/** * 取得IP * * @access public * @return String */ public static function getIP() { if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } elseif (isset($_SERVER["HTTP_CLIENT_IP"])) { $ip = $_SERVER["HTTP_CLIENT_IP"]; } elseif (isset($_SERVER["REMOTE_ADDR"])) { $ip = $_SERVER["REMOTE_ADDR"]; } elseif (getenv("HTTP_X_FORWARDED_FOR")) { $ip = getenv("HTTP_X_FORWARDED_FOR"); } elseif (getenv("HTTP_CLIENT_IP")) { $ip = getenv("HTTP_CLIENT_IP"); } elseif (getenv("REMOTE_ADDR")) { $ip = getenv("REMOTE_ADDR"); } else { $ip = "Unknown"; } if (!Validator::ip($ip)) { $ip = 'Unknown'; } return $ip; }
function _buildQuery() { global $database; $query = DBModel::getInstance(); $query->reset('Comments'); $query->setQualifier('blogid', 'equals', getBlogId()); $query->setQualifier('entry', 'equals', 0); if (isset($this->id)) { if (!Validator::number($this->id, 1)) { return $this->_error('id'); } $query->setQualifier('id', 'equals', $this->id); } if (isset($this->parent)) { if (!Validator::number($this->parent, 1)) { return $this->_error('parent'); } } $query->setAttribute('parent', $this->parent); if (isset($this->commenter)) { if (!Validator::number($this->commenter, 1)) { return $this->_error('commenter'); } if (!($this->name = User::getName($this->commenter))) { return $this->_error('commenter'); } $query->setAttribute('replier', $this->commenter); } if (isset($this->name)) { $this->name = Utils_Unicode::lessenAsEncoding(trim($this->name), 80); if (empty($this->name)) { return $this->_error('name'); } $query->setAttribute('name', $this->name, true); } if (isset($this->openid)) { $this->openid = Utils_Unicode::lessenAsEncoding(trim($this->openid), 128); if (empty($this->openid)) { return $this->_error('openid'); } $query->setAttribute('openid', $this->openid, true); } if (isset($this->homepage)) { $this->homepage = Utils_Unicode::lessenAsEncoding(trim($this->homepage), 80); if (empty($this->homepage)) { return $this->_error('homepage'); } $query->setAttribute('homepage', $this->homepage, true); } if (isset($this->ip)) { if (!Validator::ip($this->ip)) { return $this->_error('ip'); } $query->setAttribute('ip', $this->ip, true); } if (isset($this->secret)) { $query->setAttribute('secret', Validator::getBit($this->secret)); } if (isset($this->content)) { $this->content = trim($this->content); if (empty($this->content)) { return $this->_error('content'); } $query->setAttribute('comment', $this->content, true); } if (isset($this->written)) { if (!Validator::timestamp($this->written)) { return $this->_error('written'); } $query->setAttribute('written', $this->written); } if (isset($this->isfiltered)) { $query->setAttribute('isfiltered', Validator::getBit($this->isfiltered)); } if (isset($this->password)) { $this->password = Utils_Unicode::lessenAsEncoding($this->password, 32); $query->setAttribute('password', $this->password, true); $this->password = null; } return $query; }
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT) $IV = array('POST' => array('targets' => array('list', 'default' => '', 'mandatory' => false), 'ip' => array('ip', 'default' => '', 'mandatory' => false), 'targetIPs' => array('string', 'default' => '', 'mandatory' => false))); require ROOT . '/library/preprocessor.php'; importlib("model.blog.comment"); requireStrictRoute(); $isAjaxRequest = checkAjaxRequest(); if (isset($suri['id'])) { if (trashCommentInOwner($blogid, $suri['id']) === true) { $isAjaxRequest ? Respond::ResultPage(0) : header("Location: " . $_SERVER['HTTP_REFERER']); } else { $isAjaxRequest ? Respond::ResultPage(-1) : header("Location: " . $_SERVER['HTTP_REFERER']); } } else { if (!empty($_POST['targets'])) { foreach (explode(',', $_POST['targets']) as $target) { trashCommentInOwner($blogid, $target); } } if (!empty($_POST['targetIPs'])) { $targetIPs = array_unique(explode(',', $_POST['targetIPs'])); foreach ($targetIPs as $target) { if (Validator::ip($target)) { trashCommentInOwnerByIP($blogid, $target); } } } if (!empty($_POST['ip'])) { trashCommentInOwnerByIP($blogid, $_POST['ip']); } Respond::ResultPage(0); }
function _buildQuery() { $query = DBModel::getInstance(); $query->reset('RemoteResponses'); $query->setQualifier('blogid', getBlogId()); $query->setQualifier('responsetype', 'pingback'); if (isset($this->id)) { if (!Validator::number($this->id, 1)) { return $this->_error('id'); } $query->setQualifier('id', $this->id); } if (isset($this->entry)) { if (!Validator::number($this->entry, 1)) { return $this->_error('entry'); } $query->setQualifier('entry', $this->entry); } if (isset($this->url)) { $this->url = Utils_Unicode::lessenAsEncoding(trim($this->url), 255); if (empty($this->url)) { return $this->_error('url'); } $query->setQualifier('url', $this->url, true); } if (isset($this->ip)) { if (!Validator::ip($this->ip)) { return $this->_error('ip'); } $query->setAttribute('ip', $this->ip, true); } if (isset($this->received)) { if (!Validator::timestamp($this->received)) { return $this->_error('received'); } $query->setAttribute('written', $this->received); } if (isset($this->isFiltered)) { if ($this->isFiltered) { $query->setAttribute('isFiltered', 'UNIX_TIMESTAMP()'); } else { $query->setAttribute('isFiltered', Validator::getBit($this->isFiltered)); } } return $query; }
function _buildQuery() { global $database; $this->host = trim($this->host); if (empty($this->host)) { return $this->_error('host'); } $query = DBModel::getInstance(); $query->reset('SubscriptionStatistics'); $query->setQualifier('blogid', 'equals', getBlogId()); if (isset($this->ip)) { if (!Validator::ip($this->ip)) { return $this->_error('ip'); } $query->setAttribute('ip', $this->ip, true); } if (isset($this->host)) { $query->setAttribute('host', $this->host, true); } if (isset($this->useragent)) { $query->setAttribute('useragent', $this->useragent, true); } if (isset($this->subscribed)) { if (!Validator::number($this->subscribed, 1)) { return $this->_error('subscribed'); } $query->setAttribute('subscribed', $this->subscribed); } if (isset($this->referred)) { if (!Validator::number($this->referred, 1)) { return $this->_error('referred'); } $query->setAttribute('referred', $this->referred); } return $query; }
static function validateArray(&$array, &$rules) { // Workaround for non Fancy-URL user. $cropArray = array(); foreach ($array as $name => $value) { $doesHaveRequest = strpos($name, '?'); if ($doesHaveRequest !== false) { $name = substr($name, $doesHaveRequest + 1); } $cropArray[$name] = $value; } $array = $cropArray; foreach ($rules as $key => $rule) { if (!isset($rule[0])) { trigger_error("Validator: The type of '{$key}' is not defined", E_USER_WARNING); continue; } if (isset($array[$key]) && ($rule[0] == 'file' || strlen($array[$key]) > 0)) { $value =& $array[$key]; if (isset($rule['min'])) { $rule[1] = $rule['min']; } if (isset($rule['max'])) { $rule[2] = $rule['max']; } if (isset($rule['bypass'])) { $rule[3] = $rule['bypass']; } switch ($rule[0]) { case 'any': if (isset($rule[1]) && strlen($value) < $rule[1]) { return false; } if (isset($rule[2]) && strlen($value) > $rule[2]) { return false; } break; case 'bit': $array[$key] = Validator::getBit($value); break; case 'bool': $array[$key] = Validator::getBool($value); break; case 'number': if (!Validator::number($value, isset($rule[1]) ? $rule[1] : null, isset($rule[2]) ? $rule[2] : null, isset($rule[3]) ? $rule[3] : false)) { return false; } break; case 'int': if (!Validator::isInteger($value, isset($rule[1]) ? $rule[1] : -2147483648.0, isset($rule[2]) ? $rule[2] : 2147483647, isset($rule[3]) ? $rule[3] : false)) { return false; } break; case 'id': if (!Validator::id($value, isset($rule[1]) ? $rule[1] : 1, isset($rule[2]) ? $rule[2] : 2147483647)) { return false; } break; case 'url': case 'string': if (!Utils_Unicode::validate($value)) { $value = Utils_Unicode::bring($value); if (!Utils_Unicode::validate($value)) { return false; } } $value = $array[$key] = Utils_Unicode::correct($value); if (isset($rule[1]) && Utils_Unicode::length($value) < $rule[1]) { return false; } if (isset($rule[2]) && Utils_Unicode::length($value) > $rule[2]) { return false; } break; case 'list': if (!Validator::isList($value)) { return false; } break; case 'timestamp': if (!Validator::timestamp($value)) { return false; } break; case 'period': if (!Validator::period($value)) { return false; } break; case 'ip': if (!Validator::ip($value)) { return false; } break; case 'domain': if (!Validator::domain($value)) { return false; } break; case 'email': if (!Validator::email($value)) { return false; } break; case 'language': if (!Validator::language($value)) { return false; } break; case 'filename': if (!Validator::filename($value)) { return false; } break; case 'directory': if (!Validator::directory($value)) { return false; } break; case 'path': if (!Validator::path($value)) { return false; } break; case 'file': if (!isset($value['name']) || preg_match('@[/\\\\]@', $value['name'])) { return false; } break; default: if (is_array($rule[0])) { if (!in_array($value, $rule[0])) { return false; } } else { trigger_error("Validator: The type of '{$key}' is unknown", E_USER_WARNING); } break; } if (isset($rule['check'])) { $rule[5] = $rule['check']; } if (isset($rule[5])) { if (function_exists($rule[5])) { if (!call_user_func($rule[5], $value)) { return false; } } else { trigger_error("Validator: The check function of '{$key}' is not defined", E_USER_WARNING); } } } else { if (array_key_exists(3, $rule)) { $array[$key] = $rule[3]; } else { if (array_key_exists('default', $rule)) { $array[$key] = $rule['default']; } else { if ((!isset($rule[4]) || $rule[4]) && (!isset($rule['mandatory']) || $rule['mandatory'])) { return false; } } } } } return true; }
function _buildQuery() { global $database; $query = DBModel::getInstance(); $query->reset('Comments'); $query->setQualifier('blogid', 'equals', getBlogId()); if (isset($this->id)) { if (!Validator::number($this->id, 1)) { return $this->_error('id'); } $query->setQualifier('id', 'equals', $this->id); } if (isset($this->entry)) { if (!Validator::number($this->entry, 1)) { return $this->_error('entry'); } $query->setAttribute('entry', $this->entry); } if (isset($this->parent)) { if (!Validator::number($this->parent, 1)) { return $this->_error('parent'); } } $query->setAttribute('parent', $this->parent); if (isset($this->commenter)) { if (!Validator::number($this->commenter, 1)) { return $this->_error('commenter'); } if (!isset($this->name)) { if (!($this->name = User::getName($this->commenter))) { return $this->_error('commenter'); } } else { // name information exists. however, replier maybe different from services. // It is a limitation of spec. if ($this->name == User::getName($this->commenter)) { // If name == commenter, it is same service (maybe). $query->setAttribute('replier', $this->commenter); } } // $query->setAttribute('replier', $this->commenter); } if (isset($this->name)) { $this->name = Utils_Unicode::lessenAsEncoding(trim($this->name), 80); if (empty($this->name)) { return $this->_error('name'); } $query->setAttribute('name', $this->name, true); } if (isset($this->openid)) { $this->openid = Utils_Unicode::lessenAsEncoding(trim($this->openid), 128); if (empty($this->openid)) { return $this->_error('openid'); } $query->setAttribute('openid', $this->openid, true); } if (isset($this->homepage)) { $this->homepage = Utils_Unicode::lessenAsEncoding(trim($this->homepage), 80); if (empty($this->homepage)) { return $this->_error('homepage'); } $query->setAttribute('homepage', $this->homepage, true); } if (isset($this->ip)) { if (!Validator::ip($this->ip)) { return $this->_error('ip'); } $query->setAttribute('ip', $this->ip, true); } if (isset($this->secret)) { $query->setAttribute('secret', Validator::getBit($this->secret)); } if (isset($this->content)) { $this->content = trim($this->content); if (empty($this->content)) { return $this->_error('content'); } $query->setAttribute('comment', $this->content, true); } if (isset($this->longitude) && Validator::number($this->longitude)) { $query->setAttribute('longitude', $this->longitude, false); } else { $query->setAttribute('longitude', null); } if (isset($this->latitude) && Validator::number($this->latitude)) { $query->setAttribute('latitude', $this->latitude, false); } else { $query->setAttribute('latitude', null); } if (isset($this->written)) { if (!Validator::timestamp($this->written)) { return $this->_error('written'); } $query->setAttribute('written', $this->written); } if (isset($this->isfiltered)) { $query->setAttribute('isfiltered', Validator::getBit($this->isfiltered)); } if (isset($this->password)) { $this->password = Utils_Unicode::lessenAsEncoding($this->password, 32); $query->setAttribute('password', $this->password, true); $this->password = null; } return $query; }
function _buildQuery() { $query = DBModel::getInstance(); $query->reset('CommentsNotified'); $query->setQualifier('blogid', 'equals', getBlogId()); if (isset($this->id)) { if (!Validator::number($this->id, 1)) { return $this->_error('id'); } $query->setQualifier('id', 'equals', $this->id); } if (isset($this->entry)) { if (!Validator::number($this->entry, 0)) { return $this->_error('entry'); } $query->setAttribute('entry', $this->entry); } if (isset($this->parent)) { if (empty($this->parent)) { $this->parent = NULL; } else { if (!Validator::number($this->parent, 0)) { return $this->_error('parent'); } } } $query->setAttribute('parent', $this->parent); if (isset($this->commenter)) { if (!Validator::number($this->commenter, 1)) { return $this->_error('commenter'); } if (!($this->name = User::getName($this->commenter))) { return $this->_error('commenter'); } $query->setAttribute('replier', $this->commenter); } if (isset($this->name)) { $this->name = Utils_Unicode::lessenAsEncoding(trim($this->name), 80); if (empty($this->name)) { return $this->_error('name'); } $query->setAttribute('name', $this->name, true); } if (isset($this->homepage) && !empty($this->homepage)) { $this->homepage = Utils_Unicode::lessenAsEncoding(trim($this->homepage), 80); $query->setAttribute('homepage', $this->homepage, true); } if (isset($this->ip) && !empty($this->ip)) { if (!Validator::ip($this->ip)) { return $this->_error('ip'); } $query->setAttribute('ip', $this->ip, true); } if (isset($this->secret)) { $query->setAttribute('secret', Validator::getBit($this->secret)); } if (isset($this->isnew)) { $query->setAttribute('isnew', Validator::getBit($this->isnew)); } if (isset($this->content)) { $this->content = trim($this->content); if (empty($this->content)) { return $this->_error('content'); } $query->setAttribute('comment', $this->content, true); } if (isset($this->written)) { if (!Validator::timestamp($this->written)) { return $this->_error('written'); } $query->setAttribute('written', $this->written); } if (isset($this->modified)) { if (!Validator::timestamp($this->modified)) { return $this->_error('modified'); } $query->setAttribute('modified', $this->modified); } if (isset($this->siteid)) { if (!Validator::number($this->id, 1)) { return $this->_error('id'); } $query->setAttribute('siteid', $this->siteid); } if (isset($this->remoteid)) { if (!Validator::number($this->id, 1)) { return $this->_error('id'); } $query->setAttribute('remoteid', $this->remoteid); } if (isset($this->url) && !empty($this->url)) { // TODO: url validator doesn't validate correctly? //if (!Validator::url($this->url)) // return $this->_error('url'); $query->setAttribute('url', $this->url, true); } if (isset($this->entrytitle)) { $this->entrytitle = Utils_Unicode::lessenAsEncoding(trim($this->entrytitle), 255); if (empty($this->entrytitle)) { return $this->_error('entrytitle'); } $query->setAttribute('entrytitle', $this->entrytitle, true); } if (isset($this->entryurl)) { //if (!Validator::url($this->entryurl)) // return $this->_error('entryurl'); $query->setAttribute('entryurl', $this->entryurl, true); } if (isset($this->password)) { $this->password = Utils_Unicode::lessenAsEncoding($this->password, 32); $query->setAttribute('password', $this->password, true); $this->password = null; } return $query; }