function request($type, $url, $get = [], $post = [])
{
$developer = cookie::developer();
if ($developer) {
$get['_mode'] = 'developer';
}
$request = ['method' => $type, 'protocol_version' => '1.1', 'header' => 'Connection: Close'];
foreach ($post as $name => &$param) {
if (is_array($param) and empty($param)) {
$param = '_empty_array';
}
}
if (!empty($post)) {
$request['header'] .= "\r\nContent-type: application/x-www-form-urlencoded";
$request['content'] = http_build_query($post);
}
$ctx = stream_context_create(['http' => $request]);
$response = file_get_contents($this->endpoint . (empty($get) ? $url : $url . '?' . http_build_query($get)), false, $ctx);
$object = json::decode($response, true);
if (is_null($object)) {
if ($developer) {
var_dump($response);
die;
} else {
throw new Exception("Error Processing Request", 1);
}
}
$content = $object['content'];
return (is_object($content) or is_array($content) and array_values($content) !== $content) ? (object) $content : $content;
}
static function required($perm_name, $item)
{
// Original code from the required function in modules/gallery/helpers/access.php.
if (!access::can($perm_name, $item)) {
if ($perm_name == "view") {
// Treat as if the item didn't exist, don't leak any information.
throw new Kohana_404_Exception();
} else {
access::forbidden();
}
// Begin rWatcher modifications.
// Throw a 404 error when a user attempts to access a protected item,
// unless the password has been provided, or the user is the item's owner.
} elseif (module::get_var("albumpassword", "hideonly") == false) {
$item_protected = ORM::factory("albumpassword_idcache")->where("item_id", "=", $item->id)->order_by("cache_id")->find_all();
if (count($item_protected) > 0) {
$existing_password = ORM::factory("items_albumpassword")->where("id", "=", $item_protected[0]->password_id)->find();
if ($existing_password->loaded()) {
if (cookie::get("g3_albumpassword") != $existing_password->password && identity::active_user()->id != $item->owner_id && !identity::active_user()->admin) {
throw new Kohana_404_Exception();
}
}
}
}
}
/**
* Methode : page de détail d'une user
*/
public function show($idQuete = false)
{
if (!$idQuete || !is_numeric($idQuete)) {
return parent::redirect_erreur('quetes');
}
cookie::set('UserFilesPath', url::base() . '../images/quetes/' . $idQuete);
cookie::set('UserFilesAbsolutePath', DOCROOT . '../images/quetes/' . $idQuete);
if (!cookie::get('UserFilesPath')) {
return url::redirect('quetes/show/' . $idQuete);
}
if (!($quete = $this->quete->select(array('id_quete' => $idQuete), 1))) {
return parent::redirect_erreur('quetes');
}
if (!($module = Map_Model::instance()->select(array('module_map' => 'quete'), false))) {
return url::redirect('regions?msg=' . urlencode(Kohana::lang('quete.no_module')));
}
$this->script = array('js/lib/jquery.validate', 'js/lib/jquery.facebox', 'js/quetes');
$this->css = array('form', 'quete', 'facebox');
$this->template->titre = array(Kohana::lang('quete.all_quetes') => 'quetes', Kohana::lang('quete.show_title', ucfirst(mb_strtolower($quete->title))) => NULL);
$this->template->button = TRUE;
$this->template->navigation = parent::navigation($idQuete, 'id_quete', 'quetes');
$this->template->contenu = new View('formulaire/form');
$this->template->contenu->action = 'quetes/save';
$this->template->contenu->id = $idQuete;
$this->template->contenu->formulaire = new View('quetes/show');
$this->template->contenu->formulaire->row = $quete;
$this->template->contenu->formulaire->module = $module;
$this->template->contenu->formulaire->bots = Map_Model::instance()->select(array('module_map' => 'fight'), false);
$this->template->contenu->formulaire->quete = $this->quete->select(array('id_quete !=' => $idQuete));
}
function init() {
$user='';
$guest = front::get('guest');
if($guest=='1'&&config::get('opguestadd')) {
$user = '******';
}else {
if(cookie::get('login_username') &&cookie::get('login_password')) {
$user=new user();
$user=$user->getrow(array('username'=>cookie::get('login_username')));
}
}
if(cookie::get('login_username') &&cookie::get('login_password')) {
$guestuser=new user();
$guestuser=$guestuser->getrow(array('username'=>cookie::get('login_username')));
}
$this->view->guestuser = $guestuser;
if(!$user &&front::$act != 'login'&&front::$act != 'register') front::redirect(url::create('user/login'));
$this->view->user=$user;
$this->_user=new user;
$this->table=front::get('manage');
if($this->table <>'archive'&&$this->table <>'orders') exit('PAGE NOT FOUND!');
$this->_table=new $this->table;
$this->_table->getFields();
$this->view->form=$this->_table->get_form();
$this->_pagesize=config::get('manage_pagesize');
$this->view->manage=$this->table;
$this->view->primary_key=$this->_table->primary_key;
if(!front::get('page')) front::$get['page']=1;
$manage='table_'.$this->table;
$this->manage=new $manage;
}
public function logout()
{
cookie::queue('uid', null, -1);
cookie::queue('name', null, -1);
cookie::queue('phone', null, -1);
return redirect('/');
}
public function action_index()
{
$this->template->content = View::factory('admin/projects/create')->bind('post', $post)->bind('errors', $errors)->bind('associates', $assoc);
$assoc = DB::query(Database::SELECT, 'SELECT id, name FROM associates ORDER BY name')->execute()->as_array('id', 'name');
// Add an option for "no associate"
arr::unshift($assoc, 0, '- none -');
$post = Validate::factory($_POST)->filter(TRUE, 'trim')->rule('title', 'not_empty')->rule('title', 'regex', array('/^[\\pL\\pP\\s]{4,255}$/iu'))->rule('associate_id', 'not_empty')->rule('associate_id', 'in_array', array(array_keys($assoc)))->rule('completed', 'not_empty')->rule('completed', 'date')->rule('website', 'regex', array('#^https?://.+$#'));
if ($post->check($errors)) {
if (empty($post['associate_id'])) {
// Make the associate NULL
$post['associate_id'] = NULL;
// Use only the title for the slug
$post['slug'] = url::title($post['title']);
} else {
// Use the title with associate for the slug
$post['slug'] = url::title($post['title']) . '/with/' . url::title($assoc[$post['associate_id']]);
}
if (empty($post['website'])) {
// Make the website value NULL
$post['website'] = NULL;
}
// Get the values of the array
$values = $post->as_array();
// Convert the completed date into a timestamp
$values['completed'] = strtotime($values['completed']);
$query = DB::query(Database::INSERT, 'INSERT INTO projects (title, associate_id, completed, website, slug) VALUES (:values)')->bind(':values', $values)->execute();
// Set a cookie message
cookie::set('message', 'Created new project with an ID of ' . $query);
// Redirect back to the same page
$this->request->redirect(url::site($this->request->uri));
}
}
function index_action() {
if (front::post('submit')) {
if (!front::post('ballot')) {
front::alert(lang('Please_select_vote'));
return false;
}
if (config::get('checkip')) {
$time=cookie::get('vttime');
if (time() -$time <config::get('timer') * 60) {
front::alert(lang('You_have_voted'));
return false;
}
}
$bid=front::$post['bid'];
if (is_array(front::$post['ballot'])) {
$ids=implode(',',front::$post['ballot']);
}
else {
$ids=front::$post['ballot'];
}
if(preg_match('/(select|union|and|\'|"|\))/i',$ids)){
exit('非法参数');
}
if(preg_match('/(select|union|and|\'|"|\))/i',$bid)){
exit('非法参数');
}
$where="id in($ids)";
$data='num=num+1';
$option=new option();
$option->rec_update($data,$where);
$this->_table->rec_update($data,$bid);
cookie::set('vttime',time(),time() +3600 * 24);
front::alert(lang('Successful_vote'));
}
}
static function start($salt, $expire = null, $domain = null, $path = '/')
{
self::$salt = $salt;
self::$expire = $expire;
self::$domain = $domain;
self::$path = $path;
}
/**
* Methode : page de détail d'un article
*/
public function show($idActualite = FALSE)
{
if (!$idActualite || !is_numeric($idActualite)) {
return parent::redirect_erreur('articles');
}
cookie::set('UserFilesPath', url::base() . '../images/articles/' . $idActualite);
cookie::set('UserFilesAbsolutePath', DOCROOT . '../images/articles/' . $idActualite);
if (!cookie::get('UserFilesPath')) {
return url::redirect('articles/show/' . $idActualite);
}
if (!($actualite = $this->acticles->select(array('id_article' => $idActualite), TRUE))) {
return parent::redirect_erreur('articles');
}
$actualiteCategories = $this->acticles->selectListeCategories();
$this->script = array('js/lib/jquery.validate', 'js/articles');
$this->css = array('form', 'article');
$this->template->titre = array(Kohana::lang('article.all_article') => 'articles', $actualite->title => NULL);
$this->template->button = TRUE;
$this->template->navigation = $this->acticles->navigation($idActualite, 'id_article', 'articles');
$this->template->navigationURL = 'articles/show';
$this->template->contenu = new View('formulaire/form');
$this->template->contenu->action = 'articles/save';
$this->template->contenu->id = $idActualite;
$this->template->contenu->formulaire = new View('articles/show');
$this->template->contenu->formulaire->row = $actualite;
$this->template->contenu->formulaire->actualiteCategories = $actualiteCategories;
$this->template->contenu->formulaire->regions = Region_Model::instance()->listing_parent();
}
public function __construct(Request $request)
{
// Delete the authorization
cookie::delete('authorized');
// Redirect to the login page
$request->redirect(url::site($request->uri(array('controller' => NULL))));
// Do not call anything here, redirect has already halted execution.
}
/**
* Log a user out and remove any auto-login cookies.
*
* @param boolean completely destroy the session
* @return boolean
*/
public function logout($destroy)
{
if (cookie::get('authautologin')) {
// Delete the autologin cookie to prevent re-login
cookie::delete('authautologin');
}
return parent::logout($destroy);
}
function __construct()
{
// Check and see if this is being run from the command line
define('IS_CLI', 'cli' == PHP_SAPI);
parent::__construct();
Footsteps::step();
$this->template->title = ucwords(router::$method);
$this->session = Session::instance();
$this->template->robots = '';
if (router::$controller != 'page') {
if (!Auth::instance()->logged_in() and !cookie::get('qaargh_visited', false, true)) {
$this->session->set_flash('notice', 'It looks like this is your first time here. Click "home" to find out more about Q-Aargh!');
cookie::set(array('name' => 'qaargh_visited', 'value' => true, 'expire' => 31536000));
}
} else {
cookie::set(array('name' => 'qaargh_visited', 'value' => true, 'expire' => 31536000));
}
try {
$this->template->view = new View(strtolower(router::$controller . '/' . router::$method));
} catch (Exception $e) {
$this->template->view = new View('error/missing_view');
}
if (Auth::instance()->logged_in()) {
$this->template->menu = new View('menu/logged_in');
} else {
$this->template->menu = new View('menu/logged_out');
}
// Handle built-in authorization
if (array_key_exists(router::$method, $this->auth_required)) {
// If it's in the array, you must at least be logged in.
if (!Auth::instance()->logged_in()) {
$this->session->set_flash('error', Kohana::lang('general.login_required'));
url::redirect("/user/login");
}
$authorized = false;
// If it's *, then being logged in is enough
if ('*' == $this->auth_required[router::$method]) {
$authorized = true;
} else {
if (is_array($this->auth_required[router::$method])) {
foreach ($this->auth_required[router::$method] as $right) {
if (Auth::instance()->logged_in($right)) {
$authorized = false;
break;
}
}
} else {
if (Auth::instance()->logged_in($this->auth_required[router::$method])) {
$authorized = false;
}
}
}
if (!$authorized) {
$this->session->set_flash('error', Kohana::lang('general.insufficient_privileges'));
url::redirect("/user");
}
}
}
function __construct()
{
$this->session = session::getInstance();
$this->post = post::getInstance();
$this->get = get::getInstance();
$this->http = http::getInstance();
$this->file = file::getInstance();
$this->cookie = cookie::getInstance();
}
/**
* 显示购物车内容
*
* @return array
*
* @example 返回数据类型为:array(array(商品ID, 商品名称, 商品数量, 商品单价, array(其实信息)), array(...));
*/
public function readCart()
{
// 从购物车cookie中读取数据
$data = cookie::get($this->cartName);
if (!$data) {
return false;
}
return $data;
}
function index()
{
//判断用户是否是已经登录状态
$data = role::get_manager();
if ($data['id'] > 0) {
$data['success'] = 'true';
$data['msg'] = 1;
} else {
$data['success'] = 'false';
$data['msg'] = 1;
}
$username = $this->input->post('username');
$password = $this->input->post('password');
$secode = $this->input->post('secode');
$remember = $this->input->post('remember');
$data['success'] = 'false';
//验证登录
$manager = role::log_in($username, $password);
if (isset($manager['username'])) {
//判断普通账号的状态、权限
if (!role::is_root($manager['username'])) {
if ($manager['active'] != 1) {
ulog::login($manager['id'], 1);
$data['msg'] = Kohana::lang('o_global.account_was_locked');
}
$actions = role::manager_actions($manager['id'], TRUE);
if (count($actions) < 1) {
ulog::login($manager['id'], 2);
$data['msg'] = Kohana::lang('o_global.account_permission_enough');
}
}
//是否记录用户名
if ($remember == 1) {
cookie::set('opococ_username', $username);
} else {
cookie::delete('opococ_username');
}
//清除记录登录错误记录
//Session::instance()->delete('login_error_count');
//记入SESSION
role::set_manager_session($manager);
//记录日志
ulog::login($manager['id']);
$data['success'] = 'true';
$data['msg'] = 1;
/*if(empty($request_url))
{
remind::set(Kohana::lang('o_global.login_success'), '/index', 'success');
}
else
{
$request_url = url::base() . urldecode($request_url);
remind::set(Kohana::lang('o_global.login_success'), $request_url, 'success');
}*/
}
die(json_encode($data));
}
static function clear($key = null)
{
$key = cookie::close_key($key, false);
if ($key === cookie::close_key(null, false)) {
session_unset();
} else {
unset($_SESSION[$key]);
}
}
public function __construct()
{
$this->registry = registry::getInstance();
$this->path = $this->registry["path"];
$this->html = html::getInstance();
$this->session = session::getInstance();
$this->cookie = cookie::getInstance();
$this->ajax = new ajax();
$this->l10n = l10n::getInstance();
}
/**
* 构造函数
*/
public function __construct()
{
$cookie = cookie::get(COOKIE_KEY);
if (!$cookie) {
redirect('./');
return;
}
view::assign('setting', madmin::get_setting());
view::assign('now', time());
}
protected static function kill()
{
self::$user = null;
// overwrite the token
$token = str::random();
// the cookie is valid for 24 hours
cookie::set('authFrontend', $token, 60 * 60 * 24);
// restart the session
s::restart();
}
public function getReferral()
{
$chkCookie = cookie::exists(COOKIE_SPONSOR_NAME);
if ($chkCookie) {
$referral = cookie::get(COOKIE_SPONSOR_NAME);
} else {
$referral = NULL;
}
return $referral;
}
/**
* Nullify and unset a cookie.
*
* @param string cookie name
* @param string URL path
* @param string URL domain
* @return boolean
*/
public static function delete($name, $path = NULL, $domain = NULL)
{
if (!isset($_COOKIE[$name])) {
return FALSE;
}
// Delete the cookie from globals
unset($_COOKIE[$name]);
// Sets the cookie value to an empty string, and the expiration to 24 hours ago
return cookie::set($name, '', -86400, $path, $domain, FALSE, FALSE);
}
/**
* 設置或讀取訂單信息
* @param $ary
* @return array
*/
static function oInfo($ary = null)
{
if ($ary) {
cookie::set('order', json_encode($ary));
} else {
$oinfo = cookie::get('order');
$ary = json_decode($oinfo, true);
!$ary && ($ary = array());
return $ary;
}
}
function init() {
if(cookie::get('login_username') &&cookie::get('login_password')) {
$user=new user();
$user=$user->getrow(array('username'=>cookie::get('login_username')));
if(is_array($user) &&cookie::get('login_password')==front::cookie_encode($user['password'])) {
$this->view->user=$user;
$this->view->usergroupid=$user['groupid'];
}
}
else $this->view->usergroupid=0;
}
public function __construct()
{
parent::__construct();
$this->cookie = cookie::getInstance();
if (!defined('GESHI_VERSION') and file_exists(Absolute_Path . "app/plugins/geshi/GeSHi.php")) {
require_once Absolute_Path . "app/plugins/geshi/GeSHi.php";
}
$this->addAction('index_comment_added', 'usersNotify');
$this->addAction('index_comment_added', 'adminNotify');
$this->addAction('comment_approbed', 'notify');
}
public function after()
{
if ($this->auto_render === TRUE and !$this->_ajax) {
$this->template->content = View::factory('template/admin')->set('content', $this->template->content)->bind('menu', $menu);
if ($this->_current_user) {
// Display these menu items as controller
$menu = array('projects', 'users', 'logout');
}
}
parent::after();
// Delete any existing message cookie
cookie::delete('message');
}
function logout_action() {
cookie::del('login_username');
cookie::del('login_password');
session::del('username');
session::del('roles');
require_once ROOT.'/celive/include/config.inc.php';
require_once ROOT.'/celive/include/celive.class.php';
$login=new celive();
$login->auth();
$GLOBALS['auth']->logout();
$GLOBALS['auth']->check_logout1();
front::redirect(url::create('index'));
}
static function viewable($model)
{
// Hide password protected albums until the correct password is entered,
// unless the current user is an admin, or the albums owner.
$model = item_Core::viewable($model);
// If the user is an admin, don't hide anything anything.
// If not, hide whatever is restricted by an album password
// that the current user is not the owner of.
if (!identity::active_user()->admin) {
$model->and_open()->join("items_albumpasswords", "items.id", "items_albumpasswords.album_id", "LEFT OUTER")->and_where("items_albumpasswords.album_id", "IS", NULL)->or_where("items_albumpasswords.password", "=", cookie::get("g3_albumpassword"))->or_where("items.owner_id", "=", identity::active_user()->id)->close();
}
return $model;
}
public function do_login(Validate $array, $field, array $errors)
{
if (empty($errors) and isset($array['username']) and isset($array['password'])) {
$query = DB::query(Database::SELECT, 'SELECT password FROM users WHERE username = :username')->bind(':username', $array['username'])->execute();
if (sha1($array['password']) === $query->get('password')) {
// User is authorized
cookie::set('authorized', $array['username']);
} else {
// Invalid login
$errors['username'] = '******';
}
}
return $errors;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
$path = $request->getPathInfo();
$uid = cookie::get('uid');
$redirectPath = cookie::get('redirectPath') ? cookie::get('redirectPath') : '/';
if (in_array($path, array('/login', '/register', '/loginDo', '/registerDo')) && !empty($uid)) {
return redirect($redirectPath);
}
$pathArray = array('/send', '/sendDo', '/success');
if (in_array($path, $pathArray) && empty($uid)) {
return redirect("login");
}
return $next($request);
}
static function site_menu($menu, $theme)
{
// Add menu options for Adding / Removing / Using passwords to the menu.
// If this page doesn't belong to an item, don't display the menu.
if (!$theme->item()) {
return;
}
$item = $theme->item();
// If there isn't currently a password stored in the cookie,
// then display the enter password link.
if (cookie::get("g3_albumpassword") == "") {
$menu->append(Menu::factory("dialog")->id("albumpassword_login")->css_id("g-album-password-login")->url(url::site("albumpassword/login"))->label(t("Unlock albums")));
} else {
// If a password has been entered already
// display the log out link, and links to the protected albums
$menu->append(Menu::factory("submenu")->id("albumpassword_protected")->css_id("g-album-password-protected")->label(t("Protected albums")));
$menu->get("albumpassword_protected")->append(Menu::factory("link")->id("albumpassword_logout")->css_id("g-album-password-logout")->url(url::site("albumpassword/logout"))->label(t("Clear password")));
$existing_password = "";
if (cookie::get("g3_albumpassword_id") != "") {
$existing_password = ORM::factory("items_albumpassword")->where("password", "=", cookie::get("g3_albumpassword"))->where("id", "=", cookie::get("g3_albumpassword_id"))->find_all();
} else {
$existing_password = ORM::factory("items_albumpassword")->where("password", "=", cookie::get("g3_albumpassword"))->find_all();
}
if (count($existing_password) > 0) {
$counter = 0;
while ($counter < count($existing_password)) {
$item_album = ORM::factory("item")->where("id", "=", $existing_password[$counter]->album_id)->find();
$menu->get("albumpassword_protected")->append(Menu::factory("link")->id("albumpassword_album" . $counter)->label(html::purify($item_album->title))->css_id("g-album-password-album" . $counter)->url(url::abs_site("{$item_album->type}s/{$item_album->id}")));
$counter++;
}
}
}
// If this is an album without a password, display a link for assigning one.
// If this is an album with a password, display a link to remove it.
if ($item->is_album()) {
if (access::can("view", $item) && access::can("edit", $item)) {
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $item->id)->find_all();
if (count($existing_password) > 0) {
$menu->get("options_menu")->append(Menu::factory("link")->id("albumpassword_remove")->label(t("Remove password"))->css_id("g-album-password-remove")->url(url::site("albumpassword/remove/" . $item->id)));
} elseif ($item->id != 1) {
$passworded_subitems = ORM::factory("item", $item->id)->and_open()->join("albumpassword_idcaches", "items.id", "albumpassword_idcaches.item_id", "LEFT OUTER")->where("albumpassword_idcaches.item_id", "IS NOT", NULL)->close()->descendants();
$existing_cacheditem = ORM::factory("albumpassword_idcache")->where("item_id", "=", $item->id)->order_by("cache_id")->find_all();
if (count($existing_cacheditem) == 0 && count($passworded_subitems) == 0) {
$menu->get("options_menu")->append(Menu::factory("dialog")->id("albumpassword_assign")->label(t("Assign password"))->css_id("g-album-password-assign")->url(url::site("albumpassword/assign/" . $item->id)));
}
}
}
}
}
