time[5] != $job_time[5]) { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = __("Is omitted due the week day doesn't match the scheduled day"); continue; } // Check month if (is_numeric($job_time[4]) and $srv_time[4] != $job_time[4]) { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = __("Is omitted due the month doesn't match the scheduled month"); continue; } // Check day of month if (is_numeric($job_time[3]) and $srv_time[3] != $job_time[3]) { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = __("Is omitted due the day of month doesn't match the scheduled day"); continue; } // Check hour if (is_numeric($job_time[2]) and $srv_time[2] != $job_time[2]) { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = __("Is omitted due the hour doesn't match the scheduled hour"); continue; } // Check minute if (is_numeric($job_time[1]) and $srv_time[1] != $job_time[1]) { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = __("Is omitted due the minute doesn't match the scheduled minute"); continue; } // Here we go // Mark job as running self::$_has_run[$job_name] = $job_name; // Check the callback functions if (isset($job_data['callback']) and is_array($job_data['callback']) and !empty($job_data['callback'])) { foreach ($job_data['callback'] as $callback) { // Try to explode by ":" // If it is, so we're using a method from an object if ($func = explode(':', $callback) and count($func) > 1) { // Call method $this->_log[$job_name][$callback]['status'] = true; $this->_log[$job_name][$callback]['result'] = $this->model($func[0])->{$func}[1](); } else { // Instead we're using a function // Call function if (function_exists($callback)) { $this->_log[$job_name][$callback]['status'] = true; $this->_log[$job_name][$callback]['result'] = $callback(); } else { $this->_log[$job_name][$callback]['status'] = true; $this->_log[$job_name][$callback]['result'] = sprintf(__('Call to undefined cron function %s()'), $callback); } } } } else { $this->_log[$job_name]['status'] = false; $this->_log[$job_name]['result'] = __('Nothing to do'); } unset(self::$_has_run[$job_name]); } } // TODO: Make the log showing pre($this->_log); }
function __construct() { $this->m_city = Helper::load('City'); $this->m_region = Helper::load('Region'); $this->m_province = Helper::load('Province'); }
function __construct() { $this->verifySign(); $this->m_user = Helper::load('User'); }
/** * Initializes the core. * @return bool */ public static function initialize() { if (self::$_init) { // Do not allow to execution twice return false; } self::$_init = true; // Determine if we are running in a Windows environment self::$is_win = DIRECTORY_SEPARATOR === '\\'; // Load the logger self::$log = Log::instance(); // Load the default configuration files self::$config = Config::instance()->attach(new Config_File()); // Load the i18n class self::$i18n = I18n::instance(); // Enable debug log if (self::$log_debug) { self::$log->attach(new Log_File(APPPATH . 'data/log/debug'), array('EXIDO_DEBUG_LOG')); self::$log->add('EXIDO_DEBUG_LOG', 'Initialize framework'); } // Enable error log if (self::$log_error) { self::$log->attach(new Log_File(APPPATH . 'data/log/error'), array('EXIDO_ERROR_LOG')); } // Determine if we are running in a command line environment self::$is_cli = PHP_SAPI === 'cli'; // Check if we have an Ajax request self::$is_xml = Input::instance()->isXmlRequest(); // Load helpers Helper::load('lang', 'uri'); // Check if we can use gZIP compression self::$use_gzip = strstr(Input::instance()->server('HTTP_ACCEPT_ENCODING'), "gzip") !== false and extension_loaded("zlib"); // Start output buffering ob_start(array(__CLASS__, 'outputBuffer')); // Save buffering level self::$_buffer_level = ob_get_level(); Event::add('system.routing', array('Router', 'getUri')); Event::add('system.routing', array('Router', 'initialize')); Event::add('system.execute', array(__CLASS__, 'instance')); Event::add('system.shutdown', array(__CLASS__, 'shutdown')); return true; }
/** * Attempts to determine the current URI using CLI, GET, PATH_INFO, ORIG_PATH_INFO, or PHP_SELF. * @return bool * @throws Exception_Exido */ public static function getUri() { // Debug log if (Exido::$log_debug) { Exido::$log->add('EXIDO_DEBUG_LOG', 'Determine current URI'); } Helper::load('input'); // Trying to detect the URI if (inputServer('PATH_INFO')) { self::$current_uri = inputServer('PATH_INFO'); } elseif (inputServer('ORIG_PATH_INFO')) { self::$current_uri = inputServer('ORIG_PATH_INFO'); } elseif (inputServer('REQUEST_URI')) { self::$current_uri = inputServer('REQUEST_URI'); } else { throw new Exception_Exido(__("Can't detect URI")); } // Remove slashes from the start and end of the URI self::$current_uri = trim(self::$current_uri, '/'); if (self::$current_uri !== '') { if ($suffix = Exido::config('global.core.url_suffix') and strpos(self::$current_uri, $suffix) !== false) { // Remove the URL suffix self::$current_uri = preg_replace('#' . preg_quote($suffix) . '$#u', '', self::$current_uri); // Set the URL suffix self::$url_suffix = $suffix; } // Find index file name if ($indexfile = Exido::config('global.core.index_file') and $indexpos = strpos(self::$current_uri, $indexfile) and $indexpos !== false) { // Remove the index file name self::$current_uri = substr(self::$current_uri, 0, $indexpos); } // Reduce multiple slashes into single slashes self::$current_uri = preg_replace('#//+#', '/', self::$current_uri); } return true; }