/** * reminder post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Reminder * @author Henry Ruhs */ function reminder_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') { $email = clean($_POST['email'], 3); $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ if ($email == '') { $error = l('email_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) { $error = l('email_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) { $error = l('captcha_incorrect'); } else { if (retrieve('id', 'users', 'email', $email) == '') { $error = l('email_unknown'); } else { /* query users */ $query = 'SELECT id, user, password FROM ' . PREFIX . 'users WHERE email = \'' . $email . '\' && status = 1'; $result = mysql_query($query); if ($result) { while ($r = mysql_fetch_assoc($result)) { if ($r) { foreach ($r as $key => $value) { ${$key} = stripslashes($value); } } /* send reminder information */ $passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . $password; $passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute); $toArray = array(s('author') => s('email')); $fromArray = array($name => $email); $subject = l('reminder'); $bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink); /* mailer object */ $mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'reminder'); } else { notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login'); } $_SESSION[ROOT . '/reminder'] = ''; }
/** * Return checkbox link * * @access public * @param string $link * @param boolean $checked * @param string $hint * @return string */ function checkbox_link($link, $checked = false, $hint = null) { $title_attribute = is_null($hint) ? '' : 'title="' . clean($hint) . '"'; $icon_url = $checked ? icon_url('checked.jpg') : icon_url('not-checked.jpg'); return "<a class=\"internalLink\" href=\"{$link}\" {$title_attribute}><img src=\"{$icon_url}\" alt=\"\" /></a>"; //return "<a class=\"checkboxLink\" href=\"$link\" $title_attribute onclick=\"og.openLink(this.href);\"><img src=\"$icon_url\" alt=\"\" /></a>"; }
function clean($str = '', $html = false) { if (empty($str)) { return; } if (is_array($str)) { foreach ($str as $key => $value) { $str[$key] = clean($value, $html); } } else { if (get_magic_quotes_gpc()) { $str = stripslashes($str); } if (is_array($html)) { $str = strip_tags($str, implode('', $html)); } elseif (preg_match('|<([a-z]+)>|i', $html)) { $str = strip_tags($str, $html); } elseif ($html !== true) { $str = strip_tags($str); } $str = trim($str); $str = str_replace(".", "", $str); $str = str_replace("/", "", $str); } return $str; }
/** * Display user name with a link to users profile * * - user - User - We create link for this User * - short - boolean - Use short display name * * @param array $params * @param Smarty $smarty * @return string */ function smarty_function_user_link($params, &$smarty) { static $cache = array(); $user = array_var($params, 'user'); $short = array_var($params, 'short', false); // User instance if (instance_of($user, 'User')) { if (!isset($cache[$user->getId()])) { //BOF:mod 20121030 /* //EOF:mod 20121030 $cache[$user->getId()] = '<a href="' . $user->getViewUrl() . '" class="user_link">' . clean($user->getDisplayName($short)) . '</a>'; //BOF:mod 20121030 */ $cache[$user->getId()] = '<a href="' . $user->getViewUrl() . '" class="user_link">' . clean($user->getDisplayName()) . '</a>'; //EOF:mod 20121030 } // if return $cache[$user->getId()]; // AnonymousUser instance } elseif (instance_of($user, 'AnonymousUser') && trim($user->getName()) && is_valid_email($user->getEmail())) { return '<a href="mailto:' . $user->getEmail() . '" class="anonymous_user_link">' . clean($user->getName()) . '</a>'; // Unknown user } else { return '<span class="unknow_user_link unknown_object_link">' . clean(lang('Unknown user')) . '</span>'; } // if }
/** * Returns the searched words placed in a context, already cleaned and formatted in HTML * * @param $content The content where the words were found * @param $search_for The searched words * @return String */ function getContext($content, $search_for) { $context = ''; $context_length = 80; $content_lc = strtolower($content); $search_for_lc = strtolower($search_for); $pos = strpos($content_lc, $search_for_lc); if ($pos !== false) { $beginning = substr($content, 0, $pos); //Get the beginning of the context if (strlen($beginning) > $context_length) { $short_beginning = substr($beginning, strlen($beginning) - $context_length); // Shorten the part $beginning = '…' . clean(substr($short_beginning, strpos($short_beginning, ' ') + 1)); // Do not cut words in half } else { $beginning = clean($beginning); } // Get the word searched for $middle = clean(substr($content, $pos, strlen($search_for))); //Get the end part of the context $ending = substr($content, $pos + strlen($search_for)); if (strlen($ending) > $context_length) { $short_ending = substr($ending, 0, $context_length); $ending = clean(substr($short_ending, 0, strrpos($short_ending, ' '))) . '…'; } else { $ending = clean($ending); } //Form the sentence $context = $beginning . '<b>' . $middle . '</b>' . $ending; } return $context; }
function post($nickname, $message) { global $prefs; if ($this->banned(ip())) { return false; } if (!$this->validate($message, $prefs['messageLength'])) { return false; } if (!$this->validate($nickname, $prefs['nicknameLength'])) { return false; } $message = trim(clean($message)); $nickname = trim(clean($nickname)); if ($message == '') { return false; } if ($nickname == '') { return false; } $timestamp = ts(); $message = $this->censor($message); $nickname = $this->censor($nickname); $post = array('nickname' => $nickname, 'message' => $message, 'timestamp' => $timestamp, 'admin' => $this->admin, 'uid' => md5($timestamp . ' ' . $nickname), 'adminInfo' => array('ip' => ip())); $s = $this->storage->open(true); $s['posts'][] = $post; if (sizeof($s['posts']) > $prefs['history']) { $this->truncate($s['posts']); } $s['info']['latestTimestamp'] = $post['timestamp']; $this->storage->close($s); $this->postProcess($post); return $post; }
function post($POST) { foreach ($POST as $key => $value) { $post2[$key] = clean($value); } return $post2; }
/** * This function will return clean variable info * * @param mixed $var * @param string $indent Indent is used when dumping arrays recursivly * @param string $indent_close_bracet Indent close bracket param is used * internally for array output. It is shorter that var indent for 2 spaces * @return null */ function clean_var_info($var, $indent = ' ', $indent_close_bracet = '') { if (is_object($var)) { return 'Object (class: ' . get_class($var) . ')'; } elseif (is_resource($var)) { return 'Resource (type: ' . get_resource_type($var) . ')'; } elseif (is_array($var)) { $result = 'Array ('; if (count($var)) { foreach ($var as $k => $v) { $k_for_display = is_integer($k) ? $k : "'" . clean($k) . "'"; $result .= "\n" . $indent . '[' . $k_for_display . '] => ' . clean_var_info($v, $indent . ' ', $indent_close_bracet . $indent); } // foreach } // if return $result . "\n{$indent_close_bracet})"; } elseif (is_int($var)) { return '(int)' . $var; } elseif (is_float($var)) { return '(float)' . $var; } elseif (is_bool($var)) { return $var ? 'true' : 'false'; } elseif (is_null($var)) { return 'NULL'; } else { return "(string) '" . clean($var) . "'"; } // if }
public function CREATE($PARAM, $MODENEWS) { $this->AR['LOG']->LSET("NEWSClass: CREATE(..., " . $MODENEWS . ")"); $FULL = clean($this->AR, $PARAM['FULL'], "I"); // Id for full news $CAT = clean($this->AR, $PARAM['CAT'], "I"); // All news by cat id $CUR_PAGE = clean($this->AR, $PARAM['PAGE'], "I"); // Текущая страница if ($MODENEWS == 0) { // Index template $this->TPLm = $this->AR['TPL']->TPLF['NEWS']; preg_match("/\\[_ifindex\\](.*?)\\[_ifindex\\]/s", $this->TPLm, $CUT_INDEX); $this->TPLm = preg_replace("/\\[_ifnews\\].*?\\[_ifnews\\]/s", $CUT_INDEX[1], $this->TPLm); } if ($MODENEWS == 1) { // Admin template for allnews out $this->TPLm = $this->AR['TPL']->TPLF['NEWS']; preg_match("/\\[_ifadmin\\](.*?)\\[_ifadmin\\]/s", $this->TPLm, $CUT_INDEX); $this->TPLm = preg_replace("/\\[_ifnews\\].*?\\[_ifnews\\]/s", $CUT_INDEX[1], $this->TPLm); } $STNEWS = $this->paginationcomposer($FULL, $CAT, $CUR_PAGE); $NWSRAW = API_NEWS_GET($this->AR, $FULL, $CAT, $STNEWS, $this->CONF['NEWS_PERPAGE']); if ($NWSRAW) { while ($R_NEWS = $this->AR['DB']->FETCHARRAY($NWSRAW)) { $this->ONEWS .= $this->composenws($R_NEWS, $FULL, $CAT); } } else { // Новостей нет $this->AR['MSG']->SHOW($this->AR['LNG']->LP['w_nonews'], "W"); } }
private function navLabel($node) { $nodetype = $node->has('nodetype_name') ? $node->get('nodetype_name') : $node->getNodetype()->displayField(); $icon = $node->has('nodetype_icon') ? $node->get('nodetype_icon') : $node->getNodetype()->getIcon(); $label = '<span class="badge-icon" title="' . esc($nodetype) . '"><i class="' . $icon . '"></i></span>'; return $label . ' <span class="title">' . clean($node->getTitle()) . '</span>'; }
/** * Render object tags * * Parameters: * * - object - Selected object * - project - Selected project, if not present we'll get it from * $object->getProject() * * @param array $params * @param Smarty $smarty * @return string */ function smarty_function_object_tags($params, &$smarty) { $object = array_var($params, 'object'); if (!instance_of($object, 'ProjectObject')) { return new InvalidParamError('object', $object, '$object is expected to be an instance of ProjectObject class', true); } // if $project = array_var($params, 'project'); if (!instance_of($project, 'Project')) { $project = $object->getProject(); } // if if (!instance_of($project, 'Project')) { return new InvalidParamError('project', $project, '$project is expected to be an instance of Project class', true); } // if $tags = $object->getTags(); if (is_foreachable($tags)) { $prepared = array(); foreach ($tags as $tag) { if (trim($tag)) { $prepared[] = '<a href="' . Tags::getTagUrl($tag, $project) . '">' . clean($tag) . '</a>'; } // if } // if return implode(', ', $prepared); } else { return '<span class="no_tags">' . lang('-- No tags --') . '</span>'; } // if }
/** * @param int $id * @param String $username * @param String $email */ function __construct($id, $username, $email, $con) { global $table_prefix; $this->id = $id; $this->username = $username; $this->email = $email; if ($this->id > 0) { $result = mysql_query("SELECT * FROM {$table_prefix}users WHERE ID={$this->id} LIMIT 1", $con); $row = mysql_fetch_array($result); if ($row["ID"] > 0) { $this->posts = intval($row["Posts"]); $this->moderate = unserialize($row["Moderate"]); if (!is_array($this->moderate)) { $this->moderate = array(); } $this->unreadPosts = unserialize($row["Unread"]); if (!is_array($this->unreadPosts)) { $this->unreadPosts = array(); } $this->watching = unserialize($row["Watching"]); if (!is_array($this->watching)) { $this->watching = array(); } $this->privacy = $row["Privacy"]; $this->signature = clean(str_replace("\\r\\n", "", $row["Signature"])); } $this->save($con); } }
function bugInfo($argv) { global $BUG_OBJECT; global $USER_OBJECT; $argc = sizeof($argv[1]); if ($argc >= 1) { $BUG_OBJECT->getAllByPK(clean($argv[1])); $bug = $BUG_OBJECT->getNext(); if (isset($bug['bID'])) { $USER_OBJECT->getAllByPK($bug['reporter']); $reporter = $USER_OBJECT->getNext(); $USER_OBJECT->getAllByPK($bug['owner']); $owner = $USER_OBJECT->getNext(); echo "Title: " . $bug['title'] . "\n"; echo "This bug was reported by " . $reporter['real_name'] . " ( " . $reporter['username'] . " )\n"; if (isset($owner['uID'])) { echo $owner['real_name'] . " is working on this\n"; } else { echo "This bug has no owner\n"; } } else { echo "Whoh there champ. That's not a real bug!"; } } else { echo "Read the man page!"; } }
public function setup($db) { mb_internal_encoding('UTF-8'); mb_http_output('UTF-8'); mb_http_input('UTF-8'); foreach ($this->tables as $what) { $this->format($what); } $mysql = $db->get_mysql(); echo '<pre>'; echo '<h2>luontikäskyt</h2>'; mysqli_query($mysql->connection(), "SET NAMES 'utf8'") or die(mysqli_error($mysql->connection())); foreach ($this->tables as $value) { $table = $mysql->etuliite . $value; $query = "CREATE TABLE IF NOT EXISTS " . "\n" . $table . "( id INT NOT NULL AUTO_INCREMENT, PRIMARY KEY (id)" . "\n"; foreach ($this->{$value} as $key => $value) { $query .= ", "; if (strpos($key, '_id') !== false) { $query .= clean($key) . " INT" . "\n"; } else { $query .= clean($key) . " VARCHAR(" . $value . ")" . "\n"; } } $query .= ", aika timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP" . "\n"; $query .= " )"; echo $query . "\n" . "\n"; mysqli_query($mysql->connection(), $query) or die(mysqli_error($mysql->connection())); } echo '</pre>'; }
function log_truncate() { global $COLLATE; global $dbo; include "include/validation_functions.php"; if (isset($_GET['action'])) { $action = clean($_GET['action']); } else { $action = "show warning"; } if ($action != "truncate") { // Show confirmation form require_once './include/header.php'; echo $COLLATE['languages']['selected']['confirmtruncate'] . " \n" . "<br /><br /><a href=\"logs.php?op=truncate&action=truncate\">" . "<img src=\"./images/apply.gif\" alt=\"" . $COLLATE['languages']['selected']['altconfirm'] . "\" /></a> <a href=\"logs.php\">" . "<img src=\"./images/cancel.gif\" alt=\"" . $COLLATE['languages']['selected']['altcancel'] . "\" /></a>"; require_once './include/footer.php'; exit; } // They've confirmed they want to truncate the logs. $sql = "SELECT MAX(id) FROM logs"; $result = $dbo->query($sql); $maxid = $result->fetchColumn(); $id = $maxid - 500; $sql = "DELETE FROM logs WHERE id<'{$id}'"; $dbo->query($sql); $level = "5"; $message = "LOGS TRUNCATED"; collate_log($level, $message); $notice = "truncatesuccess-notice"; header("Location: logs.php?notice={$notice}"); exit; }
/** * Render object assignees list * * @param array $params * @param Smarty $smarty * @return string */ function smarty_function_mobile_access_object_assignees($params, &$smarty) { $object = array_var($params, 'object'); if (!instance_of($object, 'ProjectObject')) { return new InvalidParamError('object', $object, '$object is expected to be an instance of ProjectObject class', true); } // if $owner = $object->getResponsibleAssignee(); if (!instance_of($owner, 'User')) { Assignments::deleteByObject($object); return lang('No one is responsible'); } // if require_once SYSTEM_MODULE_PATH . '/helpers/function.user_link.php'; $other_assignees = array(); $assignees = $object->getAssignees(); if (is_foreachable($assignees)) { foreach ($assignees as $assignee) { if ($assignee->getId() != $owner->getId()) { $other_assignees[] = '<a href="' . mobile_access_module_get_view_url($assignee) . '">' . clean($assignee->getName()) . '</a>'; } // if } // foreach } // if if (count($other_assignees)) { return '<a href="' . mobile_access_module_get_view_url($owner) . '">' . clean($owner->getName()) . '</a> ' . lang('is responsible') . '. ' . lang('Other assignees') . ': ' . implode(', ', $other_assignees); } else { return '<a href="' . mobile_access_module_get_view_url($owner) . '">' . clean($owner->getName()) . '</a> ' . lang('is responsible') . '.'; } // if }
function render($region = "") { $out = ""; if ($region == "script") { $out .= "var Light = function( threephp ){\n"; $out .= "\tvar light;\n"; $out .= "\tthis.light = new THREE.DirectionalLight( threephp.color, 1 );\n"; $out .= "\tthis.light.userData = threephp;\n"; $out .= "\tthis.light.name = threephp.name;\n"; $out .= "\tthis.light.position.x = threephp.x;\n"; $out .= "\tthis.light.position.y = threephp.y;\n"; $out .= "\tthis.light.position.z = threephp.z;\n"; if ($this->shadow) { $out .= "\tthis.light.castShadow = true; \n"; $out .= "\tthis.light.shadowMapWidth = threephp.size; \n"; $out .= "\tthis.light.shadowMapHeight = threephp.size; \n"; $out .= "\tthis.light.shadowCameraLeft = 0 - threephp.size; \n"; $out .= "\tthis.light.shadowCameraRight = threephp.size; \n"; $out .= "\tthis.light.shadowCameraTop = threephp.size; \n"; $out .= "\tthis.light.shadowCameraBottom = 0 - threephp.size; \n"; $out .= "\tthis.light.shadowCameraFar = threephp.size; \n"; $out .= "\tthis.light.shadowDarkness = 0.45; \n"; } if ($this->box) { $out .= "\tthis.light.shadowCameraVisible = true; \n"; } $out .= "\treturn this.light; \n"; $out .= "} \n"; } if ($region == "main") { $out .= "scene.add( new Light( " . json_encode(clean($this)) . " ) );\n"; } return $out; }
/** * Open HTML tag * * @access public * @param string $name Tag name * @param array $attributes Array of tag attributes * @param boolean $empty If tag is empty it will be automaticly closed * @return string */ function open_html_tag($name, $attributes = null, $empty = false) { $attribute_string = ''; if (is_array($attributes) && count($attributes)) { $prepared_attributes = array(); foreach ($attributes as $k => $v) { if (trim($k) != '') { if (is_bool($v)) { if ($v) { $prepared_attributes[] = "{$k}=\"{$k}\""; } } else { $prepared_attributes[] = $k . '="' . clean($v) . '"'; } // if } // if } // foreach $attribute_string = implode(' ', $prepared_attributes); } // if $empty_string = $empty ? ' /' : ''; // Close? return "<{$name} {$attribute_string}{$empty_string}>"; // And done... }
/** * Add sidebars to project overview page * * @param array $sidebars * @param Project $project * @param User $user * @return null */ function system_handle_on_project_overview_sidebars(&$sidebars, &$project, &$user) { // only project leader, system administrators and project manages can see last activity $can_see_last_activity = $user->isProjectLeader($project) || $user->isAdministrator() || $user->isProjectManager(); $project_users = $project->getUsers(); if (is_foreachable($project_users)) { $smarty =& Smarty::instance(); require_once SYSTEM_MODULE_PATH . '/helpers/function.user_link.php'; require_once SMARTY_PATH . '/plugins/modifier.ago.php'; $output = ''; $sorted_users = Users::groupByCompany($project_users); foreach ($sorted_users as $sorted_user) { $company = $sorted_user['company']; $users = $sorted_user['users']; if (is_foreachable($users)) { $output .= '<h3><a href="' . $company->getViewUrl() . '">' . clean($company->getName()) . '</a></h3>'; $output .= '<ul class="company_users">'; foreach ($users as $current_user) { $last_seen = ''; if ($can_see_last_activity && $user->getId() != $current_user->getId()) { $last_seen = smarty_modifier_ago($current_user->getLastActivityOn()); } // if $output .= '<li><span class="icon_holder"><img src="' . $current_user->getAvatarUrl() . '" /></span> ' . smarty_function_user_link(array('user' => $current_user), $smarty) . ' ' . $last_seen . '</li>'; } // foreach $output .= '</ul>'; } // if } // foreach $sidebars[] = array('label' => lang('People on This Project'), 'is_important' => false, 'id' => 'project_people', 'body' => $output); } // if }
/** * Render object assignees list * * @param array $params * @param Smarty $smarty * @return string */ function smarty_function_object_owner($params, &$smarty) { $object = array_var($params, 'object'); if (!instance_of($object, 'ProjectObject')) { return new InvalidParamError('object', $object, '$object is expected to be an instance of ProjectObject class', true); } // if $users_table = TABLE_PREFIX . 'users'; $assignments_table = TABLE_PREFIX . 'assignments'; $rows = db_execute_all("SELECT {$assignments_table}.is_owner AS is_assignment_owner, {$users_table}.id AS user_id, {$users_table}.company_id, {$users_table}.first_name, {$users_table}.last_name, {$users_table}.email FROM {$users_table}, {$assignments_table} WHERE {$users_table}.id = {$assignments_table}.user_id AND {$assignments_table}.object_id = ? and {$assignments_table}.is_owner='1' ORDER BY {$assignments_table}.is_owner DESC", $object->getId()); if (is_foreachable($rows)) { $owner = null; foreach ($rows as $row) { if (empty($row['first_name']) && empty($row['last_name'])) { $user_link = '<a href="' . assemble_url('people_company', array('company_id' => $row['company_id'])) . '#user' . $row['user_id'] . '">' . clean($row['email']) . '</a>'; } else { $user_link = '<a href="' . assemble_url('people_company', array('company_id' => $row['company_id'])) . '#user' . $row['user_id'] . '">' . clean($row['first_name']) . '</a>'; } // if $owner .= $user_link . ' '; } // foreach } // if if (empty($owner)) { $owner = '--'; } // if return $owner; }
/** * Render single feed item * * @param Angie_Feed_Item $item * @return string */ private function renderItem(Angie_Feed_Item $item) { $result = "<item>\n"; $result .= '<title>' . clean($item->getTitle()) . "</title>\n"; $link = externalUrl(clean($item->getLink())); $result .= '<link>' . $link . "</link>\n"; //$result .= '<guid>' . $link . "</guid>\n"; if ($description = trim($item->getDescription())) { $description = "empty"; } // if $result .= '<description>' . clean($description) . "</description>\n"; $author = $item->getAuthor(); if ($author instanceof Angie_Feed_Author) { $result .= '<author>' . clean($author->getEmail()) . ' (' . clean($author->getName()) . ")</author>\n"; } // if $timestamp = NULL; $pubdate = $item->getPublicationDate(); if ($pubdate instanceof DateTimeValue) { $result .= '<pubDate>' . $pubdate->toRSS() . "</pubDate>\n"; $timestamp = $pubdate->getTimestamp(); } // if $result .= '<guid>' . $this->buildGuid(clean($item->getLink()), $timestamp) . "</guid>\n"; $result .= '</item>'; return $result; }
function get($v) { if (isset($_GET[$v])) { return clean($_GET[$v]); } return false; }
function main() { global $db; if (isset($_REQUEST['id'])) { $result = $db->Execute("SELECT * FROM `Obsedb_Mods` WHERE `id` = '{$_REQUEST['id']}' LIMIT 1"); while ($row = $result->FetchNextObject()) { do_header(); $header = new Template(); $header->open_template('cheats_header'); $header->addvar('{id}', $row->ID); $header->addvar('{title}', stripslashes($row->TITLE)); $header->parse_template(); $header->print_template(); $cheats = $db->Execute("SELECT id,Modid,title,cheat FROM `Obsedb_cheats` WHERE `Modid` = '{$_REQUEST['id']}' ORDER BY `title`"); while ($cheat = $cheats->FetchNextObject()) { // CHEAT HTML echo "<b>" . clean($cheat->TITLE) . "</b><br />\n \t\t\t " . stripslashes($cheat->CHEAT) . "<br /><br />"; // END CHEAT HTML } do_footer(); } } else { do_header(); echo "<b>System Error Message</b><br />"; echo "You cannot access this page directly, please go back and select a Mod.<br />"; echo "If the problem persists, please contact the webmaster."; do_footer(); } }
/** * Добавить комментарий * @param Request $request * @return $this|\Illuminate\Http\RedirectResponse */ public function create(Request $request, $category_id, $content_id) { //Authenticates if (!$request->user()) { //Пользователь не прошел аутентификацию return redirect()->back()->with('error', 'Необходима авторизация!!!'); } //Проверяем ввод $validator = Validator::make($request->all(), $this->rules, $this->messages); if ($validator->fails()) { //Валидация не пройдена return redirect()->back()->withErrors($validator->errors())->withInput(); } else { //Сохраняем комментарий $comment = new Comment(); $comment->category_id = $category_id; $comment->content_id = $content_id; $comment->active = config('mycomment.active'); $comment->users_id = $request->user()->id; $comment->comment = clean($request->input('comment'), ['HTML.Allowed' => '']); //Очищаем текст от тегов и т.п. $comment->save(); return redirect()->back(); } }
function clean_all($form_vars) { foreach ($form_vars as $key => $value) { $form_vars[$key] = clean($value); } return $form_vars; }
/** * reminder post * * @since 1.2.1 * @deprecated 2.0.0 * * @package Redaxscript * @category Reminder * @author Henry Ruhs */ function reminder_post() { $emailValidator = new Redaxscript\Validator\Email(); $captchaValidator = new Redaxscript\Validator\Captcha(); /* clean post */ if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') { $email = clean($_POST['email'], 3); $task = $_POST['task']; $solution = $_POST['solution']; } /* validate post */ if ($email == '') { $error = l('email_empty'); } else { if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('email_incorrect'); } else { if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) { $error = l('captcha_incorrect'); } else { if (Redaxscript\Db::forTablePrefix('users')->where('email', $email)->findOne()->id == '') { $error = l('email_unknown'); } else { /* query users */ $result = Redaxscript\Db::forTablePrefix('users')->where(array('email' => $email, 'status' => 1))->findArray(); if ($result) { foreach ($result as $r) { if ($r) { foreach ($r as $key => $value) { ${$key} = stripslashes($value); } } /* send reminder information */ $passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . sha1($password); $passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute); $toArray = array(s('author') => s('email')); $fromArray = array($name => $email); $subject = l('reminder'); $bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink); /* mailer object */ $mailer = new Redaxscript\Mailer(); $mailer->init($toArray, $fromArray, $subject, $bodyArray); $mailer->send(); } } } } } } /* handle error */ if ($error) { if (s('blocker') == 1) { $_SESSION[ROOT . '/attack_blocked']++; } notification(l('error_occurred'), $error, l('back'), 'reminder'); } else { notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login'); } $_SESSION[ROOT . '/reminder'] = ''; }
function read_cookie() { global $config; $this->ip = $_SERVER['REMOTE_ADDR']; if (isset($_COOKIE['nsamblr_session'])) { $cookie = explode('!', base64_decode($_COOKIE['nsamblr_session'])); } else { return false; } if ($cookie[0] == 'nsamblr') { $id = intval($cookie[1]); $password = clean($cookie[2]); $query = mysql_query("SELECT id, nick, password, ip, mail, salt FROM users WHERE id = '{$id}' LIMIT 1"); $result = mysql_fetch_row($query, MYSQL_ASSOC); if (empty($result)) { return 1; } // no such user $bdpassword = md5($result['password'] . $config['site_id']); if ($bdpassword == $password) { // Authed $this->id = $result['id']; $this->nick = $result['nick']; $this->password = $result['password']; mysql_query('UPDATE users SET ip = \'' . $this->ip . '\' WHERE id = ' . $this->id); $mail = $result['mail']; return true; } } }
function writebody() { global $db, $domain, $suserid, $sitename, $cachelife, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid; if (!isset($suserid)) { echo '<div class=\'error\'>Please login first.</div>'; exit; } $current_email = clean($_GET['oldemail']); $new_email = clean($_GET['newemail']); $id = clean($_GET['id']); if (!$current_email || !$new_email || !$id) { echo 'Something was missing within your url. Please try again!'; exit; } $userid = $usrdata['userid']; $ir = $db->query(sprintf('SELECT * FROM fas_users WHERE userid=\'%u\'', $userid)); $r2 = $db->fetch_row($ir); $email = $r2['email']; $new_email_key = $r2['new_email_key']; if ($current_email == $email && $new_email_key == $id) { mysql_query("UPDATE dd_users SET `email`='{$new_email}', `new_email_key`='0' WHERE userid='{$usrdata['userid']}'"); echo '<div class=\'msg\'>Your email has been changed!</div>'; } else { echo 'ERROR!!'; } }
function clean($str = '', $html = false) { //is String Empty? if (empty($str)) { return false; } //is String an array? If so, run clean with each item. if (is_array($str)) { foreach ($str as $key => $value) { $str[$key] = clean($value, $html); } } else { // get magic quotes if (get_magic_quotes_gpc()) { $str = stripslashes($str); } //is HTML an Array? if (is_array($html)) { $str = strip_tags($str, implode('', $html)); } elseif (preg_match('|<([a-z]+)>|i', $html)) { $str = strip_tags($str, $html); } elseif ($html !== true) { $str = strip_tags($str); } $str = trim($str); } return $str; }
/** * Render submit button * * @param array $params * @param string $content * @param Smarty $smarty * @param boolean $repeat * @return string */ function smarty_block_submit($params, $content, &$smarty, &$repeat) { $params['type'] = 'submit'; $accesskey = array_var($params, 'accesskey', 's'); if ($accesskey) { $params['accesskey'] = 's'; } // if $caption = clean(isset($params['not_lang']) ? $content : lang($content)); if ($accesskey) { $first = null; $first_pos = null; $to_highlight = array(strtolower($accesskey), strtoupper($accesskey)); foreach ($to_highlight as $accesskey_to_highlight) { if (($pos = strpos($caption, $accesskey_to_highlight)) === false) { continue; } // if if ($first_pos === null || $pos < $first_pos) { $first = $accesskey_to_highlight; $first_pos = $pos; } // if } // foreach if ($first !== null) { $caption = str_replace_first($first, "<u>{$first}</u>", $caption); } // if } // if // And done... return open_html_tag('button', $params) . '<span><span>' . $caption . '</span></span></button>'; }