$clean_bid = XoopsFilterInput::clean($_POST['bid'], 'INT');
}
$clean_cid = 0;
if (isset($_POST['cid'])) {
$clean_cid = XoopsFilterInput::clean($_POST['cid'], 'INT');
}
} elseif (!empty($_GET['op'])) {
// from $_POST we use keys: op, bid, cid
$op = trim(XoopsFilterInput::clean($_GET['op'], 'STRING'));
$clean_bid = 0;
if (isset($_GET['bid'])) {
$clean_bid = XoopsFilterInput::clean($_GET['bid'], 'INT');
}
$clean_cid = 0;
if (isset($_GET['cid'])) {
$clean_cid = XoopsFilterInput::clean($_GET['cid'], 'INT');
}
}
$myts =& MyTextSanitizer::getInstance();
switch ($op) {
case "click":
$bid = $clean_bid;
clickbanner($bid);
break;
case "Ok":
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!$GLOBALS['xoopsSecurity']->check(true, false, "BANNER_LOGIN")) {
redirect_header("banners.php", 3, implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));
exit;
}
$_SESSION['banner_login'] = $clean_login;
/**
* Clean up an input variable.
*
* @param mixed $var The input variable.
* @param int $mask Filter bit mask.
* - 1=no trim: If this flag is cleared and the input is a string,
* the string will have leading and trailing whitespace trimmed.
* - 2=allow_raw: If set, no more filtering is performed, higher bits are ignored.
* - 4=allow_html: HTML is allowed, but passed through a safe HTML filter first.
* If set, no more filtering is performed.
* - If no bits other than the 1 bit is set, a strict filter is applied.
* @param string $type The variable type. See {@link XoopsFilterInput::clean()}.
*
* @return string
*/
private static function cleanVar($var, $mask = 0, $type = null)
{
// Static input filters for specific settings
static $noHtmlFilter = null;
static $safeHtmlFilter = null;
// If the no trim flag is not set, trim the variable
if (!($mask & 1) && is_string($var)) {
$var = trim($var);
}
// Now we handle input filtering
if ($mask & 2) {
// If the allow raw flag is set, do not modify the variable
} else {
XoopsLoad::load('xoopsfilterinput');
if ($mask & 4) {
// If the allow html flag is set, apply a safe html filter to the variable
if (is_null($safeHtmlFilter)) {
$safeHtmlFilter = XoopsFilterInput::getInstance(null, null, 1, 1);
}
$var = $safeHtmlFilter->clean($var, $type);
} else {
// Since no allow flags were set, we will apply the most strict filter to the variable
if (is_null($noHtmlFilter)) {
$noHtmlFilter = XoopsFilterInput::getInstance();
}
$var = $noHtmlFilter->clean($var, $type);
}
}
return $var;
}
* @license http://www.fsf.org/copyleft/gpl.html GNU General Public License (GPL)
* @package core
* @since 2.0.0
* @author Kazumi Ono <*****@*****.**>
*/
include __DIR__ . '/mainfile.php';
$xoops = Xoops::getInstance();
$xoops_url = \XoopsBaseConfig::get('url');
$xoops->events()->triggerEvent('core.user.start');
$xoops->loadLanguage('user');
// from $_POST we use keys: op, ok
$clean_input = XoopsFilterInput::gather('post', array(array('op', 'string'), array('ok', 'boolean', 0, false)), 'op');
if (!$clean_input) {
// no valid $_POST, use $_GET and set defaults
// from $_GET we use keys: op, xoops_redirect, id, actkey
$clean_input = XoopsFilterInput::gather('get', array(array('op', 'string', 'main', true), array('xoops_redirect', 'weburl', '', true), array('id', 'int', 0, false), array('actkey', 'string', '', true)));
}
$op = $clean_input['op'];
if ($op == 'login') {
include_once $xoops->path('include/checklogin.php');
exit;
}
if ($op == 'main') {
if (!$xoops->isUser()) {
$xoops->header('module:system/system_userform.tpl');
$xoops->tpl()->assign('xoops_pagetitle', XoopsLocale::A_LOGIN);
$xoops->theme()->addMeta('meta', 'keywords', XoopsLocale::USERNAME . ", " . XoopsLocale::PASSWORD . ", " . XoopsLocale::Q_LOST_YOUR_PASSWORD);
$xoops->theme()->addMeta('meta', 'description', XoopsLocale::Q_LOST_YOUR_PASSWORD . " " . XoopsLocale::NO_PROBLEM_ENTER_EMAIL_WE_HAVE_ON_FILE);
$xoops->tpl()->assign('lang_login', XoopsLocale::A_LOGIN);
$xoops->tpl()->assign('lang_username', XoopsLocale::C_USERNAME);
if (isset($clean_input['xoops_redirect'])) {
* of supporting developers from this source code or any supporting source code
* which is considered copyrighted (c) material of the original comment or credit authors.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
* @copyright The XOOPS Project http://sourceforge.net/projects/xoops/
* @license GNU GPL 2 (http://www.gnu.org/licenses/old-licenses/gpl-2.0.html)
* @package core
* @since 2.0.0
* @version $Id: imagemanager.php 12349 2014-03-07 02:01:09Z rgriffith $
*/
include dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mainfile.php';
XoopsLoad::load('XoopsFilterInput');
if (isset($_REQUEST['target'])) {
$target = trim(XoopsFilterInput::clean($_REQUEST['target'], 'WORD'));
} else {
exit('Target not set');
}
$op = 'list';
if (isset($_GET['op']) && $_GET['op'] == 'upload') {
$op = 'upload';
} elseif (isset($_POST['op']) && $_POST['op'] == 'doupload') {
$op = 'doupload';
}
if (!is_object($xoopsUser)) {
$group = array(XOOPS_GROUP_ANONYMOUS);
} else {
$group = $xoopsUser->getGroups();
}
if ($op == 'list') {
XoopsLoad::load('XoopsFilterInput');
$clean_uname = '';
if (isset($_POST['uname'])) {
$clean_uname = trim(XoopsFilterInput::clean($_POST['uname'], 'STRING'));
}
$clean_pass = '';
if (isset($_POST['pass'])) {
$clean_pass = trim(XoopsFilterInput::clean($_POST['pass'], 'STRING'));
}
$clean_rememberme = '';
if (isset($_POST['rememberme'])) {
$clean_rememberme = trim(XoopsFilterInput::clean($_POST['rememberme'], 'STRING'));
}
$clean_redirect = '';
if (isset($_POST['xoops_redirect'])) {
$clean_redirect = trim(XoopsFilterInput::clean($_POST['xoops_redirect'], 'WEBURL'));
}
$uname = $clean_uname;
$pass = $clean_pass;
if ($uname == '' || $pass == '') {
redirect_header(XOOPS_URL . '/user.php', 1, _US_INCORRECTLOGIN);
exit;
}
$member_handler =& xoops_gethandler('member');
$myts =& MyTextsanitizer::getInstance();
include_once $GLOBALS['xoops']->path('class/auth/authfactory.php');
xoops_loadLanguage('auth');
$xoopsAuth =& XoopsAuthFactory::getAuthConnection($myts->addSlashes($uname));
$user = $xoopsAuth->authenticate($myts->addSlashes($uname), $myts->addSlashes($pass));
if (false != $user) {
if (0 == $user->getVar('level')) {
$clean_ok = false;
if (isset($_POST['ok'])) {
$clean_ok = XoopsFilterInput::clean($_POST['ok'], 'BOOLEAN');
}
} elseif (isset($_GET['op'])) {
// from $_GET we may use keys: op, xoops_redirect, id, actkey
$op = trim(XoopsFilterInput::clean($_GET['op']));
$clean_redirect = '';
if (isset($_GET['xoops_redirect'])) {
$clean_redirect = XoopsFilterInput::clean($_GET['xoops_redirect'], 'WEBURL');
}
if (isset($_GET['id'])) {
$clean_id = XoopsFilterInput::clean($_GET['id'], 'INT');
}
if (isset($_GET['actkey'])) {
$clean_actkey = XoopsFilterInput::clean($_GET['actkey'], 'STRING');
}
}
if ($op === 'login') {
include_once $GLOBALS['xoops']->path('include/checklogin.php');
exit;
}
if ($op === 'main') {
if (!$xoopsUser) {
$GLOBALS['xoopsOption']['template_main'] = 'system_userform.tpl';
include $GLOBALS['xoops']->path('header.php');
$xoopsTpl->assign('xoops_pagetitle', _LOGIN);
$xoTheme->addMeta('meta', 'keywords', _USERNAME . ', ' . _US_PASSWORD . ', ' . _US_LOSTPASSWORD);
$xoTheme->addMeta('meta', 'description', _US_LOSTPASSWORD . ' ' . _US_NOPROBLEM);
$xoopsTpl->assign('lang_login', _LOGIN);
$xoopsTpl->assign('lang_username', _USERNAME);
exit("Token error");
}
$xoops->theme()->addBaseStylesheetAssets('@jqueryuicss');
$xoops->theme()->addStylesheet('modules/system/css/admin.css');
$xoops->theme()->addBaseScriptAssets('@jqueryui', '@jgrowl', 'modules/system/js/admin.js');
$xoops->header('admin:system/system_services.tpl');
$admin_page = new \Xoops\Module\Admin();
$admin_page->addBreadcrumbLink(SystemLocale::CONTROL_PANEL, \XoopsBaseConfig::get('url') . '/admin.php', true);
$admin_page->addBreadcrumbLink(SystemLocale::SERVICES_MANAGER, $system->adminVersion('services', 'adminpath'));
$admin_page->addBreadcrumbLink(XoopsLocale::MAIN);
$admin_page->addTips(SystemLocale::SERVICES_TIPS);
$admin_page->renderBreadcrumb();
$admin_page->renderTips();
$selected_service = '';
if (isset($_GET['service'])) {
$selected_service = strtolower(XoopsFilterInput::clean($_GET['service'], 'WORD'));
}
$xoops->tpl()->assign('selected_service', $selected_service);
$sm = Manager::getInstance();
$filter = 'coreservicelocate';
$eventList = $xoops->events()->getEvents();
$l = strlen($filter);
$filteredList = array();
foreach ($eventList as $k => $v) {
if (strncasecmp($filter, $k, $l) == 0) {
$filteredList[] = strtolower(substr($k, $l));
}
}
$service_list = array();
sort($filteredList);
foreach ($filteredList as $v) {
*/
include __DIR__ . '/mainfile.php';
$xoops = Xoops::getInstance();
$xoops_url = \XoopsBaseConfig::get('url');
$xoops->events()->triggerEvent('core.register.start');
$xoops->loadLanguage('user');
$myts = \Xoops\Core\Text\Sanitizer::getInstance();
$xoopsConfigUser = $xoops->getConfigs();
if (empty($xoopsConfigUser['allow_register'])) {
$xoops->redirect('index.php', 6, XoopsLocale::E_WE_ARE_CLOSED_FOR_REGISTRATION);
}
// from $_POST we use keys: op, uname, email, url, pass, vpass, timezone,
// user_viewemail, user_mailok, agree_disc
$clean_input = XoopsFilterInput::gather('post', array(array('op', 'string', 'register', true), array('uname', 'string', '', true), array('email', 'string', '', true), array('url', 'weburl', '', true), array('pass', 'string', '', true), array('vpass', 'string', '', true), array('timezone', 'string', $xoopsConfig['default_TZ'], false), array('user_viewemail', 'boolean', false, false), array('user_mailok', 'boolean', false, false), array('agree_disc', 'boolean', false, false)));
// from $_GET we use keys: op, id, actkey
$clean_get_input = XoopsFilterInput::gather('get', array(array('op', 'string', 'register', true), array('id', 'int'), array('actkey', 'string', '', true)), 'actkey');
// move clean array to individual variables
$op = $clean_input['op'];
$uname = $clean_input['uname'];
$email = $clean_input['email'];
$url = $clean_input['url'];
$pass = $clean_input['pass'];
$vpass = $clean_input['vpass'];
$timezone = $clean_input['timezone'];
$user_viewemail = $clean_input['user_viewemail'];
$user_mailok = $clean_input['user_mailok'];
$agree_disc = $clean_input['agree_disc'];
// if this is an activation, use get
if ($clean_get_input !== false) {
$op = $clean_get_input['op'];
$id = $clean_get_input['id'];
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
* @copyright XOOPS Project (http://xoops.org)
* @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
* @package include
* @since 2.0.0
* @version $Id$
* @todo Will be refactored
*/
use Xoops\Core\FixedGroups;
$xoops = Xoops::getInstance();
$xoops_url = \XoopsBaseConfig::get('url');
// from $_POST we use keys: uname, pass, rememberme, xoops_redirect
$clean_input = XoopsFilterInput::gather('post', array(array('uname', 'string', '', true), array('pass', 'string', '', true), array('rememberme', 'boolean', 0, false), array('xoops_redirect', 'weburl', '', true)));
$uname = $clean_input['uname'];
$pass = $clean_input['pass'];
if ($uname == '' || $pass == '') {
$xoops->redirect($xoops_url . '/user.php', 1, XoopsLocale::E_INCORRECT_LOGIN);
exit;
}
$member_handler = $xoops->getHandlerMember();
$xoopsAuth = \Xoops\Auth\Factory::getAuthConnection($uname);
$user = $xoopsAuth->authenticate($uname, $pass);
if (false != $user) {
/* @var $user XoopsUser */
if (0 == $user->getVar('level')) {
$xoops->redirect($xoops_url . '/index.php', 5, XoopsLocale::E_SELECTED_USER_DEACTIVATED_OR_NOT_ACTIVE);
exit;
}
* @copyright XOOPS Project (http://xoops.org)
* @license GNU GPL 2 or later (http://www.gnu.org/licenses/gpl-2.0.html)
* @author Richard Griffith <*****@*****.**>
*/
require __DIR__ . '/admin_header.php';
/* --------------------------------------------------------------- */
use Xmf\Debug;
use Xoops\Core\Database\Schema\ExportVisitor;
use Xoops\Core\Database\Schema\ImportSchema;
use Xoops\Core\Database\Schema\RemovePrefixes;
use Xoops\Core\Yaml;
use Doctrine\DBAL\Schema\Schema;
use Doctrine\DBAL\Schema\Comparator;
use Doctrine\DBAL\Schema\Synchronizer\SingleDatabaseSynchronizer;
// from $_POST we use keys: op, mod_dirname
$clean_input = XoopsFilterInput::gather('post', array(array('op', 'string', 'selectmodule', true), array('mod_dirname', 'string', '', true)));
$op = $clean_input['op'];
$mod_dirname = $clean_input['mod_dirname'];
if ($op !== 'showschema' || empty($mod_dirname)) {
$op = 'selectmodule';
}
//echo '<h2>' . _MI_SCHEMATOOL_NAME . '</h2>';
$indexAdmin = new \Xoops\Module\Admin();
$indexAdmin->displayNavigation('schematool.php');
if ($op === 'showschema') {
$helper = $xoops->getModuleHelper($mod_dirname);
$mod_to_use = $helper->getModule();
$mod_to_use->loadInfo($mod_dirname, false);
$mod_ver = $mod_to_use->modinfo;
$table_list = array();
if (isset($mod_ver['tables'])) {
break;
case 'submit':
$ret = array();
$write = false;
$module = empty($_POST['module']) ? array() : $_POST['module'];
foreach ($module as $mid) {
if (isset($newstatus[$mid]) && $newstatus[$mid] == 1) {
if ($oldstatus[$mid] == 0) {
$ret[] = xoops_module_activate($mid);
}
} else {
if ($oldstatus[$mid] == 1) {
$ret[] = xoops_module_deactivate($mid);
}
}
$newname[$mid] = trim(XoopsFilterInput::clean($newname[$mid], 'STRING'));
if ($oldname[$mid] != $newname[$mid]) {
$ret[] = xoops_module_change($mid, $newname[$mid]);
$write = true;
}
}
if ($write) {
// Flush cache files for cpanel GUIs
xoops_load('cpanel', 'system');
XoopsSystemCpanel::flush();
}
//Set active modules in cache folder
xoops_setActiveModules();
// Define main template
$GLOBALS['xoopsOption']['template_main'] = 'system_modules_confirm.tpl';
// Call Header