/** 
  * Vote action (Vote a post action)
  *
  * @throws \Modules\Core\Exceptions\HTTPException
  * @return int Votes after the vote
  */
 public function vote()
 {
     //Check if user is authorized
     \Modules\Core\Library\Authorize::isAuthorized();
     $post = new Posts();
     $vote = new Votes();
     $filter = new Filter();
     $filter->add('vote', function ($value) {
         if ($value > 0) {
             return 1;
         }
         if ($value < 0) {
             return -1;
         }
         return 0;
     });
     $params = array('id' => $this->getDI()->get('requestBody')->id, 'uid' => \Modules\Core\Library\Authorize::getUid(), 'vote' => $filter->sanitize((int) $this->getDI()->get('requestBody')->vote, 'vote'));
     $userVote = Votes::find("id = 0x" . $params['id'] . " AND uid = 0x" . $params['uid']);
     $oldVote = 0;
     if (isset($userVote->getFirst()->vote)) {
         $oldVote = $userVote->getFirst()->vote;
     }
     if ((int) $oldVote == (int) $params['vote']) {
         $params['vote'] = 0;
     }
     $vote->save($params);
     return $post->getVotes($this->getDI()->get('requestBody')->id);
 }
Ejemplo n.º 2
0
 private function getUserSessionData()
 {
     $filter = new Filter();
     $user = $this->cookies->get('user');
     $keyValue = $filter->sanitize($user->getValue(), 'string');
     return sessions::findFirst(array(array('key' => (string) $keyValue)));
 }
Ejemplo n.º 3
0
 /**
  * Add a filter to the element
  *
  * @param  string|\Engine\Filter\FilterInterface|array
  * @return \Engine\Crud\Tools\Filters
  */
 public function addFilter($filter)
 {
     if ($filter instanceof FilterInterface) {
         $parts = explode("\\", get_class($filter));
         $origName = strtolower(end($parts));
         $this->_filter->add($origName, $filter);
     } elseif (is_array($filter)) {
         $origName = strtolower($filter['filter']);
         if ($class = $this->getFilterClassName($origName)) {
             if (empty($filter['options'])) {
                 $filter = new $class();
             } else {
                 $r = new \ReflectionClass($class);
                 if ($r->hasMethod('__construct')) {
                     $filter = $r->newInstanceArgs((array) $filter['options']);
                 } else {
                     $filter = $r->newInstance();
                 }
             }
             $this->_filter->add($origName, $filter);
         }
     } elseif (is_string($filter)) {
         $origName = strtolower($filter);
         if ($class = $this->getFilterClassName($origName)) {
             $filter = new $class();
             $this->_filter->add($origName, $filter);
         }
     } else {
         throw new \Engine\Exception("Invalid filter passed to addFilter");
     }
     $this->_sanitize[] = $origName;
     return $this;
 }
Ejemplo n.º 4
0
 public function colourSquare($name)
 {
     $filter = new Filter();
     $name = strtolower($filter->sanitize($name, "alphanum"));
     $colour = new Colour();
     return '<div class="colour-square" style="background-color: ' . $colour->selectColour($name) . ';"></div>';
 }
Ejemplo n.º 5
0
 public function generateUrl($string, $id, $tipo)
 {
     $filter = new Filter();
     $url = $filter->sanitize($string, "lower");
     $url = $this->sanitizeString($string);
     $url = str_replace(' ', '-', $url);
     return $this->url_base . $tipo . '/' . $url . '/' . $id;
 }
Ejemplo n.º 6
0
 /**
  * @param Filter $filter
  */
 public static function install($filter)
 {
     foreach (get_class_methods(get_called_class()) as $method) {
         if ($method != __METHOD__) {
             $filter->add(Text::uncamelize($method), function ($value) use($method) {
                 return call_user_func([get_called_class(), $method], $value);
             });
         }
     }
 }
Ejemplo n.º 7
0
 public function testSignInAction()
 {
     //首先验证captcha
     $this->security->checkToken();
     $this->service->captcha()->check($captcha);
     //验证用户信息,并过滤数据
     $filter = new Filter();
     $user = $filter->sanitize($this->request->getPost('user'), 'email');
     $password = $this->request->getPost('password', 'trim');
     $result = $this->service->user()->signIn($user, $password);
     $result == true ? $this->response->setJsonContent('100', '登录成功') : $this->response->setJsonContent('101', '用户或密码错误');
 }
 /** 
  * Signin action (Login), data came from HTTP Body as JSON
  *
  * @throws \Modules\Core\Exceptions\HTTPException
  * @return array(Access token) This will be converted to JSON format 
  */
 public function login()
 {
     $this->validateRequireFields(array('username', 'password'));
     $isUsernameEmail = true;
     if (filter_var($this->getDI()->get('requestBody')->username, FILTER_VALIDATE_EMAIL) === false) {
         $isUsernameEmail = false;
     }
     $filter = new Filter();
     $params = array('username' => $filter->sanitize($this->getDI()->get('requestBody')->username, $isUsernameEmail ? 'email' : 'string'), 'password' => $this->security->hash($this->getDI()->get('requestBody')->password));
     $user = new Users();
     $users = Users::find("username = '******'username'] . "'");
     if ($users->count() <= 0) {
         $msg = 'User not found';
         throw new \Modules\Core\Exceptions\HTTPException($msg, 404);
     }
     if ($this->security->checkHash($params['password'], $users->getFirst()->password)) {
         $msg = 'Wrong credentials to login';
         throw new \Modules\Core\Exceptions\HTTPException($msg, 403);
     }
     return array('access_token' => \Modules\Core\Library\Authorize::createToken($users->getFirst()));
 }
Ejemplo n.º 9
0
 public function testSanitizeArrayMultipleFilters()
 {
     $filter = new PhFilter();
     $expected = array('1', '2', '3');
     $actual = $filter->sanitize(array(' <a href="a">1</a> ', '  <h1>2</h1>', '<p>3</p>  '), array('trim', 'striptags'));
     $this->assertEquals($expected, $actual, 'Filter an array with multiples filters is not correct');
 }
Ejemplo n.º 10
0
 /**
  * Tests Email
  *
  * @dataProvider providerSanitizeEmail
  * @author Nikos Dimopoulos <*****@*****.**>
  * @since  2012-11-30
  */
 public function testSanitizeEmail($source, $expected)
 {
     $filter = new \Phalcon\Filter();
     $reference = filter_var(str_replace("'", '', $source), FILTER_SANITIZE_EMAIL);
     $actual = $filter->sanitize($source, 'email');
     $this->assertEquals($reference, $actual, 'Actual and reference values do not match');
     $this->assertEquals($expected, $actual, 'Email is not correct');
 }
Ejemplo n.º 11
0
 /**
  * @param null $fileid unique template id (fileid field)
  * @return mixed
  * @throws \Exception
  */
 public function getTemplateAction($fileid = null)
 {
     // get template name
     $paramfilter = new Filter();
     if ($fileid != null) {
         $templateFileId = $paramfilter->sanitize($fileid, 'alphanum');
     } else {
         $templateFileId = 'default';
     }
     // request template data and output result (zipfile)
     $backend = new Backend();
     $response = $backend->configdpRun("captiveportal fetch_template", array($templateFileId));
     $result = json_decode($response, true);
     if ($result != null) {
         $response = $result['payload'];
         $this->response->setContentType('application/octet-stream', 'UTF-8');
         $this->response->setHeader('Content-Disposition:', "Attachment; filename=\"template_" . $templateFileId . ".zip\"");
         $this->response->setHeader('Content-Type:', 'application/zip');
         return base64_decode($response);
     } else {
         // return empty response on error
         return "";
     }
 }
Ejemplo n.º 12
0
 /**
  * Check package dependencies.
  *
  * @param Config $manifest Package manifest.
  *
  * @throws PackageException
  * @return void
  */
 private function _checkDependencies($manifest)
 {
     // Check dependencies.
     if (!$manifest->get('dependencies')) {
         return;
     }
     $filter = new PhalconFilter();
     $missingDependencies = [];
     $wrongVersionDependencies = [];
     $dependencies = $manifest->get('dependencies');
     foreach ($dependencies as $dependency) {
         if (!isset($this->_packagesVersions[$dependency['type']][$dependency['name']])) {
             $missingDependencies[] = $dependency;
             continue;
         }
         $installedVersion = $filter->sanitize($this->_packagesVersions[$dependency['type']][$dependency['name']], 'int');
         $packageDependecyVersion = $filter->sanitize($dependency['version'], 'int');
         if ($installedVersion < $packageDependecyVersion) {
             $wrongVersionDependencies[] = $dependency;
         }
     }
     if (!empty($missingDependencies)) {
         $msg = 'This package requires the presence of the following modules:<br/>';
         foreach ($missingDependencies as $dependency) {
             $msg .= sprintf('- %s "%s" (v.%s)<br/>', $dependency['type'], $dependency['name'], $dependency['version']);
         }
         throw new PackageException($msg);
     }
     if (!empty($wrongVersionDependencies)) {
         $msg = 'To install this package you need update:<br/>';
         foreach ($wrongVersionDependencies as $dependency) {
             $msg .= sprintf('- %s "%s" up to: v.%s. Current version: v.%s <br/>', $dependency['type'], $dependency['name'], $dependency['version'], $this->_packagesVersions[$dependency['type']][$dependency['name']]);
         }
         throw new PackageException($msg);
     }
 }
Ejemplo n.º 13
0
 /**
  * Returns the value of an parameter received.
  *
  * @param string     $name    Option name.
  * @param null|array $filter  Filters array.
  * @param null|mixed $default Default value if option doesn't exists.
  *
  * @return mixed
  */
 public function getParameter($name, $filter = null, $default = null)
 {
     if (!isset($this->_parameters[$name])) {
         return $default;
     }
     if ($filter) {
         $filterObject = new Filter();
         return $filterObject->sanitize($this->_parameters[$name], $filter);
     }
     return $this->_parameters[$name];
 }
Ejemplo n.º 14
0
 public function getFilters()
 {
     return parent::getFilters();
 }
Ejemplo n.º 15
0
 /**
  * Filters a value
  *
  * @param $paramValue
  * @param $filters
  *
  * @return mixed
  */
 protected function filter($paramValue, $filters)
 {
     $filter = new Filter();
     return $filter->sanitize($paramValue, $filters);
 }
Ejemplo n.º 16
0
<?php

use Phalcon\Filter;
$filter = new Filter();
/*
 *  Users Filters
 */
$filter->add('login', function ($value) {
    return preg_replace('/[^0-9a-fA-Z]/', '', $value);
});
// 8 chars min, any type, any order
$filter->add('pwd', function ($value) {
    return preg_replace('/([a-zA-Z0-9.*!?_-]){8,}\\w+/', '', $value);
});
$filter->add('email', function ($value) {
    return preg_replace('/[^0-9a-f]/', '', $value);
});
$filter->add('phone', function ($value) {
    return preg_replace('/[^0-9a-f]/', '', $value);
});
$filter->add('team', function ($value) {
    return preg_replace('/[^0-9a-f]/', '', $value);
});
Ejemplo n.º 17
0
echo $t->_("workingtime");
?>
</th>
	<th><?php 
echo $t->_("overtime");
?>
</th>
                <th><?php 
echo $t->_("location");
?>
</th>
    </tr>
  </thead>
  <tbody style="display: none;">
  <?php 
$filter = new Filter();
foreach ($attlist as $result) {
    //print_r($result);exit;
    ?>
    <tr>
	<td><?php 
    echo $result->attendances->att_date;
    ?>
</td>
	<td><?php 
    echo $filter->sanitize($result->core->member_login_name, "string");
    ?>
</td>
<!--        check in time-->
	<td><?php 
    $checkintime = $result->attendances->checkin_time;
Ejemplo n.º 18
0
 /**
  * search installed ids rules
  * @return array
  */
 public function searchInstalledRulesAction()
 {
     if ($this->request->isPost()) {
         $this->sessionClose();
         // create filter to sanitize input data
         $filter = new Filter();
         $filter->add('query', new QueryFilter());
         // fetch query parameters
         $itemsPerPage = $this->request->getPost('rowCount', 'int', 9999);
         $currentPage = $this->request->getPost('current', 'int', 1);
         if ($this->request->hasPost('sort') && is_array($this->request->getPost("sort"))) {
             $sortStr = '';
             $sortBy = array_keys($this->request->getPost("sort"));
             if ($this->request->getPost("sort")[$sortBy[0]] == "desc") {
                 $sortOrd = 'desc';
             } else {
                 $sortOrd = 'asc';
             }
             foreach ($sortBy as $sortKey) {
                 if ($sortStr != '') {
                     $sortStr .= ',';
                 }
                 $sortStr .= $filter->sanitize($sortKey, "query") . ' ' . $sortOrd . ' ';
             }
         } else {
             $sortStr = 'sid';
         }
         if ($this->request->getPost('searchPhrase', 'string', '') != "") {
             $searchTag = $filter->sanitize($this->request->getPost('searchPhrase'), "query");
             $searchPhrase = 'msg,source,sid/"*' . $searchTag . '"';
         } else {
             $searchPhrase = '';
         }
         // add filter for classtype
         if ($this->request->getPost("classtype", "string", '') != "") {
             $searchTag = $filter->sanitize($this->request->getPost('classtype'), "query");
             $searchPhrase .= " classtype/" . $searchTag . ' ';
         }
         // request list of installed rules
         $backend = new Backend();
         $response = $backend->configdpRun("ids query rules", array($itemsPerPage, ($currentPage - 1) * $itemsPerPage, $searchPhrase, $sortStr));
         $data = json_decode($response, true);
         if ($data != null && array_key_exists("rows", $data)) {
             $result = array();
             $result['rows'] = $data['rows'];
             // update rule status with own administration
             foreach ($result['rows'] as &$row) {
                 $row['enabled_default'] = $row['enabled'];
                 $row['enabled'] = $this->getModel()->getRuleStatus($row['sid'], $row['enabled']);
             }
             $result['rowCount'] = count($result['rows']);
             $result['total'] = $data['total_rows'];
             $result['parameters'] = $data['parameters'];
             $result['current'] = (int) $currentPage;
             return $result;
         } else {
             return array();
         }
     } else {
         return array();
     }
 }
Ejemplo n.º 19
0
$di->setShared('auth', function () {
    return new AuthComponent();
});
$di->setShared('security', function () {
    return new Security();
});
$di->setShared('cookies', function () {
    $cookies = new Cookies();
    $cookies->useEncryption(false);
    return $cookies;
});
$di->setShared('activation', function () {
    return new ActivationComponent();
});
$di->setShared('filter', function () {
    $filter = new Filter();
    $filter->add('hash', function ($value) {
        var_dump(password_hash($value, PASSWORD_BCRYPT));
        die;
        return password_hash($value, PASSWORD_BCRYPT);
    });
    return $filter;
});
$di->setShared('translate', function () use($di) {
    $cookies = $di->get('cookies');
    $language = $cookies->has('language') ? $cookies->get('language') : 'en';
    $file = APP_DIR . '/messages/' . $language . '.php';
    //Check if we have a translation file for that lang
    if (file_exists($file)) {
        require_once $file;
    } else {
Ejemplo n.º 20
0
 /**
  * fetch alert detailed info
  * @param $alertId alert id, position in log file
  * @return array alert info
  */
 public function getAlertInfoAction($alertId)
 {
     $backend = new Backend();
     $filter = new Filter();
     $id = $filter->sanitize($alertId, "int");
     $response = $backend->configdpRun("ids query alerts", array(1, 0, "filepos/" . $id));
     $result = json_decode($response, true);
     if ($result != null && count($result['rows']) > 0) {
         return $result['rows'][0];
     } else {
         return array();
     }
 }
Ejemplo n.º 21
0
</center></th>
                        <th><center><?php 
echo $t->_("ssc_emp");
?>
</center></th>
                        <th><center><?php 
echo $t->_("total");
?>
</center></th>
                        <th width="30px"></th>
                    </tr>

                </thead>
                <tbody>
                    <?php 
$filter = new Filter();
$month = $this->request->get('month');
$year = $this->request->get('year');
$i = 1;
$totalresult = "";
echo '<form id ="frm1">';
foreach ($getsalarylists as $getsalarylist) {
    ?>
                        <tr>
                            <td><input type="checkbox" class='case' name='chk[]' value="<?php 
    echo $getsalarylist['member_id'];
    ?>
" ></td>
                            <td><?php 
    echo $filter->sanitize($getsalarylist['full_name'], "string");
    ?>