/**
* @param int $key
* @return \mysqli;
*/
public static function _($key = 0)
{
if (!isset(self::$mysqli[$key])) {
if (!isset(self::$connect['server'])) {
self::$connect['server'] = Core::$DB_LOCAL;
}
if (!isset(self::$connect['user'])) {
self::$connect['user'] = Core::$DB_LOGIN;
}
if (!isset(self::$connect['pass'])) {
self::$connect['pass'] = Core::$DB_PASS;
}
if (!isset(self::$connect['db'])) {
self::$connect['db'] = Core::$DB_NAME;
}
self::$mysqli[$key] = @new \mysqli(self::$connect['server'], self::$connect['user'], self::$connect['pass'], self::$connect['db']);
// WARNING
if (mysqli_connect_errno()) {
echo 'Не удалось подключиться к Базе Данных';
exit;
}
if (!self::$mysqli[$key]->set_charset("utf8")) {
echo 'Ошибка при загрузке набора символов utf8:' . self::$mysqli[$key]->error;
exit;
}
if (!empty(Core::$DB_TIME_ZONE)) {
self::$mysqli[$key]->query("set time_zone = '" . es(Core::$DB_TIME_ZONE) . "'");
}
}
return self::$mysqli[$key];
}
public function clear()
{
$conditions = array();
$conditions[] = es('Pin.member_id = %s', $this->member->id);
$this->Pin->deleteAll($conditions);
$this->renderJSONStatus(true);
}
function activate($id, $hash)
{
q("\n\t\t\tUPDATE `fw_users` SET\n\t\t\t`access` = 1\n\t\t\tWHERE `id` = " . (int) $id . "\n\t\t\t AND `access` = 0\n\t\t\t AND `hash` = '" . es($hash) . "'\n\t\t");
if (!\DB::_()->affected_rows) {
return false;
}
return true;
}
protected function getFolder()
{
$id = $this->params('folder_id', 0);
$conditions = array();
$conditions[] = es('Member.id = %s', $this->member->id);
$conditions[] = es('Dir.id = %s', $id);
return $this->Dir->find($conditions);
}
public function updateSubscribersCount($data = null)
{
$this->set($data);
$conditions = es('Subscription.feed_id = %s', $this->id);
$n = $this->Subscription->findCount($conditions);
CakeLog::write(LOG_INFO, "subscribers: {$n}");
return $this->saveField('subscribers_count', $n);
}
function getMaxPercentageForTheNight()
{
$today = time();
$dateSMYSQL = es(date("Y-m-d 00:00", $today));
// midnight
$dateEMYSQL = es(date("Y-m-d 09:00", $today));
// 9am
$query = "SELECT\n timestamp,\n FLOOR(100*wind/demand) AS percent\n FROM\n wind_vs_demand\n WHERE\n timestamp BETWEEN '{$dateSMYSQL}' AND '{$dateEMYSQL}'\n ORDER BY\n percent DESC\n LIMIT 1";
return fetchAssoc(query($query));
}
public function addAddress($address, $name = '')
{
$res = q("\n\t\t\tSELECT 1\n\t\t\tFROM `fw_unsubscribe`\n\t\t\tWHERE `email` = '" . es($address) . "'\n\t\t");
if ($res->num_rows) {
if ($this->exceptions) {
throw new phpmailerException('E-mail blocked');
}
$this->ErrorInfo = 'E-mail blocked';
return false;
}
return parent::addAddress($address, $name);
}
function authByHash($id, $hash)
{
/*
if(!$this->ipDefender()) {
$this->error = 'ip-defender';
return false;
}
*/
$res = q("\n\t\t\tSELECT *\n\t\t\tFROM `fw_users`\n\t\t\tWHERE `id` = " . (int) $id . "\n\t\t\t AND `hash` = '" . es($hash) . "'\n\t\t\tLIMIT 1\n\t\t");
if (!$res->num_rows) {
$this->error = 'wrong-hash';
return false;
}
$row = $res->fetch_assoc();
if ($row['access'] != 1) {
if ($row['access'] == 0) {
$this->error = 'wrong-access-confirm';
} else {
$this->error = 'wrong-access';
}
return false;
}
if ($this->browser) {
if ($row['browser'] != $_SERVER['HTTP_USER_AGENT']) {
$this->error = 'wrong-browser';
return false;
}
}
if ($this->ip == 1) {
if ($row['ip'] != $_SERVER['REMOTE_ADDR']) {
$this->error = 'wrong-ip';
return false;
}
} elseif ($this->ip == 2) {
preg_match('#(^\\d+\\.\\d+\\.)#isuU', $row['ip'], $matches);
if (isset($matches[1])) {
$ipbase = $matches[1];
}
preg_match('#(^\\d+\\.\\d+\\.)#isuU', $row['REMOTE_ADDR'], $matches);
if (isset($matches[1])) {
$ipnow = $matches[1];
}
if (isset($ipbase, $ipnow) && $ipbase != $ipnow) {
$this->error = 'wrong-ip';
return false;
}
}
$row['hash'] = $this->rememberMe($row['id']);
\User::$data = $row;
$_SESSION['user']['id'] = $row['id'];
return true;
}
function stats($query = null)
{
$es = es();
$stats = [];
$q = ['match_all' => new \StdClass()];
if ($query != null && is_string($query)) {
$q = ['query_string' => ['analyze_wildcard' => false, 'query' => $query]];
}
/* taxa count */
$params = ['index' => INDEX, 'type' => 'analysis', 'body' => ['query' => $q]];
$stats['accepted_count'] = $es->count($params)['count'];
/* last update */
$params = ['index' => INDEX, 'type' => 'analysis', 'body' => ['size' => 1, '_source' => ['timestamp'], 'query' => ['match_all' => new \StdClass()], 'sort' => ['timestamp' => 'desc']]];
$r = $es->search($params)['hits']['hits'][0]['_source']['timestamp'][0] / 1000;
$stats['last_updated'] = date('Y-m-d H:m:s', $r);
// main stats
$params = ['index' => INDEX, 'type' => 'analysis', 'size' => 0, 'body' => ['size' => 0, 'query' => $q, 'aggs' => ['categories' => ['terms' => ['field' => 'main-risk-assessment.category', 'size' => 9]], 'occs_count' => ['sum' => ['field' => 'occurrences.count']], 'points_count' => ['sum' => ['field' => 'points.count']], 'occs_ranges' => ['range' => ['field' => 'occurrences.count', 'ranges' => [["from" => 0, "to" => 1], ["from" => 1, "to" => 3], ["from" => 3, "to" => 10], ["from" => 10, "to" => 100], ["from" => 100, "to" => 99999]]]], 'points_ranges' => ['range' => ['field' => 'points.count', 'ranges' => [["from" => 0, "to" => 1], ["from" => 1, "to" => 3], ["from" => 3, "to" => 10], ["from" => 10, "to" => 100], ["from" => 100, "to" => 99999]]]], 'clusters_ranges' => ['range' => ['field' => 'clusters.all.count', 'ranges' => [["from" => 0, "to" => 1], ["from" => 1, "to" => 3], ["from" => 3, "to" => 10], ["from" => 10, "to" => 100], ["from" => 100, "to" => 99999]]]], 'aoo_ranges' => ['range' => ['field' => 'aoo.all.area', 'ranges' => [["from" => 0, "to" => 1], ["from" => 1, "to" => 10], ["from" => 10, "to" => 50], ["from" => 50, "to" => 100], ["from" => 100, "to" => 500], ["from" => 500, "to" => 2000], ["from" => 2000, "to" => 5000], ["from" => 5000, "to" => 99999]]]], 'eoo_ranges' => ['range' => ['field' => 'eoo.all.area', 'ranges' => [["from" => 0, "to" => 1], ["from" => 1, "to" => 100], ["from" => 100, "to" => 5000], ["from" => 500, "to" => 5000], ["from" => 5000, "to" => 20000], ["from" => 20000, "to" => 50000], ["from" => 50000, "to" => 999999]]]]]]];
$r = $es->search($params);
foreach ($r['aggregations'] as $k => $agg) {
if (isset($agg['buckets'])) {
$stats[$k] = [];
foreach ($agg['buckets'] as $value) {
$key = str_replace("-", " ~ ", str_replace(".0", "", strtoupper($value['key'])));
$q = null;
if (strpos($key, "~") !== false) {
$partsq = explode(" ~ ", $key);
$q = '(>=' . $partsq[0] . ' AND <' . $partsq[1] . ')';
} else {
$q = $key;
}
$stats[$k][] = ['label' => $key, 'value' => $value['doc_count'], 'q' => $q];
}
} else {
if (isset($agg['value'])) {
$stats[$k] = $agg['value'];
}
}
}
$stats['not_points_count'] = $stats['occs_count'] - $stats['points_count'];
$stats['occurrence_count'] = $stats['occs_count'];
$stats['json'] = json_encode($stats);
return $stats;
}
static function isAllow($group, $action, $full = false)
{
if (!self::isAuth()) {
return false;
}
if (isset(self::$groups[$group]['*'])) {
return true;
}
if ($full && isset(self::$groups[$group]['full'])) {
if (!isset(self::$groups[$group][$action])) {
return false;
}
return self::$groups[$group][$action];
} elseif (!$full && isset(self::$groups[$group][$action])) {
return self::$groups[$group][$action];
}
if (!count(self::$roles)) {
self::getRoles();
}
if (isset(self::$roles['guest'])) {
return false;
}
if ($full) {
self::$groups[$group]['full'] = true;
$s_action = '';
} else {
$s_action = "AND `action` IN ('" . es($action) . "','*')";
}
$res = q("\n\t\t\tSELECT `action`\n\t\t\tFROM `fw_users_role2action`\n\t\t\tWHERE `role` IN (" . implode(',', self::$roles) . ")\n\t\t\t AND `group` = '" . es($group) . "'\n\t\t\t " . $s_action . "\n\t\t");
while ($row = $res->fetch_assoc()) {
self::$groups[$group][$row['action']] = true;
}
if (!isset(self::$groups[$group][$action])) {
self::$groups[$group][$action] = false;
}
if (isset(self::$groups[$group]['*'])) {
return true;
}
return self::$groups[$group][$action];
}
static function Start($auth = [])
{
$called_class = get_called_class();
if (count($auth)) {
$where = [];
foreach ($auth as $k => $v) {
$where[] = "`" . es($k) . "` = '" . es($v) . "'";
}
$res = q("\n\t\t\t\tSELECT `access`" . (count($called_class::$datas) ? ',`' . implode('`,`', $called_class::$datas) . '`' : '') . "\n\t\t\t\tFROM `fw_users`\n\t\t\t\tWHERE " . implode(" AND ", $where) . "\n\t\t\t");
if (!$res->num_rows) {
Authorization::logout();
redirect('/');
}
$row = $res->fetch_assoc();
if ($row['access'] != 1) {
Authorization::logout();
$_SESSION['error'] = 'no-access';
redirect('/');
}
foreach ($called_class::$datas as $k => $v) {
$called_class::${$v} = $row[$v];
// unset($row[$v]); -- Раскомментировать после обновления функционала на сайте
}
if (count($row)) {
self::$data = $row;
}
} elseif (isset($_COOKIE['autologinid'], $_COOKIE['autologinhash'])) {
$auth = new Authorization();
if (!$auth->authByHash($_COOKIE['autologinid'], $_COOKIE['autologinhash'])) {
Authorization::logout();
redirect('/');
}
}
if (!empty(self::$data['id']) && !empty(self::$autoupdate)) {
q("\n\t\t\t\tUPDATE `fw_users` SET\n\t\t\t\t`browser` = '" . (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '') . "',\n\t\t\t\t`ip` = '" . es($_SERVER['REMOTE_ADDR']) . "'\n\t\t\t\tWHERE `id` = " . (int) self::$data['id'] . "\n\t\t\t");
}
}
function getCurrentData()
{
// get latest data
// inner select grabs highest % tweeted today
// only check today's readings
$hour = date('H');
if ($hour < 12) {
$start = time();
$end = time();
$dateSMYSQL = es(date("Y-m-d 00:00", $start));
// today 00
$dateEMYSQL = es(date("Y-m-d 12:00", $end));
// today 12
} else {
$start = time();
$end = time() + 3600 * 24;
$dateSMYSQL = es(date("Y-m-d 12:00", $start));
// today 12
$dateEMYSQL = es(date("Y-m-d 00:00", $end));
// tomorrow 00
}
$query = "SELECT\n timestamp,\n FLOOR(100*wind/demand) AS percent,\n (SELECT percentage FROM tweets WHERE timestamp BETWEEN '{$dateSMYSQL}' AND '{$dateEMYSQL}' ORDER BY percentage DESC LIMIT 1) AS day_max\n FROM\n wind_vs_demand\n WHERE\n timestamp BETWEEN '{$dateSMYSQL}' AND '{$dateEMYSQL}'\n ORDER BY\n timestamp DESC\n LIMIT 1";
return fetchAssoc(query($query));
}
public function afterDelete()
{
$conditions = array();
$conditions[] = es('Subscription.folder_id = %s', $this->id);
$this->Subscription->updateAll(array('folder_id' => 0), $conditions);
}
<?php
//Активация регистрации
if (isset($_GET['hash'], $_GET['id'])) {
q("\n UPDATE `users`\n SET `active`= '1'\n WHERE `id` = " . (int) $_GET['id'] . "\n AND `hash` = '" . es($_GET['hash']) . "'\n ");
$info = 'Вы активны на сайте';
} else {
$info = 'Вы прошли по неверной ссылке';
}
protected function getSubscription()
{
$id = $this->params('subscribe_id', 0);
$conditions = array();
$conditions[] = es('Member.id = %s', $this->member->id);
$conditions[] = es('Subscription.id = %s', $id);
return $this->Subscription->find($conditions);
}
protected function findSub()
{
$id = $this->params('subscribe_id', 0);
if (!$id) {
$id = $this->params('id', 0);
}
$conditions = array();
$conditions[] = es('Member.id = %s', $this->member->id);
$conditions[] = es('Subscription.id = %s', $id);
$this->sub = $this->Subscription->find($conditions);
return $this->sub ? true : false;
}
<?php
// fix path
chdir(realpath(dirname(__FILE__)));
chdir('..');
require_once 'init.inc.php';
$stations = $DB->getAll("SELECT id,name,external_id FROM stations");
foreach ($stations as $station) {
$prices = fetchStationPrices($station['external_id']);
if (empty($prices) || !array_key_exists('super', $prices)) {
continue;
}
foreach ($prices as $fuel => $price) {
//echo "$fuel $price {$station['name']}\n";
$fuel_id = $DB->getOne("SELECT id FROM fuels WHERE name='" . es($fuel) . "' LIMIT 1");
if (empty($fuel_id)) {
$fuel_id = dbInsert('fuels', array('name' => es($fuel)));
}
$DB->query("UPDATE prices SET is_latest=0 WHERE fuel_id='" . ei($fuel_id) . "' AND station_id=" . ei($station['id']));
dbInsert('prices', array('station_id' => ei($station['id']), 'fuel_id' => ei($fuel_id), 'price' => ef($price), 'is_latest' => 1));
$t = intval(time() / 900) * 900;
rammsteinUpdateRRD($station['id'], $fuel_id, $price, $t);
}
}
function fetchStationPrices($station_id)
{
$url = 'http://www.oeamtc.at/spritapp/ShowGasStation.do?spritaction=show&gsid=' . intval($station_id);
$html = fetchHtml($url);
#file_put_contents('dump/'.$station_id.'_'.time().'.html', $html);
$html = preg_replace("/[\r\n\t ]+/", " ", $html);
if (!preg_match('#pricesBox.*<tr>.*?Super.*?</tr>.*</div>#', $html, $m)) {
return false;
<?php
require_once 'Escape.php';
session_start();
$val = isset($_SESSION['user_name']) ? $_SESSION['user_name'] : "";
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<form action="session3.php" method="POST">
ユーザー名:
<input type="text" name="user" size="30" value="<?php
es($val);
?>
" />
<input type="submit" value="送信">
</form>
</body>
</html>
public function delete($key)
{
q("\n\t\t\tDELETE FROM `fw_cache_data`\n\t\t\tWHERE `key` = '" . es($key) . "'\n\t\t");
return true;
}
private function es($data, $delete = false)
{
$data = json_decode($data, true);
$id = $data['id'];
$this->purgeEsCache();
$refresh = $this->inConfig('es_refresh', true);
if (false === $delete) {
es()->index(['index' => $this->db . '_' . $this->getEnv(), 'type' => $this->table, 'id' => (int) $id, 'refresh' => $refresh, 'body' => $data]);
} else {
try {
es()->delete(['index' => $this->db . '_' . $this->getEnv(), 'type' => $this->table, 'refresh' => $refresh, 'id' => (int) $id]);
} catch (\Elasticsearch\Common\Exceptions\Missing404Exception $e) {
}
}
}
<?php
if (isset($_POST['email'], $_POST['hash'], $_POST['key'], $_POST['antixsrf'], $_SESSION['antixsrf']) && $_SESSION['antixsrf'] == $_POST['antixsrf'] && $_POST['hash'] == myHash($_POST['email'] . preg_replace('#^.{2}(.+).{2}$#u', "\\1", $_POST['key']))) {
q("\n\t\tINSERT IGNORE INTO `fw_unsubscribe` SET\n\t\t`email` = '" . es($_POST['email']) . "'\n\t");
$_SESSION['info'] = 'Ваш E-mail: <span style="font-weight:bold">' . hc($_POST['email']) . '</span> внесён в список заблокированных для уведомлений';
redirect('this');
}
public function crawl($data)
{
$result = array('new_items' => 0, 'updated_items' => 0, 'error' => null);
$feed = FeedUtils::getFeed($data['Feed']['feedlink']);
if ($feed->error()) {
$result['message'] = $feed->error();
$result['error'] = 1;
return $result;
}
$items = $feed->get_items();
if (count($items) > self::ITEMS_LIMIT) {
$this->log("too large feed: {$data['Feed']['feedlink']}" . '(' . count($items) . ')', LOG_INFO);
array_splice($items, self::ITEMS_LIMIT);
}
// update items
foreach ($items as $k => $item) {
$r = array('Item' => array('feed_id' => $data['Feed']['id'], 'link' => $item->get_link(), 'title' => $item->get_title(), 'body' => $item->get_content(), 'author' => $item->get_author(), 'category' => $item->get_category(), 'enclosure' => null, 'enclosure_type' => null, 'digest' => $this->itemDigest($item->get_title(), $item->get_content()), 'stored_on' => date('Y-m-d H:i:s'), 'modified_on' => $item->get_date('Y-m-d H:i:s')));
$items[$k] = $r;
}
foreach ($items as $k => $item) {
$conditions = array();
$conditions[] = es('Feed.id = %s', $data['Feed']['id']);
$conditions[] = es('Item.title = %s', $item['Item']['title']);
$conditions[] = es('Item.link = %s', $item['Item']['link']);
$r = $this->Item->find($conditions);
if ($r) {
unset($items[$k]);
}
}
foreach ($items as $k => $item) {
$conditions = array();
$conditions[] = es('Feed.id = %s', $data['Feed']['id']);
$conditions[] = es('Item.link = %s', $item['Item']['link']);
$old_item = $this->Item->find($conditions);
if ($old_item) {
$same_title = $this->almostSame($old_item['Item']['title'], $item['Item']['title']);
$same_body = $this->almostSame($old_item['Item']['body'], $item['Item']['body']);
if (!$same_title || !$same_body) {
$result['updated_items']++;
}
$item['Item'] = array_merge($old_item['Item'], $item['Item']);
$this->Item->set($item);
$this->Item->save();
} else {
$result['new_items']++;
$this->Item->create($item);
$this->Item->save();
}
}
// update subscriptions
if ($result['new_items'] + $result['updated_items'] > 0) {
$data['Feed']['modified_on'] = date('Y-m-d H:i:s');
$conditions = array();
$conditions[] = es('Subscription.feed_id = %s', $data['Feed']['id']);
$this->Subscription->updateAll(array('has_unread' => true), $conditions);
}
// update feed
$new_feed = array('title' => $feed->get_title(), 'link' => $feed->get_link(), 'description' => $feed->get_description(), 'image' => null);
$data['Feed'] = array_merge($data['Feed'], $new_feed);
$this->Feed->set($data['Feed']);
$this->Feed->save();
$result['message'] = "{$result['new_items']} new items, {$result['updated_items']} updated items";
return $result;
}
function checkUnique($var, $table = 'users')
{
if (!is_array($var) || !count($var)) {
throw new \Exception('Wrond CheckUnique Data');
}
$temp = array();
foreach ($var as $k => $v) {
$temp[] = "`" . es($k) . "` = '" . es($v) . "'";
}
$where = implode(' AND ', $temp);
$res = q("\n\t\t\tSELECT `id`\n\t\t\tFROM `" . es($table) . "`\n\t\t\tWHERE " . $where . "\n\t\t\tLIMIT 1\n\t\t");
if ($res->num_rows) {
return TRUE;
} else {
return FALSE;
}
}
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<?php
require_once 'Escape.php';
?>
こんにちは <?php
print es($_GET['name']);
?>
さん!
</body>
</html>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title></title>
</head>
<body>
<?php
require_once 'escape.php';
?>
<?php
es($_GET['query']);
?>
</body>
</html>
?>
<?php
// Because both the request and the response is stored
// It will be judged by whether HTTP is included in the string
foreach ($_SERVER as $key => $value) {
if (mb_strpos($key, 'HTTP_') === 0) {
?>
<tr>
<th>
<?php
es($key);
?>
</th>
<td>
<?php
es($value);
?>
</td>
</tr>
<?php
}
}
?>
<!-- HTTP_HOST localhost
HTTP_CONNECTION keep-alive
HTTP_ACCEPT text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
HTTP_UPGRADE_INSECURE_REQUESTS 1
HTTP_USER_AGENT Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36
HTTP_ACCEPT_ENCODING gzip, deflate, sdch
HTTP_ACCEPT_LANGUAGE ja,en-US;q=0.8,en;q=0.6
HTTP_COOKIE __ywapbuk=0.714; _wasc=PHHIHM9o8ZhFhx37.0 -->
static function init($route = '', $tempGET = false)
{
if ($tempGET) {
$GET = $_GET;
$_GET = $tempGET === true ? array('ajax' => 1) : $tempGET;
}
if (empty($route)) {
$_GET['_module'] = 'main';
$_GET['_page'] = 'main';
if (file_exists(__DIR__ . '/' . Core::$CONT . '/main/sitemap/sitemap.php')) {
Core::$SITEMAP = (require __DIR__ . '/' . Core::$CONT . '/main/sitemap/sitemap.php');
}
} else {
if (Core::$SHORTLINK) {
$matches = array();
if (preg_match('#^(' . implode('|', Core::$LANGUAGE['allow']) . ')\\/#ius', $route, $matches)) {
$shortroute = preg_replace('#^' . preg_quote($matches[0]) . '#ius', '', $route);
} else {
$shortroute = $route;
}
$res = q("\n\t\t\t\t\tSELECT `short`,`full`\n\t\t\t\t\tFROM `fw_shortlink`\n\t\t\t\t\tWHERE `short` = '" . es(trim($shortroute, '/')) . "'\n\t\t\t\t\t OR `full` = '" . es(trim($shortroute, '/')) . "'\n\t\t\t\t");
if ($res->num_rows) {
$row = $res->fetch_assoc();
Core::$META['shortlink'] = '/' . $row['short'];
Core::$META['canonical'] = '/' . $row['full'];
$route = (count($matches) ? $matches[0] : '') . $row['full'];
}
$res->close();
}
$i = 0;
$temp = explode('/', $route);
if (Core::$LANGUAGE['status']) {
if (in_array($temp[$i], Core::$LANGUAGE['allow'])) {
Core::$LANGUAGE['lang'] = $temp[$i++];
}
}
if (isset($temp[$i]) && $temp[$i] == 'admin') {
define('ADMIN', true);
Core::$CONT = Core::$CONT . '/admin';
require './' . Core::$CONT . '/_allmodules.php';
Core::$MAINTPL = 'admin.tpl';
++$i;
}
if (empty($temp[$i])) {
$temp[$i] = 'main';
}
if (file_exists(__DIR__ . '/' . Core::$CONT . '/' . $temp[$i] . '/sitemap/sitemap.php')) {
Core::$SITEMAP = (require __DIR__ . '/' . Core::$CONT . '/' . $temp[$i] . '/sitemap/sitemap.php');
} else {
Core::$SITEMAP = (require __DIR__ . '/config/sitemap' . (defined('ADMIN') ? '_admin' : '') . '.php');
}
require __DIR__ . '/config/sitemap_core' . (defined('ADMIN') ? '_admin' : '') . '.php';
if (!isset($temp[$i])) {
$_GET['_module'] = 'main';
$_GET['_page'] = 'main';
} elseif (in_array($temp[$i], Core::$SITEMAP['single'])) {
$_GET['_module'] = 'static';
$_GET['_page'] = $temp[$i++];
} else {
$temp[$i] = (string) $temp[$i];
if (!isset(Core::$SITEMAP[$temp[$i]]) || !preg_match('#^[a-z0-9_-]+$#ius', $temp[$i])) {
$_GET['_module'] = 'static';
$_GET['_page'] = '404';
goto page404;
} else {
$_GET['_module'] = $temp[$i++];
}
if (!isset($temp[$i])) {
$key = key(Core::$SITEMAP[$_GET['_module']]);
$_GET['_page'] = !isset(Core::$SITEMAP[$_GET['_module']][$key]) ? 'main' : $key;
} elseif (isset(Core::$SITEMAP[$_GET['_module']][$temp[$i]])) {
$temp[$i] = (string) $temp[$i];
$_GET['_page'] = $temp[$i++];
} else {
$key = key(Core::$SITEMAP[$_GET['_module']]);
$_GET['_page'] = !isset(Core::$SITEMAP[$_GET['_module']][$key]) ? 'main' : $key;
}
page404:
if (isset(Core::$SITEMAP[$_GET['_module']][$_GET['_page']]) && is_array(Core::$SITEMAP[$_GET['_module']][$_GET['_page']])) {
foreach (Core::$SITEMAP[$_GET['_module']][$_GET['_page']] as $k => $v) {
if (!isset($temp[$i])) {
if (!empty($v['req'])) {
$_GET['_module'] = 'static';
$_GET['_page'] = '404';
goto page404;
} elseif (isset($v['default'])) {
$_GET[$k] = $v['default'];
}
} else {
if (!empty($v['req']) && empty($temp[$i])) {
$_GET['_module'] = 'static';
$_GET['_page'] = '404';
goto page404;
}
if (!isset($v['type'])) {
$temp[$i] = (string) $temp[$i];
} else {
if ($v['type'] == 'string') {
$temp[$i] = (string) $temp[$i];
} elseif ($v['type'] == 'int') {
$temp[$i] = (int) $temp[$i];
} elseif ($v['type'] == 'array') {
$temp[$i] = (array) $temp[$i];
} elseif ($v['type'] == 'boolean') {
$temp[$i] = (bool) $temp[$i];
} else {
$_GET['_module'] = 'static';
$_GET['_page'] = '404';
goto page404;
}
}
if (isset($v['rules']) && !preg_match('#^' . $v['rules'] . '$#ius', $temp[$i])) {
$_GET['_module'] = 'static';
$_GET['_page'] = '404';
goto page404;
}
$_GET[$k] = $temp[$i];
}
++$i;
}
}
}
if (isset($temp[$i])) {
$_GET['_module'] = 'static';
$_GET['_page'] = '404';
}
unset($temp, $key);
}
ob_start();
if (!empty(Core::$SITEMAP[$_GET['_module']]['/OPTIONS']['config'])) {
require './' . Core::$CONT . '/' . $_GET['_module'] . '/config/config.php';
}
if (!empty(Core::$SITEMAP[$_GET['_module']]['/OPTIONS']['controller'])) {
require './' . Core::$CONT . '/' . $_GET['_module'] . '/controller/controller.php';
} else {
if (!empty(Core::$SITEMAP[$_GET['_module']]['/OPTIONS']['allpages'])) {
require './' . Core::$CONT . '/' . $_GET['_module'] . '/_allpages.php';
}
require './' . Core::$CONT . '/' . $_GET['_module'] . '/' . $_GET['_page'] . '.php';
if (!empty(Core::$SITEMAP[$_GET['_module']]['/OPTIONS']['before'])) {
require './' . Core::$CONT . '/' . $_GET['_module'] . '/view' . Core::$SKIN . '/_before.tpl';
}
require './' . Core::$CONT . '/' . $_GET['_module'] . '/view' . Core::$SKIN . '/' . $_GET['_page'] . '.tpl';
if (!empty(Core::$SITEMAP[$_GET['_module']]['/OPTIONS']['after'])) {
require './' . Core::$CONT . '/' . $_GET['_module'] . '/view' . Core::$SKIN . '/_after.tpl';
}
}
if ($tempGET) {
$_GET = $GET;
}
if (Core::$AUTOCANONICAL && empty(Core::$META['canonical'])) {
Core::$META['canonical'] = createUrl('this');
}
return ob_get_clean();
}
public function destroy($id)
{
q("\n\t\t\tDELETE FROM `" . $this->table . "`\n\t\t\tWHERE `id` = '" . es($id) . "'\n\t\t");
return true;
}
<?php
$status = '';
if (isset($_POST['login'], $_POST['pass'])) {
$auth = new \FW\User\Authorization();
$remember = isset($_POST['checkbox']['remember']) ? true : false;
if ($auth->authByLoginPass($_POST['login'], $_POST['pass'], true)) {
$status = 'ok';
} else {
$status = $auth->getErrorMess();
$_SESSION['wrong-form']['time'] = time();
$_SESSION['wrong-form']['key'] = isset($_SESSION['wrong-form']['key']) ? $_SESSION['wrong-form']['key'] + 1 : 1;
}
} elseif (isset($_SESSION['user']['id'], $_POST['action'], $_POST['age'], $_POST['email'], $_POST['name'], $_POST['color']) && $_POST['action'] == 'change') {
q("\n\t\tUPDATE `fw_users` SET\n\t\t`email` = '" . es($_POST['email']) . "',\n\t\t`age` = '" . (int) $_POST['age'] . "',\n\t\t`name` = '" . es($_POST['name']) . "',\n\t\t`color` = '" . es($_POST['color']) . "'\n\t\tWHERE `id` = " . (int) $_SESSION['user']['id'] . "\n\t");
echo 'ok';
} else {
$status = 'Заполните форму';
}
echo $status;
exit;
if (empty($_POST['password'])) {
$errors['password'] = '******';
} elseif (mb_strlen($_POST['password']) < 5) {
$errors['password'] = '******';
}
if (empty($_POST['email']) || !filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$errors['email'] = 'Вы не заполнили email';
}
if (!count($errors)) {
$res = q("\n SELECT `id`\n FROM `users`\n WHERE `login` = '" . es($_POST['login']) . "'\n LIMIT 1\n ");
if (mysqli_num_rows($res)) {
$errors['login'] = '******';
}
$res = q("\n SELECT `id`\n FROM `users`\n WHERE `email` = '" . es($_POST['email']) . "'\n LIMIT 1\n ");
if (mysqli_num_rows($res)) {
$errors['email'] = 'Такой email уже занят';
}
}
if (!count($errors)) {
q("\n INSERT INTO `users` SET\n `login` = '" . es($_POST['login']) . "',\n `password` = '" . myHash($_POST['password']) . "',\n `email` = '" . es($_POST['email']) . "',\n `age` = '" . (int) $_POST['age'] . "',\n `hash` = '" . myHash($_POST['login'] . $_POST['age']) . "'\n ");
$id = mysqli_insert_id($link);
$_SESSION['regok'] = 'OK';
Mail::$to = $_POST['email'];
Mail::$subject = 'Вы зарегистрировались на сайте';
Mail::$text = 'То пройдите по ссылке для активации вашего аккаунта:' . Core::$DOMAIN . 'index.php?module=cab&page=activate&id=' . $id . '&hash=' . myHash($_POST['login'] . $_POST['age']) . '
';
Mail::send();
header("Location: index.php?module=cab&page=registration");
exit;
}
}
