function preAction() { global $xoopsUser; xoonips_allow_post_method(); xoonips_deny_guest_access(); $page = $this->_formdata->getValue('post', 'page', 'i', false); xoonips_validate_request($page > 0); $resolve_flag = $this->_formdata->getValue('post', 'resolve_conflict_flag', 'i', false); xoonips_validate_request(1 == $resolve_flag || 0 == $resolve_flag); $itemtype_handler =& xoonips_getormhandler('xoonips', 'item_type'); foreach ($itemtype_handler->getObjects() as $itemtype) { if ('xoonips_index' == $itemtype->get('name')) { continue; } $handler =& xoonips_gethandler($itemtype->get('name'), 'import_item'); $handler->create(); } $sess_hander =& xoonips_getormhandler('xoonips', 'session'); $sess =& $sess_hander->get(session_id()); $session = unserialize($sess->get('sess_data')); $this->_collection = unserialize(gzuncompress(base64_decode($session['xoonips_import_items']))); xoonips_validate_request($this->_collection); $this->_collection->setImportAsNewOption(!is_null($this->_formdata->getValue('post', 'import_as_new', 'i', false))); $items =& $this->_collection->getItems(); foreach (array_keys($items) as $key) { if (in_array($items[$key]->getPseudoId(), $this->getUpdatablePseudoId())) { // set update flag of displayed item $items[$key]->setUpdateFlag(in_array($items[$key]->getPseudoId(), $this->getUpdatePseudoId())); } } $this->_params[] = $this->_collection->getItems(); $this->_params[] = $xoopsUser->getVar('uid'); $this->_params[] = $this->_collection->getImportAsNewOption(); }
function preAction() { global $xoopsUser; xoonips_deny_guest_access(); xoonips_allow_post_method(); xoonips_validate_request($this->is_valid_transferee_user($this->_formdata->getValue('post', 'to_uid', 'i', false))); xoonips_validate_request($this->is_readable_all_items($this->get_item_ids_to_transfer(), $xoopsUser->getVar('uid'))); }
function preAction() { global $xoopsUser; xoonips_deny_guest_access(); xoonips_allow_post_method(); $extra_params = xoonips_extra_param_restore(); xoonips_validate_request($this->is_valid_transferee_user(@$extra_params['to_uid'])); xoonips_validate_request($this->is_readable_all_items($this->_formdata->getValueArray('post', 'selected_original', 'i', false), $xoopsUser->getVar('uid'))); }
function preAction() { global $xoopsUser; xoonips_deny_guest_access(); xoonips_allow_post_method(); $filetype = $this->_formdata->getValue('post', 'filetype', 's', false); xoonips_validate_request('localfile' == $filetype || 'remotefile' == $filetype && $xoopsUser && $xoopsUser->isAdmin()); xoonips_validate_request($this->_is_importable_index_id($this->_get_xoonips_checked_index_ids($this->_formdata->getValue('post', 'xoonipsCheckedXID', 's', false)))); }
function preAction() { global $xoopsUser; xoonips_deny_guest_access(); xoonips_allow_post_method(); $extra_params = xoonips_extra_param_restore(); xoonips_validate_request($this->is_valid_transferee_user(@$extra_params['to_uid'])); if (count($this->get_selected()) > 0 || count($this->get_selected_hidden()) > 0) { xoonips_validate_request($this->is_readable_all_items(array_merge($this->get_selected(), $this->get_selected_hidden()), $xoopsUser->getVar('uid'))); } }
function doAction() { global $xoopsUser; $textutil =& xoonips_getutility('text'); $repository_id = $this->_formdata->getValue('post', 'repository_id', 'i', false); if (!is_null($repository_id)) { xoonips_validate_request($this->isValidRepositoryId($repository_id)); } $this->_view_params['repository_id'] = $repository_id; $this->_view_params['keyword'] = $textutil->html_special_chars($this->_formdata->getValue('post', 'keyword', 's', false)); $this->_view_params['repositories'] = $this->getRepositoryArrays(); $this->_view_params['total_repository_count'] = $this->getTotalRepositoryCount(); $this->_view_params['total_metadata_count'] = $this->getTotalMetadataCount(); }
function preAction() { xoonips_deny_guest_access(); xoonips_allow_post_method(); if (!$GLOBALS['xoopsGTicket']->check(true, 'import', false)) { die('ticket error'); } $itemtype_handler =& xoonips_getormhandler('xoonips', 'item_type'); foreach ($itemtype_handler->getObjects() as $itemtype) { if ('xoonips_index' == $itemtype->get('name')) { continue; } $handler =& xoonips_gethandler($itemtype->get('name'), 'import_item'); $handler->create(); } $sess_handler =& xoonips_getormhandler('xoonips', 'session'); $sess =& $sess_handler->get(session_id()); $session = unserialize($sess->get('sess_data')); $this->_collection = unserialize(gzuncompress(base64_decode($session['xoonips_import_items']))); xoonips_validate_request($this->_collection); $this->_make_clone_of_update_item($this->_collection); $this->_begin_time = time(); $this->_params[] =& $this->_collection->getItems(); }
function preAction() { xoonips_allow_post_method(); $repository_id = $this->_formdata->getValue('post', 'repository_id', 'i', true); xoonips_validate_request($this->isValidRepositoryId($repository_id)); $order_by = $this->_formdata->getValue('post', 'order_by', 's', false); xoonips_validate_request(in_array($order_by, array('title', 'identifier', 'last_update_date', 'creation_date', 'date'))); $order_dir = $this->_formdata->getValue('post', 'order_dir', 's', false); xoonips_validate_request(in_array($order_dir, array('asc', 'desc'))); $metadata_per_page = $this->_formdata->getValue('post', 'metadata_per_page', 'i', false); xoonips_validate_request(in_array($metadata_per_page, array(20, 50, 100))); $page = $this->_formdata->getValue('post', 'page', 'i', false); xoonips_validate_request($page > 0); $search_flag = $this->_formdata->getValue('post', 'search_flag', 'i', false); xoonips_validate_request(in_array($search_flag, array(0, 1))); $search_cache_id = $this->_formdata->getValue('post', 'search_cache_id', 'i', false); if (!is_null($search_cache_id)) { xoonips_validate_request($this->searchCacheExists($search_cache_id)); } $keyword = $this->_formdata->getValue('post', 'keyword', 's', false); if (0 == $repository_id && '' == $keyword) { $this->_searchCacheId = 0; $this->_logicName = null; return; } $this->_orderDir = $order_dir; $this->_orderBy = $order_by; $this->_metadataPerPage = $metadata_per_page; $this->_page = $page; $this->_searchCacheId = is_null($search_cache_id) ? '0' : $search_cache_id; $this->_params[] = session_id(); $this->_params[] = $repository_id; $this->_params[] = $keyword; $this->_params[] = $this->_orderBy; $this->_params[] = $this->_orderDir; }
// -- field length foreach ($check_fields as $key => $info) { list($label, $maxlength, $errmes) = $info; if (!is_null($maxlength) && strlen(${$key}) > $maxlength) { $errors[] = $errmes; } } $stop = ''; if (count($errors) > 0) { $stop = implode('<br />' . "\n", $errors) . '<br />' . "\n"; } return $stop; } $formdata =& xoonips_getutility('formdata'); $op = $formdata->getValue('post', 'op', 'n', false, 'register'); xoonips_validate_request(in_array($op, array('register', 'newuser', 'finish'))); $post_keys = array('uname' => array('type' => 's', 'default' => ''), 'email' => array('type' => 's', 'default' => ''), 'url' => array('type' => 's', 'default' => ''), 'pass' => array('type' => 'n', 'default' => ''), 'vpass' => array('type' => 'n', 'default' => ''), 'timezone_offset' => array('type' => 'f', 'default' => $myxoopsConfig['default_TZ']), 'user_viewemail' => array('type' => 'b', 'default' => 0), 'user_mailok' => array('type' => 'b', 'default' => 0), 'agree_disc' => array('type' => 'b', 'default' => 0), 'realname' => array('type' => 's', 'default' => ''), 'address' => array('type' => 's', 'default' => ''), 'company_name' => array('type' => 's', 'default' => ''), 'division' => array('type' => 's', 'default' => ''), 'tel' => array('type' => 's', 'default' => ''), 'country' => array('type' => 's', 'default' => ''), 'zipcode' => array('type' => 's', 'default' => ''), 'fax' => array('type' => 's', 'default' => ''), 'notice_mail' => array('type' => 'i', 'default' => 0)); foreach ($post_keys as $key => $meta) { $val = $formdata->getValue('post', $key, $meta['type'], false, $meta['default']); ${$key} = $val; } // get and check xoonips configuration $certify_user = $xconfig_handler->getValue('certify_user'); $is_certify_auto = $certify_user == 'auto'; $required = array(); foreach (array('realname', 'address', 'division', 'tel', 'company_name', 'country', 'zipcode', 'fax') as $key) { $optional = $xconfig_handler->getValue('account_' . $key . '_optional'); if ($optional == 'on') { $required[$key] = array('flag' => false, 'mark' => ''); } else { $required[$key] = array('flag' => true, 'mark' => _MD_XOONIPS_ACCOUNT_REQUIRED_MARK);
// // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY; without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // // GNU General Public License for more details. // // // // You should have received a copy of the GNU General Public License // // along with this program; if not, write to the Free Software // // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // // ------------------------------------------------------------------------- // include 'include/common.inc.php'; include 'include/AL.php'; include_once __DIR__ . '/class/base/actionfactory.class.php'; $formdata =& xoonips_getutility('formdata'); $op = $formdata->getValue('get', 'action', 's', false); if (is_null($op)) { header('Location: ' . XOOPS_URL . '/modules/xoonips/import.php?action=default'); exit; } xoonips_validate_request(is_valid_action($op)); $factory =& XooNIpsActionFactory::getInstance(); $action =& $factory->create('import_' . $op); if (!$action) { header('Location: ' . XOOPS_URL . '/'); } $action->action(); exit; function is_valid_action($action) { return in_array($action, array('default', 'upload', 'import', 'import_index_tree', 'resolve_conflict')); }
function preAction() { xoonips_allow_post_method(); xoonips_validate_request($this->isValidMetadataId($this->_formdata->getValue('post', 'identifier', 's', false))); }
redirect_header(XOOPS_URL . '/', 2, _MD_XOONIPS_ITEM_FORBIDDEN); exit; } } else { redirect_header('user.php', 2, _MD_XOONIPS_ITEM_FORBIDDEN); exit; } include_once 'include/lib.php'; include_once 'include/AL.php'; include_once 'include/imexport.php'; $xnpsid = $_SESSION['XNPSID']; $uid = $_SESSION['xoopsUserId']; // get request variables $formdata =& xoonips_getutility('formdata'); $op = $formdata->getValue('both', 'op', 's', false, ''); xoonips_validate_request(in_array($op, array('', 'su', 'end'))); // change uid. // don't preserve old uid. function xoonips_change_uid($su_uid) { $u = new XoopsUser($su_uid); $groupids = $u->getGroups(); $_SESSION['xoopsUserId'] = $su_uid; $_SESSION["xoopsUserGroups"] = $groupids; } if ($op == '') { if (isset($_SESSION['xoonips_old_uid'])) { redirect_header(XOOPS_URL . '/', 0, ''); // already in su-mode exit; }
/** * * allow only post and get method access * */ function xoonips_allow_both_method() { xoonips_validate_request($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST'); }
// source code which is considered copyrighted (c) material of the // // original comment or credit authors. // // // // This program is distributed in the hope that it will be useful, // // but WITHOUT ANY WARRANTY; without even the implied warranty of // // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // // GNU General Public License for more details. // // // // You should have received a copy of the GNU General Public License // // along with this program; if not, write to the Free Software // // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // // ------------------------------------------------------------------------- // include 'include/common.inc.php'; include_once __DIR__ . '/class/base/actionfactory.class.php'; $formdata =& xoonips_getutility('formdata'); $op = $formdata->getValue('get', 'action', 'n', false); if (is_null($op)) { header('Location: ' . XOOPS_URL . '/modules/xoonips/oaipmh_search.php?action=default'); } xoonips_validate_request(in_array($op, array('default', 'detail', 'search', 'metadata_detail'))); $factory =& XooNIpsActionFactory::getInstance(); if ($op == 'metadata_detail') { $action =& $factory->create('xoonips_search_metadata_detail'); } else { $action =& $factory->create('oaipmh_search_' . $op); } if (!$action) { header('Location: ' . XOOPS_URL . '/'); } $action->action(); exit;