Example #1
0
    $packages = array();
    if (file_exists("install/package/install/steps.inc.php")) {
        $packages['install'] = array('title' => 'Installation', 'description' => 'Choose this if you want to install a new copy of this software.');
    } else {
        $packages[] = array('title' => 'Installation', 'description' => 'For a fresh installation you need to download the Install-Package for Viscacha ' . VISCACHA_VERSION . '!');
    }
    if (count($old_versions) > 0) {
        foreach ($old_versions as $dir => $old_version) {
            $packages[$dir] = array('title' => 'Update ' . $old_version . ' to ' . VISCACHA_VERSION, 'description' => 'Already running Viscacha? Choose this option to update from ' . $old_version . ' to the new version!');
        }
    } else {
        $packages[] = array('title' => 'Update', 'description' => 'For an update you need to download the Update-Package for Viscacha 0.8 RC7!');
    }
    $package = null;
    if (isset($_REQUEST['package']) && isset($packages[$_REQUEST['package']])) {
        $package = GPC_escape($_REQUEST['package'], GPC_ALNUM);
        $package_data = $packages[$_REQUEST['package']];
    }
    if (!empty($package)) {
        require_once 'install/package/' . $package . '/steps.inc.php';
        if (isset($_REQUEST['step'])) {
            $step = intval($_REQUEST['step']);
            if (!isset($steps[$step])) {
                $step = 1;
            }
        } else {
            $step = 1;
        }
        $nextstep = $step + 1;
    }
}
function GPC_escape($var, $type = GPC_HTML)
{
    global $config, $lang, $db;
    if (is_numeric($var) || empty($var)) {
        // Do nothing to save time
    } elseif (is_array($var)) {
        foreach ($var as $key => $value) {
            $var[$key] = GPC_escape($value);
        }
    } elseif (is_string($var)) {
        $var = str_replace("", '', $var);
        if ($type == GPC_HTML) {
            $var = preg_replace('#(script|about|applet|activex|chrome|mocha):#is', "\\1:", $var);
            $var = str_replace("", '', $var);
            if (version_compare(PHP_VERSION, '5.2.3', '>=')) {
                $var = htmlentities($var, ENT_QUOTES, 'ISO-8859-1', false);
            } else {
                $var = htmlentities($var, ENT_QUOTES, 'ISO-8859-1');
                $var = str_replace('&#', '&#', $var);
            }
        }
        if ($type == GPC_DB && isset($db) && is_object($db)) {
            $var = $db->escape_string($var);
        } elseif ($type != GPC_ALNUM) {
            $var = addslashes($var);
        }
        if ($type == GPC_ALNUM) {
            $var = preg_replace("~[^a-z0-9_\\-]+~i", '', $var);
        }
    }
    return $var;
}
function GPC_escape($var)
{
    global $config, $lang;
    if (is_numeric($var) || empty($var)) {
        // Do nothing to save time
    } elseif (is_array($var)) {
        foreach ($var as $key => $value) {
            $var[$key] = GPC_escape($value);
        }
    } elseif (is_string($var)) {
        $var = preg_replace('#(script|about|applet|activex|chrome|mocha):#is', "\\1:", $var);
        $var = str_replace("", '', $var);
        if (version_compare(PHP_VERSION, '5.2.3', '>=')) {
            $var = htmlentities($var, ENT_QUOTES, 'ISO-8859-1', false);
        } else {
            $var = htmlentities($var, ENT_QUOTES, 'ISO-8859-1');
            $var = str_replace('&#', '&#', $var);
        }
        $var = addslashes($var);
    }
    return $var;
}
Example #4
0
     $_REQUEST['name'] = GPC_escape($_REQUEST['name']);
 }
 if (!isset($_REQUEST['pw'])) {
     $_REQUEST['pw'] = '';
 } else {
     $_REQUEST['pw'] = GPC_escape($_REQUEST['pw']);
 }
 if (!isset($_REQUEST['email'])) {
     $_REQUEST['email'] = '';
 } else {
     $_REQUEST['email'] = GPC_escape($_REQUEST['email'], GPC_DB);
 }
 if (!isset($_REQUEST['pwx'])) {
     $_REQUEST['pwx'] = '';
 } else {
     $_REQUEST['pwx'] = GPC_escape($_REQUEST['pwx']);
 }
 if (strlen($_REQUEST['name']) > 50) {
     $error[] = 'Name is too long (max. 50 chars)';
 }
 if (strlen($_REQUEST['name']) < 3) {
     $error[] = 'Name is too short (min. 3 chars)';
 }
 if (strlen($_REQUEST['pw']) > 64) {
     $error[] = 'Password is too long (max. 64 chars)';
 }
 if (strlen($_REQUEST['pw']) < 4) {
     $error[] = 'Passwort is too short (min. 4 chars)';
 }
 if (strlen($_REQUEST['email']) > 200) {
     $error[] = 'Email address is too long (max. 200 chars)';
Example #5
0
 }
 if (isset($_REQUEST['database'])) {
     $config['database'] = $_REQUEST['database'];
 }
 if (isset($_REQUEST['pconnect']) && isset($_REQUEST['dbsystem']) && $_REQUEST['dbsystem'] == 'mysql') {
     $config['pconnect'] = $_REQUEST['pconnect'];
 } else {
     $config['pconnect'] = 0;
 }
 if (isset($_REQUEST['dbprefix'])) {
     $config['dbprefix'] = $_REQUEST['dbprefix'];
 } else {
     $config['dbprefix'] = '';
 }
 if (isset($_REQUEST['dbsystem'])) {
     $config['dbsystem'] = GPC_escape($_REQUEST['dbsystem'], GPC_ALNUM);
 } else {
     $config['dbsystem'] = 'mysql';
 }
 $c = new manageconfig();
 $c->getdata('data/config.inc.php');
 $c->updateconfig('host', str);
 $c->updateconfig('dbuser', str);
 $c->updateconfig('dbpw', str);
 $c->updateconfig('database', str);
 $c->updateconfig('pconnect', int);
 $c->updateconfig('dbprefix', str);
 $c->updateconfig('dbsystem', str);
 $c->savedata();
 $errlog = 'data/errlog_' . $config['dbsystem'] . '.inc.php';
 if (!file_exists($errlog)) {
 function updateconfig($key, $type = str, $val = null)
 {
     if (is_array($key)) {
         $key = array_map('trim', $key);
         $group = $key[0];
         $key = $key[1];
     } else {
         $key = trim($key);
     }
     if ($val == null) {
         if (isset($_REQUEST[$key])) {
             if ($type == int) {
                 $val = intval($_REQUEST[$key]);
             } elseif ($type == html_enc) {
                 $val = GPC_escape($_REQUEST[$key]);
             } else {
                 $val = $_REQUEST[$key];
             }
         } else {
             if ($type == str || $type == html_enc) {
                 $val = '';
             } elseif ($type == int) {
                 $val = 0;
             }
         }
     } else {
         if ($type == int) {
             $val = intval($val);
         } elseif ($type == html_enc) {
             $val = GPC_escape($val);
         }
     }
     if (isset($group)) {
         $this->opt[$group][$key] = $type;
         $this->data[$group][$key] = $val;
     } else {
         $this->opt[$key] = $type;
         $this->data[$key] = $val;
     }
 }