/**
* Securise la variable utilisateur entrée en parametre
* @author Valentin
* @param<String> variable a sécuriser
* @param<Integer> niveau de securisation
* @return<String> variable securisée
*/
public static function secure($var)
{
$response = '';
if (is_array($var)) {
foreach ($var as $key => $value) {
$response[Functions::secure($key)] = Functions::secure($value);
}
} else {
$response = addslashes(htmlspecialchars($var, ENT_QUOTES, "UTF-8"));
}
return $response;
}
public function setFromForms()
{
foreach ($_POST as $key => $val) {
$setter = 'set' . ucfirst($key);
if (method_exists($this, $setter)) {
$this->{$setter}(empty($val) ? $this->{$key} : Functions::secure($val));
}
}
foreach ($_FILES as $key => $val) {
$this->{$key} = (Functions::upload($key, ROOT . 'public/img/' . $this->table . '/' . $this->getNextId() . '/', 'picture', $this->pictureFormats) or $this->{$key});
}
}
$languageList = $i18n->languages;
if (file_exists('constant.php')) {
die(_t('ALREADY_INSTALLED'));
}
// Cookie de la session
$cookiedir = '';
if (dirname($_SERVER['SCRIPT_NAME']) != '/') {
$cookiedir = dirname($_SERVER["SCRIPT_NAME"]) . '/';
}
session_set_cookie_params(0, $cookiedir);
session_start();
// Protection des variables
$_ = array_merge($_GET, $_POST);
$whiteList = array('mysqlHost', 'mysqlLogin', 'mysqlMdp', 'mysqlBase', 'mysqlPrefix');
foreach ($_ as $key => &$val) {
$val = in_array($key, $whiteList) ? str_replace("'", "\\'", $val) : Functions::secure($val);
}
// Valeurs par défaut, remplacées si une autre valeur est saisie.
foreach (array('login', 'mysqlBase', 'mysqlHost', 'mysqlLogin', 'mysqlMdp', 'mysqlPrefix', 'password', 'root') as $var) {
/* Initalise les variables avec le contenu des champs
* pour rappeler les valeurs déjà saisies. */
if (!empty($_[$var])) {
${$var} = $_[$var];
} else {
${$var} = '';
}
}
if (empty($root)) {
// Ne peut être vide, alors on met la valeur par défaut
$root = str_replace(basename(__FILE__), '', 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']);
}
public function secureReduced($fieldName, $n)
{
return Functions::secure(Functions::reduce($this->get($fieldName), $n));
}
public static function createSelect($name, $options, $selectedOption = '', $useOldValue = false, $oldValue = '', $class = '', $id = '', $more = '')
{
$res = "\n" . '<select name="' . $name . '"';
if (!empty($class)) {
$res .= ' class="' . $class . '"';
}
if (!empty($id)) {
$res .= ' id="' . $id . '"';
}
if (!empty($more)) {
$res .= ' ' . $more;
}
$res .= ">\n";
$val = $useOldValue ? isset($_POST[$name]) ? $_POST[$name] : $oldValue : $selectedOption;
$mode = is_array($val) ? 'array' : 'string';
foreach ($options as $optionValue => $optionText) {
$isSelected = $mode == 'array' ? in_array($optionValue, $val) : $optionValue == $val;
$res .= '<option value="' . $optionValue . '"';
if ($isSelected && $useOldValue) {
$res .= ' selected=selected';
}
$res .= '>' . Functions::secure($optionText) . '</option>' . "\n";
}
$res .= '</select>' . "\n";
return $res;
}
raintpl::configure("base_url", null);
raintpl::configure("tpl_dir", './templates/' . $theme . '/');
raintpl::configure("cache_dir", "./cache/tmp/");
i18n_init($language, dirname(__FILE__) . '/templates/' . $theme . '/');
if ($resultUpdate) {
die(_t('LEED_UPDATE_MESSAGE'));
}
$view = '';
$tpl->assign('myUser', $myUser);
$tpl->assign('feedManager', $feedManager);
$tpl->assign('eventManager', $eventManager);
$tpl->assign('userManager', $userManager);
$tpl->assign('folderManager', $folderManager);
$tpl->assign('configurationManager', $configurationManager);
$tpl->assign('synchronisationCode', $configurationManager->get('synchronisationCode'));
//Récuperation et sécurisation de toutes les variables POST et GET
$_ = array();
foreach ($_POST as $key => $val) {
$_[$key] = Functions::secure($val, 2);
// on ne veut pas d'addslashes
}
foreach ($_GET as $key => $val) {
$_[$key] = Functions::secure($val, 2);
// on ne veut pas d'addslashes
}
$tpl->assign('_', $_);
$tpl->assign('action', '');
//Inclusion des plugins
Plugin::includeAll();
// pour inclure aussi les traductions des plugins dans les js
$tpl->assign('i18n_js', $i18n_js);
