Example #1
0
 public function createAction()
 {
     $auth = Zend_Auth::getInstance();
     if ($auth->hasIdentity()) {
         $this->identity = $auth->getIdentity();
     }
     if (!$this->identity->id) {
         $this->_redirect('/user/login');
     }
     $formBlog = new Form_Source();
     if ($this->getRequest()->isPost()) {
         if ($formBlog->isValid($_POST)) {
             $blogData = $formBlog->getValues();
             $blogData['uid'] = $this->identity->id;
             $blogData['type'] = 'blog';
             $blogData['createtime'] = time();
             $tags = str_replace(",", ",", $blogData['tags']);
             unset($blogData['tags']);
             unset($blogData['提交']);
             $modelBlog = new Page();
             $newBlog = $modelBlog->createPage($blogData);
             if ($newBlog) {
                 $this->_redirect('source/view/id/' . $newBlog);
             }
         }
     }
     $this->view->formBlog = $formBlog;
     // $this->_helper->cache(array('index', 'view'), array('gook'));
 }
Example #2
0
 public function createAction()
 {
     $auth = Zend_Auth::getInstance();
     if ($auth->hasIdentity()) {
         $this->identity = $auth->getIdentity();
     }
     if (!$this->identity->id) {
         $this->_redirect('/user/login');
     }
     $formBlog = new Form_Now();
     if ($this->getRequest()->isPost()) {
         if ($formBlog->isValid($_POST)) {
             $blogData = $formBlog->getValues();
             $blogData['uid'] = $this->identity->id;
             $blogData['type'] = 'now';
             $blogData['createtime'] = time();
             $tags = str_replace(",", ",", $blogData['tags']);
             unset($blogData['tags']);
             unset($blogData['提交']);
             $modelBlog = new Page();
             $newBlog = $modelBlog->createPage($blogData);
             if ($newBlog) {
                 if ($tags != null) {
                     $modelTags = new Tags();
                     $modelTags->createTags($newBlog, $tags);
                     $modelTagsTotal = new TagsTotal();
                     $arrTags = explode(",", $tags);
                     if (count($arrTags) > 0) {
                         foreach ($arrTags as $value) {
                             $modelTagsTotal->createTag($value);
                         }
                     } else {
                         $modelTagsTotal->createTag($tags);
                     }
                 }
                 $this->_redirect('blog/view/id/' . $newBlog);
             }
         }
     }
     $this->view->formBlog = $formBlog;
     // $this->_helper->cache(array('index', 'view'), array('gook'));
 }
Example #3
0
source: http://www.securityfocus.com/bid/38126/info

Huski CMS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the computer; other attacks are also possible. 

<?php 
header('Content-Type: text/html; charset=utf-8');
// Data Includes
include_once "PHPLib/db_mysql.inc";
include_once "Data/dbConnection.class.php";
include_once "Data/dbConfig.class.php";
include_once "Data/dataAdapter.class.php";
include_once "Quicksite/Core/domxml.class.php";
// Quicksite Core Includes
include_once "Quicksite/Core/all.inc.php";
// Configuration
include_once "Quicksite/db.config.php";
include_once "inc/vars.config.php";
// Initialise the Site
$site = new Site($_VARS['site']);
print_r($_SESSION['login']);
// Initialise the Page
$page = new Page($site, $_GET['id'], array_merge($_POST, $_GET));
// Load plugin sources
$page->loadPluginSources();
// Create the Page
$page->createPage();
echo $page->Result;
Example #4
0
}
if ($_GET['n'] == "new") {
    $t = false;
} else {
    $t = true;
    if (!$user->str_check($_GET['n'])) {
        redirect("Location: error.php");
    }
    $post = $page->getPage($_GET['n']);
    if (!$post) {
        redirect("Location: error.php");
    }
}
if (isset($_POST['submit'])) {
    if ($_GET['n'] == "new") {
        $id = $page->createPage($_POST['name'], $_POST['title'], $user->getUser(), $_POST['post']);
    } else {
        $id = $page->updatePage($_POST['name'], $_POST['title'], $user->getUser(), $_POST['post']);
    }
    if ($id == false) {
        header("Location: error.php");
    } else {
        header("Location: pedit.php?n=" . $id);
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>页面管理 > <?php 
Example #5
0
     try {
         $article = Article::createArticle($_POST['title'], getUser());
         $article->setContent($_POST['content']);
     } catch (Exception $e) {
         header("Location: " . orongoURL("orongo-admin/create.php?msg=0&obj=article"));
     }
     header("Location: " . orongoURL("orongo-admin/create.php?msg=1&obj=article"));
     exit;
     break;
 case "page":
     if (!isset($_POST['title']) || !isset($_POST['content'])) {
         header("Location: " . orongoURL("orongo-admin/create.php?page"));
         exit;
     }
     try {
         $page = Page::createPage($_POST['title']);
         $page->setContent($_POST['content']);
     } catch (Exception $e) {
         header("Location: " . orongoURL("orongo-admin/create.php?msg=0&obj=page"));
     }
     header("Location: " . orongoURL("orongo-admin/create.php?msg=1&obj=page"));
     exit;
     break;
 case "user":
     if (getUser()->getRank() < RANK_ADMIN) {
         header("Location: " . orongoURL("orongo-admin/index.php?msg=0"));
         exit;
     }
     if (!isset($_POST['name']) || !isset($_POST['password']) || !isset($_POST['email']) || !isset($_POST['rank'])) {
         header("Location: " . orongoURL("orongo-admin/create.php?user"));
         exit;