Example #1
0
 /**
  * The second last process, should only be getting everything
  * syntaxically correct, rather than doing any heavy processing
  *
  * @author Anthony Short
  * @return $css string
  */
 public static function post_process()
 {
     if ($found = CSS::find_properties_with_value('image-replace', 'url\\([\'\\"]?([^)]+)[\'\\"]?\\)')) {
         foreach ($found[4] as $key => $value) {
             $path = $url = str_replace("\\", "/", unquote($value));
             # If they're getting an absolute file
             if ($path[0] == "/") {
                 $path = DOCROOT . ltrim($path, "/");
             }
             # Check if it exists
             if (!file_exists($path)) {
                 FB::log("ImageReplace - Image doesn't exist " . $path);
             }
             # Make sure it's an image
             if (!is_image($path)) {
                 FB::log("ImageReplace - File is not an image: {$path}");
             }
             // Get the size of the image file
             $size = GetImageSize($path);
             $width = $size[0];
             $height = $size[1];
             // Make sure theres a value so it doesn't break the css
             if (!$width && !$height) {
                 $width = $height = 0;
             }
             // Build the selector
             $properties = "\n\t\t\t\t\tbackground:url({$url}) no-repeat 0 0;\n\t\t\t\t\theight:{$height}px;\n\t\t\t\t\twidth:{$width}px;\n\t\t\t\t\tdisplay:block;\n\t\t\t\t\ttext-indent:-9999px;\n\t\t\t\t\toverflow:hidden;\n\t\t\t\t";
             CSS::replace($found[2][$key], $properties);
         }
         # Remove any left overs
         CSS::replace($found[1], '');
     }
 }
Example #2
0
/**
 * unquoting data
 *
 * Function unquotes data
 *
 * @param array $arr array of data to unquote
 */
function unquote(&$arr)
{
    foreach ($arr as $index => $value) {
        if (is_array($arr[$index])) {
            unquote($arr[$index]);
        } else {
            $arr[$index] = stripslashes($arr[$index]);
        }
    }
}
Example #3
0
 /**
  * Imports css via @import statements
  * 
  * @author Anthony Short
  * @param $css
  */
 public static function server_import($css, $previous = "")
 {
     # If they want to override the CSS syntax
     if (CSScaffold::config('core.override_import') === true) {
         $import = 'import';
     } else {
         $import = 'include';
     }
     if (preg_match_all('/\\@' . $import . '\\s+(?:\'|\\")([^\'\\"]+)(?:\'|\\")\\;/', $css, $matches)) {
         $unique = array_unique($matches[1]);
         $include = str_replace("\\", "/", unquote($unique[0]));
         # If they're getting an absolute file
         if ($include[0] == "/") {
             $include = DOCROOT . ltrim($include, "/");
         }
         # Make sure recursion isn't happening
         if ($include == $previous) {
             throw new Scaffold_Exception("Recursion occurring with CSS @includes in {$include}");
         }
         # If they haven't supplied an extension, we'll assume its a css file
         if (pathinfo($include, PATHINFO_EXTENSION) == "") {
             $include .= '.css';
         }
         # Make sure it's a CSS file
         if (!is_css($include)) {
             throw new Scaffold_Exception("Included file isn't a CSS file ({$include})");
         }
         # If the url starts with ~, we'll assume it's from the root of the css directory
         if ($include[0] == "~") {
             $include = ltrim($include, '~/');
             $include = CSScaffold::config('core.path.css') . $include;
         }
         if (file_exists($include)) {
             # Make sure it hasn't already been included
             if (!in_array($include, self::$loaded)) {
                 self::$loaded[] = $include;
                 $css = str_replace($matches[0][0], file_get_contents($include), $css);
             } else {
                 $css = str_replace($matches[0][0], '', $css);
             }
             # Compress it which removes any commented out @imports
             CSS::compress($css);
             # Check the file again for more imports
             $css = self::server_import($css, $include);
         } else {
             throw new Scaffold_Exception("Included CSS file doesn't exist ({$include})");
         }
     }
     return $css;
 }
Example #4
0
/**
 * @param string $value
 * @return mixed
 */
function normalize($value)
{
    switch (strtolower($value)) {
        case "true":
            return true;
        case "false":
            return false;
        case "empty":
            return "";
        case "null":
            return null;
    }
    return unquote($value);
}
Example #5
0
 function handleOptionSave($theme, $album)
 {
     $sorttype = strtolower(sanitize($_POST['sortby'], 3));
     if ($sorttype == 'custom') {
         $sorttype = unquote(strtolower(sanitize($_POST['customimagesort'], 3)));
     }
     setOption('favorites_image_sort_type', $sorttype);
     if ($sorttype == 'manual' || $sorttype == 'random') {
         setOption('favorites_image_sort_direction', 0);
     } else {
         if (empty($sorttype)) {
             $direction = 0;
         } else {
             $direction = isset($_POST['image_sortdirection']);
         }
         setOption('favorites_image_sort_direction', $direction ? 'DESC' : '');
     }
     $sorttype = strtolower(sanitize($_POST['subalbumsortby'], 3));
     if ($sorttype == 'custom') {
         $sorttype = strtolower(sanitize($_POST['customalbumsort'], 3));
     }
     setOption('favorites_album_sort_type', $sorttype);
     if ($sorttype == 'manual' || $sorttype == 'random') {
         $direction = 0;
     } else {
         $direction = isset($_POST['album_sortdirection']);
     }
     setOption('favorites_album_sort_direction', $direction ? 'DESC' : '');
     return false;
 }
Example #6
0
 /**
  * Finds all url()'s that start with ~/ and replaces it
  * with the CSS url.
  *
  * @return void
  */
 public static function replace_css_urls()
 {
     if ($found = CSS::find_functions('url')) {
         foreach ($found[1] as $url) {
             $url = unquote($url);
             if ($url[0] == "~") {
                 self::replace($url, str_replace('~/', CSScaffold::config('core.url.css'), $url));
             }
         }
     }
 }
Example #7
0
 /**
  * Parses the parameters of the base
  *
  * @author Anthony Short
  * @param $params
  * @return array
  */
 public static function parse_params($mixin_name, $params, $function_args = array())
 {
     $parsed = array();
     # Make sure any commas inside ()'s, such as rgba(255,255,255,0.5) are encoded before exploding
     # so that it doesn't break the rule.
     if (preg_match_all('/\\([^)]*?,[^)]*?\\)/', $params, $matches)) {
         foreach ($matches as $key => $value) {
             $original = $value;
             $new = str_replace(',', '#COMMA#', $value);
             $params = str_replace($original, $new, $params);
         }
     }
     $mixin_params = explode(',', $params);
     # Loop through each function arg and create the parsed params array
     foreach ($function_args as $key => $value) {
         $v = explode('=', $value);
         # If the user didn't include one of thesparams, we'll check to see if a default is available
         if (empty($mixin_params[$key])) {
             # If there is a default value for the param
             if (strstr($value, '=')) {
                 $parsed[trim($v[0])] = unquote(trim($v[1]));
             } else {
                 throw new Scaffold_Exception("Mixins.missing_param", $mixin_name);
             }
         } else {
             $p = explode(",", $params);
             $value = unquote(trim($p[$key]));
             $parsed[trim($v[0])] = str_replace('#COMMA#', ',', $value);
         }
     }
     return $parsed;
 }
Example #8
0
File: Auth.php Project: jasny/Q
 /**
  * Get AUTH info from session data.
  */
 protected function initInfo()
 {
     if (is_string($this->store)) {
         $this->store = extract_dsn($this->store);
     }
     switch ($this->store['driver']) {
         case 'none':
             $this->info = null;
             break;
         case 'session':
             session_start();
             $this->info = isset($_SESSION['AUTH']) ? $_SESSION['AUTH'] : null;
             break;
         case 'cookie':
             $this->info = array_chunk_assoc($_COOKIE, 'AUTH', '_');
             break;
         case 'request':
             $this->info = isset($_REQUEST['AUTH']) ? $_REQUEST['AUTH'] : null;
             break;
         case 'env':
             $this->info = split_set(';', unquote(getenv('AUTH')));
             break;
         case 'http':
             $this->info = getenv('REMOTE_USER') ? array('username' => getenv('REMOTE_USER')) : null;
             break;
         case 'posix':
             $this->info = array('uid' => posix_getuid());
             break;
         case 'posix_username':
             $this->info = array('username' => posix_getlogin());
             break;
         default:
             throw new Exception("Invalid option '{$this->store['driver']}' specified for retrieving info.");
     }
 }
Example #9
0
File: misc.php Project: jasny/Q
/**
 * Split a string on $seperator as key=value, grouping values between quotes and round brackets.
 *
 * @param string $seperator  Character list; Split on any character in $seperator. With .. you can specify a range of characters.
 * @param string $string
 * @param string $unquote    Character list; Trim these characters for each part. TRUE: remove ' and ";
 * @return array
 */
function split_set($seperator, $string, $unquote = true)
{
    if (!is_scalar($string) || empty($string)) {
        return $string;
    }
    $matches = null;
    $seperator = str_replace('\\.\\.', '-', preg_quote($seperator));
    if ($unquote === true) {
        $unquote = '\'"';
    }
    $str = "";
    $values = array();
    preg_match_all('/(?:([^' . $seperator . '=]+)\\s*\\=)?((?:(`[^`]*`)|("(?:\\\\"|[^"])*")|(\'(?:\\\\\'|[^\'])*\')|\\((?:(?R)|[' . $seperator . '])*\\)|([^`"\'()' . $seperator . ']+))+)/', $string, $matches, PREG_SET_ORDER);
    foreach ($matches as $match) {
        $value = trim($match[2]);
        if ($value == 'false') {
            $value = false;
        } elseif ($value == 'true') {
            $value = true;
        }
        if (empty($match[1])) {
            $values[] = $unquote && is_string($value) ? unquote($value, $unquote) : $value;
        } else {
            parse_key(trim($match[1]), $unquote && is_string($value) ? unquote($value, $unquote) : $value, $values);
        }
    }
    return $values;
}
 /**
  * Retrive Record from current query and numId
  *
  * @access public
  * @param string $req current query
  * @param integer $numId Number of record from current query
  * @param boolean $error if true return POST value
  */
 function recupElement($req, $numId, $error = false)
 {
     include_once INCLUDE_LIB . 'ParsingQuery.class.php';
     $tabQueryElement = ParsingQuery::explodeSelect($req);
     $tabQueryElement['SELECT'] = 'ROWID, ' . $tabQueryElement['SELECT'];
     if (preg_match('#FROM#i', $req)) {
         $tabFrom = explode(',', $tabQueryElement['FROM']);
         foreach ($tabFrom as $key => $value) {
             $tabFrom[$key] = brackets(unquote($value));
         }
         $tabQueryElement['FROM'] = implode(',', $tabFrom);
     }
     if (preg_match('#LIMIT#i', $req)) {
         $tabLimit = explode(',', $tabQueryElement['LIMIT']);
         $tabQueryElement['LIMIT'] = (int) $tabLimit[0] + $numId . ',1';
     } else {
         $tabQueryElement['LIMIT'] = $numId . ',1';
     }
     $querySearch = '';
     foreach ($tabQueryElement as $clause => $contentClause) {
         $querySearch .= $clause . ' ' . $contentClause . ' ';
     }
     $this->connId->connId->query($querySearch);
     $tabData = $this->connId->connId->fetch_array(null, $this->connId->connId->getVersion() == 3 ? SQLITE_BOTH : SQLITE_ASSOC);
     if ($this->connId->connId->getVersion() == 3) {
         $tabData["ROWID"] = $tabData[0];
     }
     if ($error) {
         foreach ($tabData as $fieldname => $fieldvalue) {
             if (isset($_POST[$fieldname])) {
                 $tabData[$fieldname] = $_POST[$fieldname];
             }
         }
     }
     return $tabData;
 }
Example #11
0
 /**
  * Extract childqueries for tree data from sql query (only for SELECT queries) and replace them with NULL in the main query.
  * Returns array(main query, array(subquery1, parent field, child field), [array(subquery2, parent field, child field), ...])
  *
  * @param string $sql
  * @return array
  */
 public static function extractTree($sql)
 {
     // There are certainly no childqueries
     if (!preg_match('/^SELECT\\b/i', $sql) || !preg_match('/\\b(?:VALUES|ROWS)\\s*\\(\\s*SELECT\\b/i', $sql)) {
         return array($sql);
     }
     if (!preg_match('/^(' . self::REGEX_VALUES . ')(?:\\b(?:VALUES|ROWS)\\s*(\\(\\s*SELECT\\b.*))$/si', $sql)) {
         return array($sql);
     }
     // Extract any childqueries
     $parts = self::splitSelectQuery($sql);
     $columns = self::splitColumns($parts['columns']);
     $tree = null;
     $matches = null;
     foreach ($columns as $i => $column) {
         if (preg_match('/^(?:VALUES|(ROWS))\\s*+\\((SELECT\\b\\s*+' . self::REGEX_VALUES . ')(?:\\bCASCADE\\s++ON\\b\\s*+(' . self::REGEX_IDENTIFIER . ')\\s*+\\=\\s*+(' . self::REGEX_IDENTIFIER . '))?\\s*+\\)\\s*+(?:AS\\b\\s*+(' . self::REGEX_IDENTIFIER . '))?$/si', trim($column), $matches)) {
             if (!isset($tree)) {
                 $tree = array(null);
             }
             if (!empty($matches[3]) && !empty($matches[4])) {
                 $alias = !empty($matches[5]) ? $matches[5] : `tree:col{$i}`;
                 $columns[$i] = $matches[4] . " AS {$alias}";
                 $child_parts = self::splitSelectQuery($matches[2]);
                 $child_parts['columns'] .= ", " . $matches[3] . " AS `tree:join`";
                 $child_parts['where'] = (!empty($child_parts['where']) ? '(' . $child_parts['where'] . ') AND ' : '') . $matches[3] . " IN (?)";
                 $child_parts['order by'] = $matches[3] . (!empty($child_parts['order by']) ? ", " . $child_parts['order by'] : '');
                 $tree[] = array(unquote($alias, '`'), self::join($child_parts), $matches[1] ? DB::FETCH_ORDERED : DB::FETCH_VALUE, true);
             } else {
                 $columns[$i] = 'NULL' . (!empty($matches[5]) ? ' AS ' . $matches[5] : '');
                 trigger_error("Incorrect tree query statement: Child query should end with 'CASCADE ON `parent_field` = `child_field`'. " . $column, E_USER_WARNING);
             }
         }
     }
     if (!isset($tree)) {
         return array($sql);
     }
     $parts['columns'] = join(', ', $columns);
     $tree[0] = self::join($parts);
     return $tree;
 }
Example #12
0
 /**
  * Parses the parameters of the base
  *
  * @author Anthony Short
  * @param $params
  * @return array
  */
 public static function parse_params($mixin_name, $params, $function_args = array())
 {
     $parsed = array();
     $mixin_params = explode(',', $params);
     # Loop through each function arg and create the parsed params array
     foreach ($function_args as $key => $value) {
         $v = explode('=', $value);
         # If the user didn't include one of thesparams, we'll check to see if a default is available
         if (empty($mixin_params[$key])) {
             # If there is a default value for the param
             if (strstr($value, '=')) {
                 $parsed[trim($v[0])] = unquote(trim($v[1]));
             } else {
                 throw new Scaffold_Exception("Mixins.missing_param", $mixin_name);
             }
         } else {
             $p = explode(",", $params);
             $parsed[trim($v[0])] = unquote(trim($p[$key]));
         }
     }
     return $parsed;
 }
/**
 * processes the post from the above
 * @param int $index the index of the entry in mass edit or 0 if single album
 * @param object $album the album object
 * @param string $redirectto used to redirect page refresh on move/copy/rename
 *@return string error flag if passwords don't match
 *@since 1.1.3
 */
function processAlbumEdit($index, $album, &$redirectto)
{
    global $gallery;
    $redirectto = NULL;
    // no redirection required
    if ($index == 0) {
        $prefix = '';
    } else {
        $prefix = "{$index}-";
    }
    $tagsprefix = 'tags_' . $prefix;
    $notify = '';
    $album->setTitle(process_language_string_save($prefix . 'albumtitle', 2));
    $album->setDesc(process_language_string_save($prefix . 'albumdesc', 0));
    $tags = array();
    $l = strlen($tagsprefix);
    foreach ($_POST as $key => $value) {
        $key = postIndexDecode($key);
        if (substr($key, 0, $l) == $tagsprefix) {
            if ($value) {
                $tags[] = substr($key, $l);
            }
        }
    }
    $tags = array_unique($tags);
    $album->setTags($tags);
    $album->setDateTime(sanitize($_POST[$prefix . "albumdate"]));
    $album->setLocation(process_language_string_save($prefix . 'albumlocation', 3));
    if (isset($_POST[$prefix . 'thumb'])) {
        $album->setAlbumThumb(sanitize($_POST[$prefix . 'thumb']));
    }
    $album->setShow(isset($_POST[$prefix . 'Published']));
    $album->setCommentsAllowed(isset($_POST[$prefix . 'allowcomments']));
    $sorttype = strtolower(sanitize($_POST[$prefix . 'sortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = unquote(strtolower(sanitize($_POST[$prefix . 'customimagesort'], 3)));
    }
    $album->setSortType($sorttype);
    if ($sorttype == 'manual' || $sorttype == 'random') {
        $album->setSortDirection('image', 0);
    } else {
        if (empty($sorttype)) {
            $direction = 0;
        } else {
            $direction = isset($_POST[$prefix . 'image_sortdirection']);
        }
        $album->setSortDirection('image', $direction);
    }
    $sorttype = strtolower(sanitize($_POST[$prefix . 'subalbumsortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = strtolower(sanitize($_POST[$prefix . 'customalbumsort'], 3));
    }
    $album->setSubalbumSortType($sorttype);
    if ($sorttype == 'manual' || $sorttype == 'random') {
        $album->setSortDirection('album', 0);
    } else {
        $album->setSortDirection('album', isset($_POST[$prefix . 'album_sortdirection']));
    }
    if (isset($_POST[$prefix . 'reset_hitcounter'])) {
        $album->set('hitcounter', 0);
    }
    if (isset($_POST[$prefix . 'reset_rating'])) {
        $album->set('total_value', 0);
        $album->set('total_votes', 0);
        $album->set('used_ips', 0);
    }
    $fail = '';
    if (sanitize($_POST[$prefix . 'password_enabled'])) {
        $olduser = $album->getUser();
        $newuser = sanitize($_POST[$prefix . 'albumuser']);
        $pwd = trim(sanitize($_POST[$prefix . 'albumpass']));
        if ($olduser != $newuser) {
            if (!empty($newuser) && empty($pwd) && empty($pwd2)) {
                $fail = '&mismatch=user';
            }
        }
        if (!$fail && $_POST[$prefix . 'albumpass'] == $_POST[$prefix . 'albumpass_2']) {
            $album->setUser($newuser);
            if (empty($pwd)) {
                if (empty($_POST[$prefix . 'albumpass'])) {
                    $album->setPassword(NULL);
                    // clear the album password
                }
            } else {
                $album->setPassword($pwd);
            }
        } else {
            if (empty($fail)) {
                $notify = '&mismatch=album';
            } else {
                $notify = $fail;
            }
        }
    }
    $oldtheme = $album->getAlbumTheme();
    if (isset($_POST[$prefix . 'album_theme'])) {
        $newtheme = sanitize($_POST[$prefix . 'album_theme']);
        if ($oldtheme != $newtheme) {
            $album->setAlbumTheme($newtheme);
        }
    }
    $album->setPasswordHint(process_language_string_save($prefix . 'albumpass_hint', 3));
    if (isset($_POST[$prefix . 'album_watermark'])) {
        $album->setWatermark(sanitize($_POST[$prefix . 'album_watermark'], 3));
        $album->setWatermarkThumb(sanitize($_POST[$prefix . 'album_watermark_thumb'], 3));
    }
    $codeblock1 = sanitize($_POST[$prefix . 'codeblock1'], 0);
    $codeblock2 = sanitize($_POST[$prefix . 'codeblock2'], 0);
    $codeblock3 = sanitize($_POST[$prefix . 'codeblock3'], 0);
    $codeblock = serialize(array("1" => $codeblock1, "2" => $codeblock2, "3" => $codeblock3));
    $album->setCodeblock($codeblock);
    if (isset($_POST[$prefix . '-owner'])) {
        $album->setOwner(sanitize($_POST[$prefix . '-owner']));
    }
    $custom = process_language_string_save($prefix . 'album_custom_data', 1);
    $album->setCustomData(zp_apply_filter('save_album_custom_data', $custom, $prefix));
    zp_apply_filter('save_album_utilities_data', $album, $prefix);
    $album->save();
    // Move/Copy/Rename the album after saving.
    $movecopyrename_action = '';
    if (isset($_POST['a-' . $prefix . 'MoveCopyRename'])) {
        $movecopyrename_action = sanitize($_POST['a-' . $prefix . 'MoveCopyRename'], 3);
    }
    if ($movecopyrename_action == 'delete') {
        $dest = dirname($album->name);
        if ($album->remove()) {
            if ($dest == '/' || $dest == '.') {
                $dest = '';
            }
            $redirectto = $dest;
        } else {
            $notify = "&mcrerr=7";
        }
    }
    if ($movecopyrename_action == 'move') {
        $dest = trim(sanitize_path($_POST['a' . $prefix . '-albumselect'], 3));
        // Append the album name.
        $dest = ($dest ? $dest . '/' : '') . (strpos($album->name, '/') === FALSE ? $album->name : basename($album->name));
        if ($dest && $dest != $album->name) {
            if ($album->isDynamic()) {
                // be sure there is a .alb suffix
                if (substr($dest, -4) != '.alb') {
                    $dest .= '.alb';
                }
            }
            if ($e = $album->moveAlbum($dest)) {
                $notify = "&mcrerr=" . $e;
            } else {
                $redirectto = $dest;
            }
        } else {
            // Cannot move album to same album.
            $notify = "&mcrerr=3";
        }
    } else {
        if ($movecopyrename_action == 'copy') {
            $dest = trim(sanitize_path($_POST['a' . $prefix . '-albumselect']));
            if ($dest && $dest != $album->name) {
                if ($e = $album->copy($dest)) {
                    $notify = "&mcrerr=" . $e;
                }
            } else {
                // Cannot copy album to existing album.
                // Or, copy with rename?
                $notify = '&mcrerr=3';
            }
        } else {
            if ($movecopyrename_action == 'rename') {
                $renameto = trim(sanitize_path($_POST['a' . $prefix . '-renameto'], 3));
                $renameto = str_replace(array('/', '\\'), '', $renameto);
                if (dirname($album->name) != '.') {
                    $renameto = dirname($album->name) . '/' . $renameto;
                }
                if ($renameto != $album->name) {
                    if ($album->isDynamic()) {
                        // be sure there is a .alb suffix
                        if (substr($renameto, -4) != '.alb') {
                            $renameto .= '.alb';
                        }
                    }
                    if ($e = $album->rename($renameto)) {
                        $notify = "&mcrerr=" . $e;
                    } else {
                        $redirectto = $renameto;
                    }
                } else {
                    $notify = "&mcrerr=3";
                }
            }
        }
    }
    return $notify;
}
Example #14
0
function killHTML($CONTENT)
{
    $CONTENT = htmlspecialchars(unquote($CONTENT), ENT_QUOTES);
    return $CONTENT;
}
Example #15
0
 /**
  * Split arguments and add them to the node.
  * 
  * @param HTTPd_DOMElement $node
  * @param string           $arglist  Unparsed arguments.
  */
 protected function parseArguments(HTTPd_DOMElement $node, $arglist)
 {
     if (!preg_match_all('/\\[(?:[^"\'\\]]++|"(?:[^"\\\\]++|\\\\.)*+"|\'(?:[^\'\\\\]++|\\\\.)*+\')\\]|[^"\'\\s]++|"(?:[^"\\\\]++|\\\\.)*+"|\'(?:[^\'\\\\]++|\\\\.)*+\'/s', str_replace("\\\n", "\n", $arglist), $matches, PREG_PATTERN_ORDER)) {
         return;
     }
     foreach ($matches[0] as $i => $value) {
         $node->addArgument(unquote($value));
     }
 }
Example #16
0
 /**
  * Replace constants
  *
  * @author Anthony Short
  * @param $
  * @return return type
  */
 public static function replace()
 {
     if (!empty(self::$constants)) {
         foreach (self::$constants as $key => $value) {
             if ($value != "") {
                 if (CSScaffold::config('core.use_css_constants') === true) {
                     CSS::replace("const({$key})", unquote($value));
                 } else {
                     CSS::replace("!{$key}", unquote($value));
                 }
             }
         }
         self::$constants = array();
     } else {
         if (preg_match_all('/![a-zA-Z0-9-_]+/', CSS::$css, $matches)) {
             $missing = array_values(array_unique($matches[0]));
             # Remove !important
             unset($missing[array_search('!important', $missing)]);
             if (!empty($missing)) {
                 $missing = "<ul><li>" . implode("</li><li>", $missing) . "</li></ul>";
                 throw new Scaffold_Exception('Constants.missing_constants', $missing);
             }
         }
     }
 }
Example #17
0
/**
 * processes the post from the above
 * @param int $index the index of the entry in mass edit or 0 if single album
 * @param object $album the album object
 * @param string $redirectto used to redirect page refresh on move/copy/rename
 * @return string error flag if passwords don't match
 * @since 1.1.3
 */
function processAlbumEdit($index, &$album, &$redirectto)
{
    $redirectto = NULL;
    // no redirection required
    if ($index == 0) {
        $prefix = $suffix = '';
    } else {
        $prefix = "{$index}-";
        $suffix = "_{$index}";
    }
    $notify = '';
    $album->setTitle(process_language_string_save($prefix . 'albumtitle', 2));
    $album->setDesc(process_language_string_save($prefix . 'albumdesc', EDITOR_SANITIZE_LEVEL));
    if (isset($_POST['tag_list_tags_' . $prefix])) {
        $tags = sanitize($_POST['tag_list_tags_' . $prefix]);
    } else {
        $tags = array();
    }
    $tags = array_unique($tags);
    $album->setTags($tags);
    if (isset($_POST[$prefix . 'thumb'])) {
        $album->setThumb(sanitize($_POST[$prefix . 'thumb']));
    }
    $album->setCommentsAllowed(isset($_POST[$prefix . 'allowcomments']));
    $sorttype = strtolower(sanitize($_POST[$prefix . 'sortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = unquote(strtolower(sanitize($_POST[$prefix . 'customimagesort'], 3)));
    }
    $album->setSortType($sorttype);
    if ($sorttype == 'manual' || $sorttype == 'random') {
        $album->setSortDirection(false, 'image');
    } else {
        if (empty($sorttype)) {
            $direction = false;
        } else {
            $direction = isset($_POST[$prefix . 'image_sortdirection']);
        }
        $album->setSortDirection($direction, 'image');
    }
    $sorttype = strtolower(sanitize($_POST[$prefix . 'subalbumsortby'], 3));
    if ($sorttype == 'custom') {
        $sorttype = strtolower(sanitize($_POST[$prefix . 'customalbumsort'], 3));
    }
    $album->setSortType($sorttype, 'album');
    if ($sorttype == 'manual' || $sorttype == 'random') {
        $album->setSortDirection(false, 'album');
    } else {
        $album->setSortDirection(isset($_POST[$prefix . 'album_sortdirection']), 'album');
    }
    if (isset($_POST['reset_hitcounter' . $prefix])) {
        $album->set('hitcounter', 0);
    }
    if (isset($_POST[$prefix . 'reset_rating'])) {
        $album->set('total_value', 0);
        $album->set('total_votes', 0);
        $album->set('used_ips', 0);
    }
    $pubdate = $album->setPublishDate(sanitize($_POST['publishdate-' . $prefix]));
    $album->setExpireDate(sanitize($_POST['expirationdate-' . $prefix]));
    $fail = '';
    processCredentials($album, $suffix);
    $oldtheme = $album->getAlbumTheme();
    if (isset($_POST[$prefix . 'album_theme'])) {
        $newtheme = sanitize($_POST[$prefix . 'album_theme']);
        if ($oldtheme != $newtheme) {
            $album->setAlbumTheme($newtheme);
        }
    }
    if (isset($_POST[$prefix . 'album_watermark'])) {
        $album->setWatermark(sanitize($_POST[$prefix . 'album_watermark'], 3));
        $album->setWatermarkThumb(sanitize($_POST[$prefix . 'album_watermark_thumb'], 3));
    }
    $album->setShow(isset($_POST[$prefix . 'Published']));
    zp_apply_filter('save_album_custom_data', NULL, $prefix, $album);
    zp_apply_filter('save_album_utilities_data', $album, $prefix);
    $album->save();
    // Move/Copy/Rename the album after saving.
    $movecopyrename_action = '';
    if (isset($_POST['a-' . $prefix . 'MoveCopyRename'])) {
        $movecopyrename_action = sanitize($_POST['a-' . $prefix . 'MoveCopyRename'], 3);
    }
    if ($movecopyrename_action == 'delete') {
        $dest = dirname($album->name);
        if ($album->remove()) {
            if ($dest == '/' || $dest == '.') {
                $dest = '';
            }
            $redirectto = $dest;
        } else {
            $notify = "&mcrerr=7";
        }
    }
    if ($movecopyrename_action == 'move') {
        $dest = sanitize_path($_POST['a' . $prefix . '-albumselect']);
        // Append the album name.
        $dest = ($dest ? $dest . '/' : '') . (strpos($album->name, '/') === FALSE ? $album->name : basename($album->name));
        if ($dest && $dest != $album->name) {
            if ($suffix = $album->isDynamic()) {
                // be sure there is a .alb suffix
                if (substr($dest, -4) != '.' . $suffix) {
                    $dest .= '.' . suffix;
                }
            }
            if ($e = $album->move($dest)) {
                $notify = "&mcrerr=" . $e;
            } else {
                $redirectto = $dest;
            }
        } else {
            // Cannot move album to same album.
            $notify = "&mcrerr=3";
        }
    } else {
        if ($movecopyrename_action == 'copy') {
            $dest = sanitize_path($_POST['a' . $prefix . '-albumselect']);
            if ($dest && $dest != $album->name) {
                if ($e = $album->copy($dest)) {
                    $notify = "&mcrerr=" . $e;
                }
            } else {
                // Cannot copy album to existing album.
                // Or, copy with rename?
                $notify = '&mcrerr=3';
            }
        } else {
            if ($movecopyrename_action == 'rename') {
                $renameto = sanitize_path($_POST['a' . $prefix . '-renameto']);
                $renameto = str_replace(array('/', '\\'), '', $renameto);
                if (dirname($album->name) != '.') {
                    $renameto = dirname($album->name) . '/' . $renameto;
                }
                if ($renameto != $album->name) {
                    if ($suffix = $album->isDynamic()) {
                        // be sure there is a .alb suffix
                        if (substr($renameto, -4) != '.' . $suffix) {
                            $renameto .= '.' . $suffix;
                        }
                    }
                    if ($e = $album->rename($renameto)) {
                        $notify = "&mcrerr=" . $e;
                    } else {
                        $redirectto = $renameto;
                    }
                } else {
                    $notify = "&mcrerr=3";
                }
            }
        }
    }
    return $notify;
}
Example #18
0
 /**
  * Verify if the result can be modify or deleted
  * if true, return the table name else return false
  *
  * @access public
  * @param string $query
  */
 function checkAccessResult($query)
 {
     if (preg_match('#EXPLAIN|JOIN|GROUP[[:space:]]#i', $query)) {
         return false;
     }
     $match = 'WHERE|ORDER|LIMIT';
     if (preg_match("#{$match}#i", $query)) {
         preg_match('#FROM(.*)(' . $match . ')#i', $query, $result);
     } else {
         preg_match('#FROM(.*)#i', $query, $result);
     }
     if (isset($result[1])) {
         $listTable = trim($result[1]);
         $posEnd = strrpos($listTable, ';');
         if ($posEnd) {
             $listTable = substr($listTable, 0, $posEnd);
         }
     } else {
         $listTable = '';
     }
     $GLOBALS['TableListImpact'] = $listTable;
     if (strpos($listTable, ',')) {
         return false;
     }
     $tableNAme = unquote(trim($listTable));
     if ($res = $this->connId->getResId('SELECT type FROM sqlite_master WHERE name LIKE ' . quotes($tableNAme))) {
     }
     if (@$this->connId->connId->fetch_single() != 'table') {
         return false;
     } else {
         return $tableNAme;
     }
 }
Example #19
0
     }
 }
 setOption('search_fields', implode(',', $searchfields));
 setOption('search_cache_duration', sanitize_numeric($_POST['search_cache_duration']));
 $notify = processCredentials('search');
 setOption('exact_tag_match', sanitize($_POST['tag_match']));
 setOption('exact_string_match', sanitize($_POST['string_match']));
 setOption('search_space_is', sanitize($_POST['search_space_is']));
 setOption('search_no_albums', (int) isset($_POST['search_no_albums']));
 setOption('search_no_images', (int) isset($_POST['search_no_images']));
 setOption('search_no_pages', (int) isset($_POST['search_no_pages']));
 setOption('search_no_news', (int) isset($_POST['search_no_news']));
 setOption('search_within', (int) ($_POST['search_within'] && true));
 $sorttype = strtolower(sanitize($_POST['sortby'], 3));
 if ($sorttype == 'custom') {
     $sorttype = unquote(strtolower(sanitize($_POST['customimagesort'], 3)));
 }
 setOption('search_image_sort_type', $sorttype);
 if ($sorttype == 'random') {
     setOption('search_image_sort_direction', 0);
 } else {
     if (empty($sorttype)) {
         $direction = 0;
     } else {
         $direction = isset($_POST['image_sortdirection']);
     }
     setOption('search_image_sort_direction', $direction);
 }
 $sorttype = strtolower(sanitize($_POST['subalbumsortby'], 3));
 if ($sorttype == 'custom') {
     $sorttype = strtolower(sanitize($_POST['customalbumsort'], 3));
Example #20
0
File: Log.php Project: jasny/Q
 /**
  * Extract the connection parameters from a DSN string.
  * Returns array(driver, filters, props)
  * 
  * @param string|array $dsn
  * @return array
  */
 public static function extractDSN($dsn)
 {
     $args = array();
     $filters = array();
     $props = array();
     $matches = null;
     // Extract DSN
     if (!is_string($dsn)) {
         $props = $dsn;
         $driver = strtolower(array_shift($props));
     } elseif (strpos($dsn, '+') !== false && preg_match_all('/((?:\\"(?:[^\\"\\\\]++|\\\\.)++\\")|(?:\'(?:[^\'\\\\]++|\\\\.)++\')|[^\\+\\"\']++)++/', $dsn, $matches) >= 2) {
         $a = null;
         $driver = 'container';
         $props = $matches[0];
         $filters = null;
         foreach ($props as $i => $prop) {
             if (preg_match('/^\\s*(filter\\s*(?:\\[("(?:\\\\"|[^"])*")|(\'(?:\\\\\'|[^\'])*\'|[^\\]]+)\\]\\s*)?)=(.*)$/', $prop, $filters)) {
                 parse_str($filters[1] . '=' . unquote(trim($filters[2])), $a);
                 $filters = array_replace_recursive($filters, $a);
                 unset($props[$i]);
             }
         }
     } else {
         $props = extract_dsn($dsn);
         $driver = strtolower(array_shift($props));
     }
     // Get filters and properties from arguments
     if (isset($args['filter'])) {
         $filters = $args['filter'];
         unset($args['filter']);
         if (!is_array($filters)) {
             $filters = split_set(',', $filters);
         }
     }
     return array($driver, $filters, $props);
 }