/** * Convert special chars to html entities * * @param string $str * @param int $quote_stype * @param string $charset * @param boolean $double_encode * * @return string */ public static function htmlspecialchars($str, $quote_style = ENT_COMPAT, $charset = null, $double_encode = false) { if (version_compare(PHP_VERSION, '5.2.3', '>=')) { return htmlspecialchars($str, $quote_style, null == $charset ? self::$instance->getEncoding() : $charset, $double_encode); } else { return htmlspecialchars($str, $quote_style, null == $charset ? self::$instance->getEncoding() : $charset); } }
function printHTTPStatus404() { if ('cgi' == PMF_String::substr(php_sapi_name(), 0, 3) || isset($_SERVER['ALL_HTTP'])) { header('Status: 404 Not Found'); } else { header('HTTP/1.0 404 Not Found'); } exit; }
/** * Adds a post to Twitter * * @param string $question Question * @param string $tags String of tags * @param string $link URL to FAQ * * @return void */ public function addPost($question, $tags, $link) { $hashtags = ''; if ($tags != '') { $hashtags = '#' . str_replace(',', ' #', $tags); } $message = PMF_String::htmlspecialchars($question); $message .= ' ' . $hashtags; $message .= ' ' . $link; $this->connection->post('statuses/update', array('status' => $message)); }
function buildSitemapNode($location, $lastmod = null, $changeFreq = null, $priority = null) { if (!isset($lastmod)) { $lastmod = PMF_Date::createISO8601Date($_SERVER['REQUEST_TIME'], false); } if (!isset($changeFreq)) { $changeFreq = PMF_SITEMAP_GOOGLE_CHANGEFREQ_DAILY; } $node = '<url>' . '<loc>' . PMF_String::htmlspecialchars($location) . '</loc>' . '<lastmod>' . $lastmod . '</lastmod>' . '<changefreq>' . $changeFreq . '</changefreq>' . (isset($priority) ? '<priority>' . $priority . '</priority>' : '') . '</url>'; return $node; }
/** * Tracks the user and log what he did * * @param string $action Action string * @param integer $id Current ID * * @return void */ public function userTracking($action, $id = 0) { global $sid, $user, $botBlacklist; if ($this->_config->get('main.enableUserTracking')) { $bots = 0; $banned = false; $agent = $_SERVER['HTTP_USER_AGENT']; $sid = PMF_Filter::filterInput(INPUT_GET, PMF_GET_KEY_NAME_SESSIONID, FILTER_VALIDATE_INT); $sidc = PMF_Filter::filterInput(INPUT_COOKIE, self::PMF_COOKIE_NAME_SESSIONID, FILTER_VALIDATE_INT); if (!is_null($sidc)) { $sid = $sidc; } if ($action == 'old_session') { $sid = null; } foreach ($botBlacklist as $bot) { if ((bool) PMF_String::strstr($agent, $bot)) { $bots++; } } $network = new PMF_Network($this->_config); // if we're running behind a reverse proxy like nginx/varnish, fix the client IP $remoteAddr = $_SERVER['REMOTE_ADDR']; $localAddresses = array('127.0.0.1', '::1'); if (in_array($remoteAddr, $localAddresses) && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $remoteAddr = $_SERVER['HTTP_X_FORWARDED_FOR']; } // clean up as well $remoteAddr = preg_replace('([^0-9a-z:\\.]+)i', '', $remoteAddr); if (!$network->checkIp($remoteAddr)) { $banned = true; } if (0 == $bots && false == $banned) { if (!isset($sid)) { $sid = $this->_config->getDb()->nextId(PMF_Db::getTablePrefix() . 'faqsessions', 'sid'); // Sanity check: force the session cookie to contains the current $sid if (!is_null($sidc) && !$sidc != $sid) { self::setCookie(self::PMF_COOKIE_NAME_SESSIONID, $sid); } $query = sprintf("\n INSERT INTO \n %sfaqsessions\n (sid, user_id, ip, time)\n VALUES\n (%d, %d, '%s', %d)", PMF_Db::getTablePrefix(), $sid, $user ? $user->getUserId() : -1, $remoteAddr, $_SERVER['REQUEST_TIME']); $this->_config->getDb()->query($query); } $data = $sid . ';' . str_replace(';', ',', $action) . ';' . $id . ';' . $remoteAddr . ';' . str_replace(';', ',', isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '') . ';' . str_replace(';', ',', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '') . ';' . str_replace(';', ',', urldecode($_SERVER['HTTP_USER_AGENT'])) . ';' . $_SERVER['REQUEST_TIME'] . ";\n"; $file = './data/tracking' . date('dmY'); if (is_writeable($file)) { file_put_contents($file, $data, FILE_APPEND); } else { throw new PMF_Exception('Cannot write to ' . $file); } } } }
/** * Verlinkt einen Artikel dynamisch mit der Suche �ber die �bergebenen Schl�sselw�rter * * @param string $strHighlight * @param string $strSource * @param integer $intCount * @return string * @author Marco Enders <*****@*****.**> * @author Thorsten Rinne <*****@*****.**> */ public function setRelationLinks($strHighlight, $strSource, $intCount = 0) { global $in_content; $x = 0; $arrMatch = array(); PMF_String::preg_match_all('/(<a[^<>]*?>.*?<\\/a>)|(<.*?>)/is', $strSource, $arrMatch); $strSource = PMF_String::preg_replace('/(<a[^<>]*?>.*?<\\/a>)|(<.*?>)/is', '~+*# replaced html #*+~', $strSource); $x = $x + PMF_String::preg_match('/(' . preg_quote($strHighlight) . ')/ims', $strSource); $strSource = PMF_String::preg_replace('/(' . preg_quote($strHighlight) . ')/ims', '<a href="index.php?action=search&search=' . $strHighlight . '" title="Insgesamt ' . $intCount . ' Artikel zu diesem Schlagwort (' . $strHighlight . ') vorhanden. Jetzt danach suchen..." class="relation">$1</a>', $strSource); foreach ($arrMatch[0] as $html) { $strSource = PMF_String::preg_replace('/' . preg_quote('~+*# replaced html #*+~') . '/', $html, $strSource, 1); } if ($x == 0) { $in_content = false; } else { $in_content = true; } return $strSource; }
/** * Adds a image * * @param string path to the image * @return void * @access private */ function AddImage($image) { // Check, if image is stored locally or not if ('http' != PMF_String::substr($image, 0, 4)) { // Please note that the image must be accessible by HTTP NOT ONLY by HTTPS $image = 'http://' . EndSlash($_SERVER['HTTP_HOST']) . $image; } // Set a friendly User Agent $ua = ini_get('user_agent'); ini_set('user_agent', 'phpMyFAQ PDF Builder'); if (!($info = getimagesize($image))) { return; } if ($info[0] > 555) { $w = $info[0] / 144 * 25.4; $h = $info[1] / 144 * 25.4; } else { $w = $info[0] / 72 * 25.4; $h = $info[1] / 72 * 25.4; } // Check for the fpdf image type support if (isset($this->mimetypes[$info[2]])) { $type = $this->mimetypes[$info[2]]; } else { return; } $hw_ratio = $h / $w; $this->Write(5, ' '); if ($info[0] > $this->wPt) { $info[0] = $this->wPt - $this->lMargin - $this->rMargin; if ($w > $this->w) { $w = $this->w - $this->lMargin - $this->rMargin; $h = $w * $hw_ratio; } } $x = $this->GetX(); if ($this->GetY() + $h > $this->h) { $this->AddPage(); } $y = $this->GetY(); $this->Image($image, $x, $y, $w, $h, $type); $this->Write(5, ' '); $y = $this->GetY(); $this->Image($image, $x, $y, $w, $h, $type); if ($y + $h > $this->hPt) { $this->AddPage(); } else { if ($info[1] > 20) { $this->SetY($y + $h); } $this->SetX($x + $w); } // Unset the friendly User Agent restoring the original UA ini_set('user_agent', $ua); }
$metaDescription = PMF_Utils::makeShorterText(strip_tags($faqData['content']), 12); } } // // Handle the Tagging ID // $tag_id = PMF_Filter::filterInput(INPUT_GET, 'tagging_id', FILTER_VALIDATE_INT); if (!is_null($tag_id)) { $title = ' - ' . $oTag->getTagNameById($tag_id); $keywords = ''; } // // Handle the SiteMap // $letter = PMF_Filter::filterInput(INPUT_GET, 'letter', FILTER_SANITIZE_STRIPPED); if (!is_null($letter) && 1 == PMF_String::strlen($letter)) { $title = ' - ' . $letter . '...'; $keywords = $letter; } // // Found a category ID? // $cat = PMF_Filter::filterInput(INPUT_GET, 'cat', FILTER_VALIDATE_INT, 0); $cat_from_id = -1; $categoryPath = array(0); if (is_numeric($id) && $id > 0) { $categoryRelations = new PMF_Category_Relations(); foreach ($categoryRelations->fetchAll() as $relation) { if ($relation->record_id == $id) { $cat_from_id = $relation->category_id; break;
$current_groups = array(-1); $action = PMF_Filter::filterInput(INPUT_GET, 'action', FILTER_SANITIZE_STRING); $language = PMF_Filter::filterInput(INPUT_GET, 'lang', FILTER_SANITIZE_STRING, 'en'); $categoryId = PMF_Filter::filterInput(INPUT_GET, 'categoryId', FILTER_VALIDATE_INT); $recordId = PMF_Filter::filterInput(INPUT_GET, 'recordId', FILTER_VALIDATE_INT); // Get language (default: english) $Language = new PMF_Language(); $language = $Language->setLanguage($faqconfig->get('main.languageDetection'), $faqconfig->get('main.language')); // Set language if (PMF_Language::isASupportedLanguage($language)) { require 'lang/language_' . $language . '.php'; } else { require 'lang/language_en.php'; } $plr = new PMF_Language_Plurals($PMF_LANG); PMF_String::init($language); // Set empty result $result = array(); // Handle actions switch ($action) { case 'getVersion': $result = array('version' => $faqconfig->get('main.currentVersion')); break; case 'getApiVersion': $result = array('apiVersion' => (int) $faqconfig->get('main.currentApiVersion')); break; case 'search': $search = new PMF_Search($db, $Language); $searchString = PMF_Filter::filterInput(INPUT_GET, 'q', FILTER_SANITIZE_STRIPPED); $result = $search->search($searchString, false); $url = $faqconfig->get('main.referenceURL') . '/index.php?action=artikel&cat=%d&id=%d&artlang=%s';
?> '<?php print str_replace("\"", "´", $record['title']); ?> '"><?php print $record['title']; ?> </a> <?php if (isset($numCommentsByFaq[$record['id']])) { print " (" . $numCommentsByFaq[$record['id']] . " " . $PMF_LANG["ad_start_comments"] . ")"; } ?> </td> <td class="list" style="width: 48px;"><?php print PMF_String::substr($record['date'], 0, 10); ?> </td> <td class="list" style="width: 96px;"><?php print $linkverifier->getEntryStateHTML($record['id'], $record['lang']); ?> </td> <td class="list" style="width: 16px;"> <a href="#" onclick="javascript:deleteRecord(<?php print $record['id']; ?> , '<?php print $record['lang']; ?> ');" title="<?php print $PMF_LANG["ad_user_delete"];
$num = round($searchItem['number'] * 100 / $searchesCount, 2); ?> <tr class="row_search_id_<?php print $searchItem['id']; ?> "> <td><?php print PMF_String::htmlspecialchars($searchItem['searchterm']); ?> </td> <td><?php print $searchItem['number']; ?> </td> <td><?php print $languageCodes[PMF_String::strtoupper($searchItem['lang'])]; ?> </td> <td><?php print $num; ?> %</td> <td> <a onclick="deleteSearchTerm('<?php print $searchItem['searchterm']; ?> ', <?php print $searchItem['id']; ?> ); return false;" href="javascript:;">
/** * * @param unknown_type $text */ private function search_vars($text) { if (DEBUG) { $pattern = "/{(?!meta|baseHref|phpmyfaqversion)\\w+}/msi"; } else { $pattern = "/{(?!debug|meta|baseHref|phpmyfaqversion)\\w+}/msi"; } if (PMF_String::preg_match($pattern, $text)) { return true; } else { return false; } }
/** * Verifies specified article content and update links_state database entry * * @param string $contents * @param integer $id * @param string $artlang * @param boolean $cron * * @result string HTML text, if $cron is false (default) */ public function verifyArticleURL($contents = '', $id = 0, $artlang = '', $cron = false) { global $PMF_LANG; $faqconfig = PMF_Configuration::getInstance(); if ($faqconfig->get('main.referenceURL') == '') { $output = $PMF_LANG['ad_linkcheck_noReferenceURL']; return $cron ? '' : '<br /><br />' . $output; } if (trim('' == $faqconfig->get('main.referenceURL'))) { $output = $PMF_LANG['ad_linkcheck_noReferenceURL']; return $cron ? '' : '<br /><br />' . $output; } if ($this->isReady() === false) { $output = $PMF_LANG['ad_linkcheck_noAllowUrlOpen']; return $cron ? '' : '<br /><br />' . $output; } // Parse contents and verify URLs $this->parse_string($contents); $result = $this->VerifyURLs($faqconfig->get('main.referenceURL')); $this->markEntry($id, $artlang); // If no URLs found if ($result == false) { $output = sprintf('<h2>%s</h2><br />%s', $PMF_LANG['ad_linkcheck_checkResult'], $PMF_LANG['ad_linkcheck_noLinksFound']); return $cron ? '' : utf8_decode($output); } //uncomment to see the result structure //print str_replace("\n","<br />",PMF_String::htmlspecialchars(print_r($result, true))); $failreasons = $inforeasons = array(); $output = " <h2>" . $PMF_LANG['ad_linkcheck_checkResult'] . "</h2>\n"; $output .= ' <table class="verifyArticleURL">' . "\n"; foreach ($result as $type => $_value) { $output .= " <tr><td><strong>" . PMF_String::htmlspecialchars($type) . "</strong></td></tr>\n"; foreach ($_value as $url => $value) { $_output = ' <td />'; $_output .= ' <td><a href="' . $value['absurl'] . '" target="_blank">' . PMF_String::htmlspecialchars($value['absurl']) . "</a></td>\n"; $_output .= ' <td>'; if (isset($value['redirects']) && $value['redirects'] > 0) { $_redirects = "(" . $value['redirects'] . ")"; } else { $_redirects = ""; } if ($value['valid'] === true) { $_classname = "urlsuccess"; $_output .= '<td class="' . $_classname . '">' . $PMF_LANG['ad_linkcheck_checkSuccess'] . $_redirects . '</td>'; if ($value['reason'] != "") { $inforeasons[] = sprintf($PMF_LANG['ad_linkcheck_openurl_infoprefix'], PMF_String::htmlspecialchars($value['absurl'])) . $value['reason']; } } else { $_classname = "urlfail"; $_output .= '<td class="' . $_classname . '">' . $PMF_LANG['ad_linkcheck_checkFailed'] . '</td>'; if ($value['reason'] != "") { $failreasons[] = $value['reason']; } } $_output .= '</td>'; $output .= ' <tr class="' . $_classname . '">' . "\n" . $_output . "\n"; $output .= " </tr>\n"; } } $output .= " </table>\n"; if (count($failreasons) > 0) { $output .= " <br />\n <strong>" . $PMF_LANG['ad_linkcheck_failReason'] . "</strong>\n <ul>\n"; foreach ($failreasons as $reason) { $output .= " <li>" . $reason . "</li>\n"; } $output .= " </ul>\n"; } if (count($inforeasons) > 0) { $output .= " <br />\n <strong>" . $PMF_LANG['ad_linkcheck_infoReason'] . "</strong>\n <ul>\n"; foreach ($inforeasons as $reason) { $output .= " <li>" . $reason . "</li>\n"; } $output .= " </ul>\n"; } if ($cron) { return ''; } else { return utf8_decode($output); } }
* @subpackage Frontend * @author Thomas Zeithaml <*****@*****.**> * @author Thorsten Rinne <*****@*****.**> * @since 2005-08-21 * @version SVN: $Id$ * @copyright 2005-2009 phpMyFAQ Team * * The contents of this file are subject to the Mozilla Public License * Version 1.1 (the "License"); you may not use this file except in * compliance with the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" * basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the * License for the specific language governing rights and limitations * under the License. */ if (!defined('IS_VALID_PHPMYFAQ')) { header('Location: http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME'])); exit; } $faqsession->userTracking('sitemap', 0); $letter = PMF_Filter::filterInput(INPUT_GET, 'letter', FILTER_SANITIZE_STRIPPED); if (!is_null($letter) && 1 == PMF_String::strlen($letter)) { $currentLetter = strtoupper($db->escape_string(PMF_String::substr($letter, 0, 1))); } else { $currentLetter = 'A'; } $sitemap = new PMF_Sitemap($current_user, $current_groups); $tpl->processTemplate('writeContent', array('writeLetters' => $sitemap->getAllFirstLetters(), 'writeMap' => $sitemap->getRecordsFromLetter($currentLetter), 'writeCurrentLetter' => $currentLetter)); $tpl->includeTemplate('writeContent', 'index');
</td> <td><?php print $data['lang']; ?> </td> <td><a href="../index.php?action=artikel&cat=<?php print $data['category_id']; ?> &id=<?php print $data['id']; ?> &artlang=<?php print $data['lang']; ?> " title="<?php print PMF_String::htmlspecialchars(trim($data['question']), ENT_QUOTES, 'utf-8'); ?> "><?php print PMF_Utils::makeShorterText(PMF_htmlentities(trim($data['question']), ENT_QUOTES, 'utf-8'), 14); ?> </a></td> <td><?php print $data['usr']; ?> </td> <td style="width: 50px;"><img src="stat.bar.php?num=<?php print $data['num']; ?> " border="0" alt="<?php print round($data['num'] * 20); ?>
/** * Returns a 404 header * * @return void */ public function printHTTPStatus404() { if ('cgi' == PMF_String::substr(PHP_SAPI, 0, 3) || isset($_SERVER['ALL_HTTP'])) { header('Status: 404 Not Found'); } else { header('HTTP/1.0 404 Not Found'); } exit; }
if (PMF_Configuration::getInstance()->get('main.enableRewriteRules')) { header('Location: ' . PMF_Link::getSystemUri('/index.php') . '/solution_id_' . $inputSearchTerm . '.html'); } else { header('Location: ' . PMF_Link::getSystemUri('/index.php') . '/index.php?solution_id=' . $inputSearchTerm); } exit; } $category->buildTree(); $mostPopularSearchData = $faqSearch->getMostPopularSearches($faqconfig->get('search.numberSearchTerms')); // Set base URL scheme if (PMF_Configuration::getInstance()->get('main.enableRewriteRules')) { $baseUrl = sprintf("%ssearch.html?search=%s&seite=%d%s&searchcategory=%d", PMF_Link::getSystemRelativeUri('index.php'), urlencode($inputSearchTerm), $page, $languages, $inputCategory); } else { $baseUrl = sprintf('%s?%saction=search&search=%s&seite=%d%s&searchcategory=%d', PMF_Link::getSystemRelativeUri(), empty($sids) ? '' : '$sids&', urlencode($inputSearchTerm), $page, $languages, $inputCategory); } // Pagination options $options = array('baseUrl' => $baseUrl, 'total' => $faqSearchResult->getNumberOfResults(), 'perPage' => PMF_Configuration::getInstance()->get('records.numberOfRecordsPerPage'), 'pageParamName' => 'seite', 'nextPageLinkTpl' => '<a href="{LINK_URL}">' . $PMF_LANG['msgNext'] . '</a>', 'prevPageLinkTpl' => '<a href="{LINK_URL}">' . $PMF_LANG['msgPrevious'] . '</a>', 'layoutTpl' => '<p align="center"><strong>{LAYOUT_CONTENT}</strong></p>'); $faqPagination = new PMF_Pagination($options); $faqCategoryHelper = PMF_Helper_Category::getInstance(); $faqCategoryHelper->setCategory($category); $faqSearchHelper = PMF_Helper_Search::getInstance(); $faqSearchHelper->setSearchterm($inputSearchTerm); $faqSearchHelper->setCategory($category); $faqSearchHelper->setPagination($faqPagination); $faqSearchHelper->setPlurals($plr); $faqSearchHelper->setSessionId($sids); if ('' == $searchResult && !is_null($inputSearchTerm)) { $searchResult = $faqSearchHelper->renderSearchResult($faqSearchResult, $page); } $tpl->processTemplate('writeContent', array('msgAdvancedSearch' => $tagSearch ? $PMF_LANG['msgTagSearch'] : $PMF_LANG['msgAdvancedSearch'], 'msgSearch' => $PMF_LANG['msgSearch'], 'searchString' => PMF_String::htmlspecialchars($inputSearchTerm, ENT_QUOTES, 'utf-8'), 'searchOnAllLanguages' => $PMF_LANG['msgSearchOnAllLanguages'], 'checkedAllLanguages' => $allLanguages ? ' checked="checked"' : '', 'selectCategories' => $PMF_LANG['msgSelectCategories'], 'allCategories' => $PMF_LANG['msgAllCategories'], 'printCategoryOptions' => $faqCategoryHelper->renderCategoryOptions($inputCategory), 'writeSendAdress' => '?' . $sids . 'action=search', 'msgSearchWord' => $PMF_LANG['msgSearchWord'], 'printResult' => $searchResult, 'openSearchLink' => $faqSearchHelper->renderOpenSearchLink(), 'msgMostPopularSearches' => $PMF_LANG['msgMostPopularSearches'], 'printMostPopularSearches' => $faqSearchHelper->renderMostPopularSearches($mostPopularSearchData))); $tpl->includeTemplate('writeContent', 'index');
/** * Filter some text cutting out all non words and stop words * * @param string $input text to filter * * @return string */ public function clean($input) { $words = explode(' ', ereg_replace('[[:punct:][:space:]]+', ' ', $input)); $stop_words = $this->getByLang(null, true); $retval = array(); foreach ($words as $word) { $word = PMF_String::strtolower($word); if (!is_numeric($word) && 1 < PMF_String::strlen($word) && !in_array($word, $stop_words) && !in_array($word, $retval)) { $retval[] = $word; } } return $retval; }
" /> <?php if ($parentId > 0) { $userAllowed = $categoryUser->fetch($parentId); $groupAllowed = $categoryGroup->fetch($parentId); ?> <input type="hidden" name="restricted_users" value="<?php print $userAllowed->user_id; ?> " /> <input type="hidden" name="restricted_groups" value="<?php print $groupAllowed->group_id; ?> " /> <?php printf(" <p>%s: %s (%s)</p>\n", $PMF_LANG["msgMainCategory"], $categoryData->name, $languageCodes[PMF_String::strtoupper($categoryData->lang)]); } ?> <label class="left"><?php print $PMF_LANG["ad_categ_titel"]; ?> :</label> <input type="text" id="name" name="name" size="30" style="width: 300px;" /><br /> <label class="left"><?php print $PMF_LANG["ad_categ_desc"]; ?> :</label> <textarea id="description" name="description" rows="3" cols="80" style="width: 300px;"></textarea><br /> <label class="left"><?php
// Preload English strings require_once 'lang/language_en.php'; $showCaptcha = PMF_Filter::filterInput(INPUT_GET, 'gen', FILTER_SANITIZE_STRING); if (isset($LANGCODE) && PMF_Language::isASupportedLanguage($LANGCODE) && is_null($showCaptcha)) { // Overwrite English strings with the ones we have in the current language, // but don't include UTF-8 encoded files, these will break the captcha images require_once 'lang/language_' . $LANGCODE . '.php'; } else { $LANGCODE = 'en'; } //Load plurals support for selected language $plr = new PMF_Language_Plurals($PMF_LANG); // // Initalizing static string wrapper // PMF_String::init($PMF_LANG["metaCharset"], $LANGCODE); /** * Initialize attachment factory */ PMF_Attachment_Factory::init($faqconfig->get('main.attachmentsStorageType'), $faqconfig->get('main.defaultAttachmentEncKey'), $faqconfig->get('main.enableAttachmentEncryption')); // // Get user action // $action = PMF_Filter::filterInput(INPUT_GET, 'action', FILTER_SANITIZE_STRING, 'main'); // // Authenticate current user // $auth = null; $error = ''; $faqusername = PMF_Filter::filterInput(INPUT_POST, 'faqusername', FILTER_SANITIZE_STRING); $faqpassword = PMF_Filter::filterInput(INPUT_POST, 'faqpassword', FILTER_SANITIZE_STRING);
use Symfony\Component\HttpFoundation\Response; define('PMF_ROOT_DIR', dirname(dirname(__DIR__))); define('IS_VALID_PHPMYFAQ', null); // // Bootstrapping // require PMF_ROOT_DIR . '/inc/Bootstrap.php'; // // get language (default: english) // $Language = new PMF_Language($faqConfig); $LANGCODE = $Language->setLanguage($faqConfig->get('main.languageDetection'), $faqConfig->get('main.language')); // // Initalizing static string wrapper // PMF_String::init($LANGCODE); // Preload English strings require_once PMF_ROOT_DIR . '/lang/language_en.php'; $faqConfig->setLanguage($Language); if ($faqConfig->get('security.enableLoginOnly')) { if (!isset($_SERVER['PHP_AUTH_USER'])) { $response = Response::create()->setStatusCode(401); $response->headers->set('WWW-Authenticate', 'Basic realm="phpMyFAQ RSS Feeds"'); $response->send(); exit; } else { $user = new PMF_User_CurrentUser($faqConfig); if ($user->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { if ($user->getStatus() != 'blocked') { $auth = true; } else {
<tbody> <?php foreach ($ratingdata as $data) { if ($data['category_id'] != $oldcategory) { ?> <tr> <th colspan="6" style="text-align: left;"> <h4><?php echo $category->categoryName[$data['category_id']]['name']; ?> </h4> </th> </tr> <?php } $question = PMF_String::htmlspecialchars(trim($data['question'])); $url = sprintf('../index.php?action=artikel&cat=%d&id=%d&artlang=%s', $data['category_id'], $data['id'], $data['lang']); ?> <tr> <td><?php echo $data['id']; ?> </td> <td><?php echo $data['lang']; ?> </td> <td> <a href="<?php echo $url; ?>
/** * Creates the part for the WHERE clause * * @param string $searchTerm Search term * * @return string */ public function getMatchClause($searchTerm = '') { $keys = PMF_String::preg_split("/\\s+/", $searchTerm); $numKeys = count($keys); $numMatch = count($this->matchingColumns); $where = ''; for ($i = 0; $i < $numKeys; $i++) { if (strlen($where) != 0) { $where = $where . " OR"; } $where = $where . " ("; for ($j = 0; $j < $numMatch; $j++) { if ($j != 0) { $where = $where . " OR "; } $where = sprintf("%s%s LIKE '%%%s%%'", $where, $this->matchingColumns[$j], $this->_config->getDb()->escape($keys[$i])); } $where .= ")"; } return $where; }
/** * Clean up a filename: if anything goes wrong, an empty string will be returned * * @param string $filename Filename * * @return string */ private static function _basicFilenameClean($filename) { global $denyUploadExts; // Remove the magic quotes if enabled $filename = ini_get('magic_quotes_gpc') ? stripslashes($filename) : $filename; $path_parts = pathinfo($filename); // We need a filename without any path info if ($path_parts['basename'] !== $filename) { return ''; } // We need a filename with at least 1 chars plus the optional extension if (isset($path_parts['extension']) && $path_parts['basename'] == '.' . $path_parts['extension']) { return ''; } if (!isset($path_parts['extension']) && PMF_String::strlen($path_parts['basename']) == 0) { return ''; } // Deny some extensions (see inc/constants.php), if any if (!isset($path_parts['extension'])) { $path_parts['extension'] = ''; } if (count($denyUploadExts) > 0) { if (in_array(strtolower($path_parts['extension']), $denyUploadExts)) { return ''; } } // Clean the file to remove some chars depending on the server OS // 0. main/rfc1867.c: rfc1867_post_handler removes any char before the last occurence of \/ // 1. Besides \/ on Windows: :*?"<>| if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $reservedChars = array(':', '*', '?', '"', '<', '>', "'", '|'); $filename = str_replace($reservedChars, '_', $filename); } return $filename; }
<input type="checkbox" name="q[other][]" value="ruby" />Ruby / Ruby on Rails <input type="checkbox" name="q[other][]" value="python" />Python </fieldset> <br /> <p class="center">Additional to your input we're going to submit some information about your system setup for statstic purpose.</p> <p class="center">We are not storing any personal information. You can see the data by clicking <a href="#" onclick="show('configliste');return false;">here</a>.</p> <div id="configliste" class="collapsed"> <a href="#" onclick="hide('configliste'); return false;">hide again</a> <dl> <?php $q = new PMF_Questionnaire_Data($configs); $options = $q->get(); array_walk($options, 'data_printer'); echo '</dl><input type="hidden" name="systemdata" value="' . PMF_String::htmlspecialchars(serialize($q->get()), ENT_QUOTES) . '" />'; ?> </div> <p class="center"><input type="submit" value="Click here to submit the data and fnish the installation process" /></p> </form> <div id="questionnaireThanks" style="display:none;"> <p class="center"><b>Thank you for giving your feedback!</b></p> <p class="center">You can visit <a href="../index.php">your version of phpMyFAQ</a> or</p> <p class="center">login into your <a href="../admin/index.php">admin section</a>.</p> </div> <br /> <?php // Remove 'scripts' folder: no need of prompt anything to the user if (file_exists(PMF_ROOT_DIR . "/scripts") && is_dir(PMF_ROOT_DIR . "/scripts")) { @rmdir(PMF_ROOT_DIR . "/scripts"); }
/** * Wraps the lines contained into the given message. * * @param string $message Message. * @param integer $width Column width. Defaults to 72. * @param boolean $cut Cutting a word is allowed. Defaults to false. * * @return string The given message, wrapped as requested. */ public function wrapLines($message, $width = 72, $cut = false) { $message = $this->fixEOL($message); if (PMF_String::strpos(strtolower($this->charset), 'utf') !== false) { // PHP wordwrap() is not safe with multibyte UTF chars return $message; } else { $lines = explode($this->eol, $message); $wrapped = ''; foreach ($lines as $value) { $wrapped .= empty($wrapped) ? '' : $this->eol; $wrapped .= wordwrap($value, $width, $this->eol, $cut); } return $wrapped; } }
/** * Updates an item and definition into the database * * @param integer $id Glossary ID * @param string $item Item * @param string $definition Definition * * @return boolean */ public function updateGlossaryItem($id, $item, $definition) { $this->item = $this->config->getDb()->escape($item); $this->definition = $this->config->getDb()->escape($definition); $query = sprintf("\n UPDATE\n %sfaqglossary\n SET\n item = '%s',\n definition = '%s'\n WHERE\n id = %d AND lang = '%s'", PMF_Db::getTablePrefix(), PMF_String::htmlspecialchars($this->item), PMF_String::htmlspecialchars($this->definition), (int) $id, $this->config->getLanguage()->getLanguage()); if ($this->config->getDb()->query($query)) { return true; } return false; }
$switchLanguage .= "</select>\n"; $switchLanguage .= " \n"; $switchLanguage .= "<input class=\"submit\" type=\"submit\" name=\"submit\" value=\"" . $PMF_LANG["msgLangaugeSubmit"] . "\" />\n"; $switchLanguage .= "</fieldset>\n"; $switchLanguage .= "</form>\n"; $switchLanguage .= "</p>\n"; } // List all faq attachments if ($faqconfig->get('main.disableAttachments') && 'yes' == $faq->faqRecord['active']) { $attList = PMF_Attachment_Factory::fetchByRecordId($record_id); $outstr = ""; while (list(, $att) = each($attList)) { $outstr .= sprintf('<a href="%s">%s</a>, ', $att->buildUrl(), $att->getFilename()); } if (count($attList) > 0) { $content .= '<p>' . $PMF_LANG['msgAttachedFiles'] . ' ' . PMF_String::substr($outstr, 0, -2) . '</p>'; } } // List all categories for this faq $writeMultiCategories = ''; $multiCategories = array(); $categoryRelations = new PMF_Category_Relations(); foreach ($categoryRelations->fetchAll() as $relation) { if ($relation->record_id == $record_id) { $multiCategories[] = $relation->category_id; } } if (count($multiCategories) > 1) { $writeMultiCategories .= ' <div id="article_categories">'; $writeMultiCategories .= ' <fieldset>'; $writeMultiCategories .= ' <legend>' . $PMF_LANG['msgArticleCategories'] . '</legend>';
switch ($type) { case 'news': $id = $newsid; $msgWriteComment = $PMF_LANG['newsWriteComment']; break; case 'faq': default: $id = $faqid; $msgWriteComment = $PMF_LANG['msgWriteComment']; break; } // If e-mail address is set to optional if (!PMF_Configuration::getInstance()->get('main.optionalMailAddress') && is_null($mail)) { $mail = PMF_Configuration::getInstance()->get('main.administrationMail'); } if (!is_null($user) && !is_null($mail) && !is_null($comment) && checkBannedWord(PMF_String::htmlspecialchars($comment)) && IPCheck($_SERVER['REMOTE_ADDR']) && $captcha->checkCaptchaCode($code) && !$faq->commentDisabled($id, $LANGCODE, $type)) { $faqsession->userTracking("save_comment", $id); $commentData = array('record_id' => $id, 'type' => $type, 'username' => $user, 'usermail' => $mail, 'comment' => nl2br($comment), 'date' => $_SERVER['REQUEST_TIME'], 'helped' => ''); if ($faq->addComment($commentData)) { $emailTo = $faqconfig->get('main.administrationMail'); $urlToContent = ''; if ('faq' == $type) { $faq->getRecord($id); if ($faq->faqRecord['email'] != '') { $emailTo = $faq->faqRecord['email']; } $_faqUrl = sprintf('%saction=artikel&cat=%d&id=%d&artlang=%s', $sids, 0, $faq->faqRecord['id'], $faq->faqRecord['lang']); $oLink = new PMF_Link(PMF_Link::getSystemUri() . '?' . $_faqUrl); $oLink->itemTitle = $faq->faqRecord['title']; $urlToContent = $oLink->toString(); } else {
/** * Adds a highlighted word to a string * * @param string $string String * @param string $highlight Given word for highlighting * * @return string */ public static function setHighlightedString($string, $highlight) { $attributes = array('href', 'src', 'title', 'alt', 'class', 'style', 'id', 'name', 'face', 'size', 'dir', 'onclick', 'ondblclick', 'onmousedown', 'onmouseup', 'onmouseover', 'onmousemove', 'onmouseout', 'onkeypress', 'onkeydown', 'onkeyup'); return PMF_String::preg_replace_callback('/(' . $highlight . '="[^"]*")|' . '((' . implode('|', $attributes) . ')="[^"]*' . $highlight . '[^"]*")|' . '(' . $highlight . ')/mis', array('PMF_Utils', 'highlightNoLinks'), $string); }