function head_custom()
{
parent::head_custom();
//create upload token
$session_token = NonceUtil::generate('valid_session', 1800);
$upload_token = NonceUtil::generate('valid_token_upload', 1800);
$gallery_token = NonceUtil::generate('load_images', 1800);
$this->output_raw("<script>\n" . "var hw_imgur = {\r\n ajaxHandler: qa_root + 'qa-plugin/hw-imgur/ajax.php' ,\r\n session_token : '" . $session_token . "',\r\n upload_token : '" . $upload_token . "',\r\n gallery_token : '" . $gallery_token . "'\r\n };\r\n \n" . "</script>\n\n");
$this->output_raw("<script src=\"" . QA_HTML_THEME_LAYER_URLTOROOT . "/js/script.js\"></script>");
$this->output_raw("<script src=\"" . QA_HTML_THEME_LAYER_URLTOROOT . "/js/hw-jquery-plugin.js\"></script>");
$this->output_raw("<script src=\"" . QA_HTML_THEME_LAYER_URLTOROOT . "/js/jquery-ui.js\"></script>");
$this->output_raw("<link rel=\"stylesheet\" type=\"text/css\" href=\"" . QA_HTML_THEME_LAYER_URLTOROOT . "style.css\"/>");
//print iflychat
global $hw_iflychat;
//if(!empty($hw_iflychat)) echo $hw_iflychat->getHtmlCode();
if (!empty($this->ifly_html_code)) {
echo $this->ifly_html_code;
}
}
include_once 'lib/hw-imgur-api.php';
include_once 'functions.php';
//valid
$userid = qa_get_logged_in_userid();
if (!$userid) {
exit('Unauthorize');
}
//user must to login
$action = isset($_GET['action']) ? $_GET['action'] : '';
//action
$nonce = isset($_POST['_nonce']) ? $_POST['_nonce'] : '';
//nonce string
//return json data
$return = array();
//valid action token
if (!NonceUtil::check($action, $nonce)) {
$return['error'] = '1';
$return['result'] = 'invalid token';
$return['message'] = '[invalid token] Phiên làm việc đã hết, lưu bài viết và nạp lại trang để có thể sử dụng tính năng.';
hw_print_json_ajax($return);
exit;
}
if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
if (hw_allow_referer()) {
//authorize to get token
HW_IMGUR::init();
/**
* load images in album
*/
if ($action == 'load_images') {
$album = isset($_POST['al']) ? $_POST['al'] : 'bld18';
*/
require dirname(dirname(dirname(dirname(__FILE__)))) . '/qa-include/qa-base.php';
//include question2answer environment
require dirname(dirname(dirname(dirname(__FILE__)))) . '/qa-include/app/users.php';
//include question2answer environment
include_once dirname(dirname(dirname(__FILE__))) . '/hw-imgur/lib/hw-imgur-api.php';
include_once dirname(dirname(dirname(__FILE__))) . '/hw-imgur/functions.php';
//require logged in user
if (!qa_get_logged_in_userid()) {
exit('unauthorize');
}
$nonce = isset($_POST['_nonce']) ? $_POST['_nonce'] : '';
//nonce upload security
$return_json = array();
//valid action token
if (!NonceUtil::check('valid_token_upload', $nonce)) {
$return_json['error'] = 1;
$return_json['message'] = '[invalid token] Vui lòng load lại trang web.';
hw_print_json_ajax($return_json);
exit;
}
if (isset($_FILES['file'])) {
$file = $_FILES['file'];
//single file
$filename = $file['tmp_name'];
$name = basename($file["name"]);
//file name
$handle = fopen($filename, 'r');
$data = fread($handle, filesize($filename));
fclose($handle);
$pvars = array('image' => base64_encode($data));
<?php
ini_set('default_mimetype', 'text/plain');
ini_set('default_charset', 'ISO-8859-1');
define('NONCE_SECRET', 'jvTGophIQ108Pqw9Hej');
require_once 'NonceUtil.php';
print "generating a nonce with a 1 second lifetime.\n";
$nonce = NonceUtil::generate(NONCE_SECRET, 1);
print "check nonce (nonce should be valid): ";
$r = NonceUtil::check(NONCE_SECRET, $nonce);
var_dump($r);
print "\n";
print "generating a nonce with a 1 second lifetime.\n";
$nonce = NonceUtil::generate(NONCE_SECRET, 1);
print "wait 2 seconds.\n";
sleep(2);
print "check nonce (nonce should be invalid): ";
$r = NonceUtil::check(NONCE_SECRET, $nonce);
var_dump($r);
