$fields = array(); $fields['anchor'] = $anchor->get_reference(); $fields['description'] = $_REQUEST['message']; // this is a continuated contribution from this authenticated surfer } elseif ($item['type'] != 'notification' && Surfer::get_id() && (isset($item['create_id']) && Surfer::get_id() == $item['create_id']) && $continuity_limit < $item['edit_date']) { $item['description'] .= BR . $_REQUEST['message']; $fields = $item; // else process the contribution as a new comment } else { $fields = array(); $fields['anchor'] = $anchor->get_reference(); $fields['description'] = $_REQUEST['message']; } // actual database update if (!($fields['id'] = Comments::post($fields))) { Safe::header('Status: 500 Internal Error', TRUE, 500); die(i18n::s('Your contribution has not been posted.')); } // touch the related anchor, but don't notify watchers $anchor->touch('comment:thread', $fields['id']); // clear cache Comments::clear($fields); // thread update will trigger screen repaint through separate pending call of this script die('OK'); // get some updates } else { // we are running global $pending; $pending = TRUE; // invoked on shutdown function on_shutdown()
return; } // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { fpassthru($handle); } fclose($handle); } // the post-processing hook, then exit even on HEAD finalize_page(); return; } // redirect to the actual file $target_href = $context['url_to_home'] . $context['url_to_root'] . Files::get_path($item['anchor']) . '/' . rawurlencode($item['file_name']); } // let the web server provide the actual file if (!headers_sent()) { Safe::header('Status: 302 Found', TRUE, 302); Safe::header('Location: ' . $target_href); // this one may be blocked by anti-popup software } else { $context['site_head'] .= '<meta http-equiv="Refresh" content="1;url=' . $target_href . '" />' . "\n"; } // help the surfer $context['text'] .= '<p>' . i18n::s('You are requesting the following file:') . '</p>' . "\n"; $context['text'] .= '<p><a href="' . encode_field($target_href) . '">' . basename($target_href) . '</a></p>' . "\n"; // automatic or not $context['text'] .= '<p>' . i18n::s('The download should start automatically within seconds. Else hit the provided link to trigger it manually.') . '</p>' . "\n"; } // render the skin render_skin();
$label = $label[1]; } // strip codes include_once '../../codes/codes.php'; $label = Codes::strip($label); // remove every html tag $label = strip_tags(Safe::html_entity_decode($label)); // remember this $titles[$count] = $label; $links[$count] = $url; $count++; } // cache handling --except on scripts/validate.php if (!headers_sent() && (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'GET')) { // this is a schockwave object Safe::header('Content-Type: application/x-shockwave-flash'); // enable 30-minute caching (30*60 = 1800), even through https, to help IE6 on download http::expire(1800); // the original content $page = ''; for ($index = 0; $index < $count; $index++) { $page .= $titles[$index] . ':' . $links[$index] . ':'; } // strong validator $etag = '"' . md5($page) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } } include_once 'infuncs.php';
if (($owner_id = $parent->get_value('owner_id')) && ($user = Users::get($owner_id)) && $user['email']) { $owners[] = $user['id']; } $reference = $parent->get_value('anchor'); } // suggest to query one of available owners if ($owners) { $context['text'] .= '<div>' . i18n::ns('Following person is entitled to invite you to participate:', 'Following persons are entitled to invite you to participate:', count($owners)) . '</div>'; // the form $context['text'] .= '<form method="post" action="' . $context['script_url'] . '" id="main_form"><div>' . Users::list_for_ids($owners, 'request') . Skin::finalize_list(array(Skin::build_submit_button(i18n::s('Submit a request to get access'))), 'menu_bar') . '<input type="hidden" name="id" value="' . $item['id'] . '">' . '</div></form>'; } } // re-enforce the canonical link } elseif (!$zoom_type && $page == 1 && $context['self_url'] && $whole_rendering && strncmp($context['self_url'], $context['page_link'], strlen($context['page_link']))) { Safe::header('Status: 301 Moved Permanently', TRUE, 301); Safe::header('Location: ' . $context['page_link']); Logger::error(Skin::build_link($context['page_link'])); // display the article } else { // behaviors can change page menu if (is_object($behaviors)) { $context['page_menu'] = $behaviors->add_commands('articles/view.php', 'article:' . $item['id'], $context['page_menu']); } // remember surfer visit Surfer::is_visiting(Articles::get_permalink($item), Codes::beautify_title($item['title']), 'article:' . $item['id'], $item['active']); // increment silently the hits counter if not robot, nor associate, nor owner, nor at follow-up page if (Surfer::is_crawler() || Surfer::is_associate()) { } elseif (isset($item['owner_id']) && Surfer::is($item['owner_id'])) { } elseif (!$zoom_type) { $item['hits'] = isset($item['hits']) ? $item['hits'] + 1 : 1; Articles::increment_hits($item['id']);
/** * create a sparkline * * @param array data to be drawn * @param array parameters */ function build($series, $options) { // 1-line 2-fill 3-line+fill 4-intensity if (empty($options['style'])) { $this->style = 2; } else { $this->style = $options['style']; } // heigth if (empty($options['h'])) { $this->h = 64; } else { $this->h = $options['h']; } // gap width if (empty($options['gap'])) { $this->gap = 0.25; } else { $this->gap = $options['gap']; } // interpolation 0-none 1-linear 2-quadratic if (empty($options['order'])) { $this->order = 0; } else { $this->order = $options['order']; } // sample-width if (empty($options['sw'])) { if ($this->gap > 0.1) { $sw = 5; } else { $sw = 6; } } else { $sw = $options['sw']; } // anti-aliasing 0-none 1-yes if (empty($options['aa'])) { $this->aa = 0; } else { $this->aa = $options['aa']; } if (!isset($this->h) || !$this->h) { $this->h = 16; } if ($this->h > 128) { // don't want to tax server/bandwidth too much $this->h = 128; } if (isset($sw) && $sw) { // base width on number of samples? $w = (count($series) - $this->order) * $sw; } if (!isset($w) || !$w) { // or just guess one if not already here $w = $this->h * 4; } if ($w > 1024) { // limit again $w = 1024; } // we'll draw to a 2x res bitmap then downsample... easiest way to antialias for now if (isset($this->aa) && $this->aa) { $w *= 2; $this->h *= 2; } $im = @imagecreatetruecolor($w, $this->h) or die("Couldn't initialize new GD image stream"); // we allow multiple ways to define a color, all use hex bumbers // B = 0xBBBBBB (greyscale) // B9 = 0xB9B9B9 (greyscale) // B94 = 0xBB9944 // B94CD1 = 0xB94CD1 // solid color if (empty($options['fill'])) { $this->fill = 0xcccccc; } else { $this->fill = $this->ParseColorValue($options['fill']); } // allocate inks if (empty($options['bg'])) { $this->bg = 0xffffff; } else { $this->bg = $this->ParseColorValue($options['bg']); } if (empty($options['tint'])) { // used for optional range bars $this->tint = 0xf0f0f0; } else { $this->tint = $this->ParseColorValue($options['tint']); } if (empty($options['line'])) { $this->line = 0x444444; } else { $this->line = $this->ParseColorValue($options['line']); } // clear to background color imagefilledrectangle($im, 0, 0, $w, $this->h, $this->bg); // get data range $this->lower = $this->upper = $series[0]; for ($i = 1; $i < count($series); $i++) { if ($this->lower > $series[$i]) { $this->lower = $series[$i]; } else { if ($this->upper < $series[$i]) { $this->upper = $series[$i]; } } } // if user has supplied additional min and max values [to expand to, not collapse] if (!empty($options['min']) && $this->lower > $options['min']) { $this->lower = $options['min']; } if (!empty($options['max']) && $this->upper < $options['max']) { $this->upper = $options['max']; } if ($this->lower == $this->upper) { $this->upper += 0.5; $this->lower -= 0.5; } $this->fudge = 0; $zero = $this->ScaleForBitmap($zero); if (!($zero & 1) && $this->aa) { $this->fudge = 1; $zero++; } // we can provide color bands to give some visual indications of scale if (!empty($zone)) { $zone = explode(",", $zone); for ($i = 0; $i < count($zone) >> 1; $i++) { imagefilledrectangle($im, 0, $this->ScaleForBitmap($zone[$i * 2 + 1]), $w, $this->ScaleForBitmap($zone[$i * 2]), $this->tint); } } if (!$this->gap) { $this->gap = 0; } $this->gap *= 0.5; // shave half off either end (see below) for ($i = 0; $i < $w; $i++) { if ($this->order == 2) { $x = $i * (count($series) - 2) / $w; $f = $x - (int) $x; $y = ($series[$x] * (1 - ($f * 0.5 + 0.5)) + $series[$x + 1] * ($f * 0.5 + 0.5)) * (1 - $f) + ($series[$x + 1] * (1 - $f * 0.5) + $series[$x + 2] * $f * 0.5) * $f; } else { if ($this->order == 1) { $x = $i * (count($series) - 1) / $w; $f = $x - (int) $x; $y = $series[$x] * (1 - $f) + $series[$x + 1] * $f; } else { $x = $i * count($series) / $w; $f = $x - (int) $x; $y = $series[$x]; } } if ($this->gap && ($f < $this->gap || $f > 1 - $this->gap)) { // per sample gap continue; } $v = $this->ScaleForBitmap($y); if ($this->style & 4) { $color = $this->ScaleForRange($y); // mix the colors $color = ((int) (($this->line & 0xff) * $color + ($this->bg & 0xff) * (1 - $color)) & 0xff) + ((int) (($this->line & 0xff00) * $color + ($this->bg & 0xff00) * (1 - $color)) & 0xff00) + ((int) (($this->line & 0xff0000) * $color + ($this->bg & 0xff0000) * (1 - $color)) & 0xff0000); imagefilledrectangle($im, $i, 0, $i, $this->h, $color); } if ($this->style & 2) { if ($v <= $zero) { $y1 = $v; $y2 = $zero; } else { $y2 = $v + 1; $y1 = $zero + 1; } imagefilledrectangle($im, $i, $y1, $i, $y2, $this->fill); } if ($this->style & 1 || !$this->style) { if (!empty($last)) { if ($this->order) { imageline($im, $i - 1, $last, $i, $v, $this->line); //imageline($im, $i-1, $last+1, $i, $y+1, $this->line); imageline($im, $i, $last, $i + 1, $v, $this->line); } else { imageline($im, $i - 1, $last, $i - 1, $v, $this->line); imageline($im, $i - 1, $v, $i, $v, $this->line); } } $last = $v; } } if ($this->aa) { $im2 = @imagecreatetruecolor(intval($w * 0.5), intval($this->h * 0.5)) or die("Couldn't initialize new GD image stream"); imagecopyresampled($im2, $im, 0, 0, 0, 0, imagesx($im2), imagesy($im2), imagesx($im), imagesy($im)); imagedestroy($im); $im = $im2; } // // transfer to the user agent // // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { // doesn't really need to change at all, but added this just in case the algorithm changes // @header("Last-Modified: " . gmdate("D, d M Y H:i:s", intval(time() / 86400) * 86400) . " GMT"); Safe::header("Content-type: image/png"); imagepng($im); imagedestroy($im); } }
// not found if (!$item['id']) { include '../error.php'; // permission denied } elseif (!$permitted) { // anonymous users are invited to log in or to register if (!Surfer::is_logged()) { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Servers::get_url($item['id']))); } // permission denied to authenticated user Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // re-enforce the canonical link } elseif ($context['self_url'] && ($canonical = $context['url_to_home'] . $context['url_to_root'] . Servers::get_url($item['id'])) && strncmp($context['self_url'], $canonical, strlen($canonical))) { Safe::header('Status: 301 Moved Permanently', TRUE, 301); Safe::header('Location: ' . $canonical); Logger::error(Skin::build_link($canonical)); // display the server profile } else { $text = ''; // initialize the rendering engine Codes::initialize(Servers::get_url($item['id'])); // the nick name if ($item['host_name'] && Surfer::is_associate()) { $details[] = '"' . $item['host_name'] . '"'; } // information on last update if ($item['edit_name']) { $details[] = sprintf(i18n::s('edited by %s %s'), Users::get_link($item['edit_name'], $item['edit_address'], $item['edit_id']), Skin::build_date($item['edit_date'])); } // restricted to logged members
/** * jump to another web page * * This function never returns. * * @param string the target full web address */ public static function redirect($reference) { global $render_overlaid; // stay overlaid if it was asked if ($render_overlaid) { // stop redirect if param follow_up set to 'close' if (isset($_REQUEST['follow_up']) && $_REQUEST['follow_up'] === 'close') { exit('job done'); } // add overlaid param $reference = http::add_url_param($reference, "overlaid", "Y"); } // the actual redirection directive Safe::header('Location: ' . $reference); // a message for human beings if (!is_callable(array('i18n', 's'))) { exit; } exit(sprintf(i18n::s('Redirecting to %s'), '<a href="' . $reference . '">' . $reference . '</a>')); }
// vaidate notification attributes switch ($fields['type']) { case 'browse': if (!isset($_REQUEST['address'])) { Safe::header('Status: 400 Bad Request', TRUE, 400); die(i18n::s('Request is invalid.')); } break; case 'hello': if (!isset($_REQUEST['message'])) { Safe::header('Status: 400 Bad Request', TRUE, 400); die(i18n::s('Request is invalid.')); } break; default: Safe::header('Status: 400 Bad Request', TRUE, 400); die(i18n::s('Request is invalid.')); } // save in the database Notifications::post($fields); // thread update will trigger screen repaint through separate pending call of this script die('OK'); // look for some notification } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { // change session data to extend life of related file if (!isset($_SESSION['heartbit'])) { $_SESSION['heartbit'] = 0; } $_SESSION['heartbit']++; // refresh the watchdog $_SESSION['watchdog'] = time();
if ($user['id']) { Users::increment_posts($user['id']); } } } } // an error has been encountered if (is_array($response)) { $response = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<response>' . "\n" . '<error>' . $response['faultCode'] . '</error>' . "\n" . '<message>' . $response['faultString'] . '</message>' . "\n" . '</response>'; // also sets an error at the HTTP level Safe::header('Status: 400 Bad Request', TRUE, 400); // everything's going fine } else { $response = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<response>' . "\n" . '<error>0</error>' . "\n" . '</response>'; } // save the response if debug mode if ($context['debug_comment'] == 'Y') { Logger::remember('comments/post.php: comments post response', $response, 'debug'); } // send the response Safe::header('Content-Type: text/xml'); Safe::header('Content-Length: ' . strlen($response)); echo $response; return; // this is not a POST -- assume we have a human being } else { // detail usage rule Logger::error(i18n::s('This script supports Comment API and Post-It updates through HTTP POST requests.')); } // render the skin render_skin();
} } // // transfer to the user agent // // send the archive content if ($archive = $zipfile->get()) { // suggest a download Safe::header('Content-Type: application/octet-stream'); // suggest a name for the saved file $file_name = utf8::to_ascii($item['title']) . '.zip'; Safe::header('Content-Disposition: attachment; filename="' . str_replace('"', '', $file_name) . '"'); // file size Safe::header('Content-Length: ' . strlen($archive)); // already encoded Safe::header('Content-Transfer-Encoding: binary'); // enable 30-minute caching (30*60 = 1800), even through https, to help IE on download http::expire(1800); // strong validator $etag = '"' . md5($archive) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $archive; } // the post-processing hook, then exit finalize_page(TRUE); }
// the path to this page $context['path_bar'] = array('tools/' => i18n::s('Tools')); // default page title $context['page_title'] = i18n::s('Updating thumbnails url'); // stop crawlers if (Surfer::is_crawler()) { Safe::header('Status: 401 Forbidden', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // permission denied } elseif (!$permitted) { // anonymous users are invited to log in or to register if (!Surfer::is_logged()) { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode('tools/populate.php?action=' . $action)); } // permission denied to authenticated user Safe::header('Status: 401 Forbidden', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // forward to the control panel $menu = array('tools/' => i18n::s('Tools')); $context['text'] .= Skin::build_list($menu, 'menu_bar'); // create test data } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') { $text = ''; if ($action == 'confirmed' && isset($_REQUEST['former_url'])) { //add "images/" to url, to be sure to replace only begining $former_url = $_REQUEST['former_url'] . 'images/'; // I ANALYSE THUMBNAILS IN ARTICLES TABLE $text .= Skin::build_block(i18n::s('Analysing thumbnails for articles'), 'title'); // query to update $query = "UPDATE " . SQL::table_name('articles') . " SET "; $query .= "thumbnail_url= REPLACE(thumbnail_url,'" . $former_url . "','" . $context['url_to_root'] . "images/')";
function die_on_invalid() { Safe::header('Status: 400 Bad Request', TRUE, 400); die(i18n::s('Request is invalid.')); }
/** * dynamically generate the page * * @see skins/index.php */ function send_body() { global $context, $action; // check that the user is an admin, but only if there is at least one user record $query = "SELECT count(*) FROM " . SQL::table_name('users'); if (!Surfer::is_associate() && SQL::query($query) !== FALSE) { Safe::header('Status: 401 Unauthorized', TRUE, 401); echo '<p>' . i18n::s('You are not allowed to perform this operation.') . "</p>\n"; return; } // log the current surfer as an associate if not yet the case if (!Surfer::is_associate()) { $fields = array(); $fields['id'] = 1; $fields['nick_name'] = 'admin'; $fields['email'] = ''; $fields['capability'] = 'A'; Surfer::set($fields); echo '<p>' . i18n::s('You have associate privilege') . '</p>'; } // check every table of the database if ($action == 'build') { // maybe we will have to switch the server off $temporary_off = FALSE; // ensure nobody else will access the database during the operation if (file_exists('../parameters/switch.on')) { if (Safe::rename($context['path_to_root'] . 'parameters/switch.on', $context['path_to_root'] . 'parameters/switch.off')) { echo BR . i18n::s('The server has been switched off.'); $temporary_off = TRUE; } // let concurrent on-going transactions finish properly Safe::sleep(3); // first installation } elseif (!file_exists('../parameters/switch.off')) { echo '<p>' . i18n::s('Review provided information and go to the bottom of the page to move forward.') . "</a></p>\n"; } // ensure utf8 character set for this database $query = "ALTER DATABASE `" . $context['database'] . "` DEFAULT CHARACTER SET utf8"; SQL::query($query); // create tables for users echo Users::setup(); // create tables for activities echo Activities::setup(); // create tables for notifications include_once '../users/notifications.php'; echo Notifications::setup(); // create tables for messages echo Mailer::setup(); // create tables for visits include_once '../users/visits.php'; echo Visits::setup(); // create tables for sections echo Sections::setup(); // create tables for articles echo Articles::setup(); // create tables for images include_once '../images/images.php'; echo Images::setup(); // create tables for tables include_once '../tables/tables.php'; echo Tables::setup(); // create tables for files echo Files::setup(); // create tables for links include_once '../links/links.php'; echo Links::setup(); // create tables for locations include_once '../locations/locations.php'; echo Locations::setup(); // create tables for comments include_once '../comments/comments.php'; echo Comments::setup(); // create tables for categories echo Categories::setup(); // create tables for members include_once '../shared/members.php'; echo Members::setup(); // create tables for dates include_once '../dates/dates.php'; echo Dates::setup(); // create tables for servers include_once '../servers/servers.php'; echo Servers::setup(); // create tables for versions include_once '../versions/versions.php'; echo Versions::setup(); // create tables for enrolments include_once '../shared/enrolments.php'; echo Enrolments::setup(); // create tables for values include_once '../shared/values.php'; echo Values::setup(); // create tables for the cache echo Cache::setup(); // create tables for the php documentation include_once '../scripts/phpdoc.php'; echo PhpDoc::setup(); // the setup hook if (is_callable(array('Hooks', 'include_scripts'))) { echo Hooks::include_scripts('control/setup.php'); } // reopen the server for others if ($temporary_off && Safe::rename($context['path_to_root'] . 'parameters/switch.off', $context['path_to_root'] . 'parameters/switch.on')) { echo '<p>' . i18n::s('The server has been switched on.') . '</p>'; } // in the middle of an update if (file_exists('../parameters/switch.off')) { echo Skin::build_block('<form method="get" action="../scripts/run_once.php">' . "\n" . '<p class="assistant_bar">' . Skin::build_submit_button(i18n::s('Run one-time scripts and go to the Control Panel')) . '</p>' . "\n" . '</form>', 'bottom'); // this may take several minutes echo '<p>' . i18n::s('When you will click on the button the server will be immediately requested to proceed. However, because of the so many things to do on the back-end, you may have to wait for minutes before getting a response displayed. Thank you for your patience.') . '</p>'; // populate the database on first installation } elseif (!file_exists('../parameters/switch.on')) { echo Skin::build_block('<form method="get" action="populate.php">' . "\n" . '<p class="assistant_bar">' . Skin::build_submit_button(i18n::s('Initialize the database')) . '</p>' . "\n" . '</form>', 'bottom'); // or back to the control panel } else { $menu = array('control/' => i18n::s('Control Panel')); echo Skin::build_list($menu, 'menu_bar'); } // clear the cache Cache::clear(); // remember the change $label = i18n::c('The database has been optimised'); Logger::remember('control/setup.php: ' . $label); // ask for confirmation } else { // the splash message echo '<p>' . i18n::s('This script will check the structure of the database and optimize data storage:') . '</p>' . "\n" . '<ul>' . "\n" . '<li>' . i18n::s('Missing tables will be created, if necessary.') . '</li>' . "\n" . '<li>' . i18n::s('Some columns may be created or converted if their type has evolved.') . '</li>' . "\n" . '<li>' . i18n::s('All indexes will be (re)built.') . '</li>' . "\n" . '<li>' . i18n::s('Data files will be optimized as well.') . '</li>' . "\n" . '</ul>' . "\n"; // the submit button echo '<form method="post" action="' . $context['script_url'] . '" id="main_form"><p>' . Skin::build_submit_button(i18n::s('Ensure the database structure is accurate'), NULL, NULL, 'confirmed') . '<input type="hidden" name="action" value="build" />' . '</p></form>'; // the script used for form handling at the browser Page::insert_script('$("#confirmed").focus();'); // this may take several minutes echo '<p>' . i18n::s('When you will click on the button the server will be immediately requested to proceed. However, because of the so many things to do on the back-end, you may have to wait for minutes before getting a response displayed. Thank you for your patience.') . '</p>'; } }
Safe::file_put_contents($cache_id, $text); } // // transfer to the user agent // // handle the output correctly render_raw('text/xml; charset=' . $context['charset']); // suggest a name on download if (!headers_sent()) { if (is_object($anchor)) { $file_name = $context['site_name'] . '.comments.' . str_replace(':', '.', $anchor->get_reference()) . '.xml'; } else { $file_name = $context['site_name'] . '.comments.xml'; } $file_name =& utf8::to_ascii($file_name); Safe::header('Content-Disposition: inline; filename="' . $file_name . '"'); } // enable 30-minute caching (30*60 = 1800), even through https, to help IE6 on download http::expire(1800); // strong validator $etag = '"' . md5($text) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $text; } // the post-processing hook, then exit finalize_page(TRUE);
Logger::error(i18n::s('You are not allowed to perform this operation.')); // display the article } else { // file header $text = '<?xml version="1.0" encoding="' . $context['charset'] . '"?>' . "\n" . '<!DOCTYPE article SYSTEM "' . $context['url_to_home'] . $context['url_to_root'] . 'articles/article.dtd">' . "\n" . '<?xml-stylesheet type="text/css" href="' . $context['url_to_home'] . $context['url_to_root'] . 'articles/article.css" ?>' . "\n"; // item actual content $text .= Articles::to_xml($item, $overlay); // // transfer to the user agent // // handle the output correctly render_raw('text/xml; charset=' . $context['charset']); // suggest a name on download if (!headers_sent()) { $file_name = utf8::to_ascii(Skin::strip($context['page_title']) . '.xml'); Safe::header('Content-Disposition: attachment; filename="' . str_replace('"', '', $file_name) . '"'); } // enable 30-minute caching (30*60 = 1800), even through https, to help IE6 on download http::expire(1800); // strong validator $etag = '"' . md5($text) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $text; } // the post-processing hook, then exit finalize_page(TRUE);
// for associates only $fields['index_map'] = 'N'; // listed only to associates // reference the new section if ($fields['id'] = Sections::post($fields, FALSE)) { $anchor = Anchors::get('section:' . $fields['id']); } } $_REQUEST['anchor'] = $anchor->get_reference(); // stop crawlers if (Surfer::is_crawler()) { Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // an anchor is mandatory } elseif (!is_object($anchor)) { Safe::header('Status: 404 Not Found', TRUE, 404); Logger::error(i18n::s('No anchor has been found.')); // post a new query } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') { // protect from hackers if (isset($_REQUEST['edit_name'])) { $_REQUEST['edit_name'] = preg_replace(FORBIDDEN_IN_NAMES, '_', $_REQUEST['edit_name']); } if (isset($_REQUEST['edit_address'])) { $_REQUEST['edit_address'] = encode_link($_REQUEST['edit_address']); } // track anonymous surfers Surfer::track($_REQUEST); // this is the exact copy of what end users has typed $item = $_REQUEST; // from form fields to record columns
$context['path_bar'] = array('locations/' => i18n::s('Locations')); // the title of the page if (isset($item['geo_place_name'])) { $context['page_title'] = $item['geo_place_name']; } // not found if (!isset($item['id'])) { include '../error.php'; } elseif (!is_callable('ImageCreateFromJpeg')) { Logger::error(i18n::s('Not capable to generate dynamic images.')); } elseif (!file_exists($context['path_to_root'] . 'locations/images/earth_310.jpg')) { Logger::error(i18n::s('No image to use as a map.')); } else { // return the finished image as PNG if (!headers_sent()) { Safe::header("Content-type: image/png"); } // enable 30-minute caching (30*60 = 1800), even through https, to help IE6 on download http::expire(1800); // strong validator $etag = '"' . md5($item['geo_place_name'] . $item['longitude'] . $item['latitude']) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } // load the main image $image = ImageCreateFromJpeg($context['path_to_root'] . 'locations/images/earth_310.jpg'); $width = ImageSx($image); $height = ImageSy($image); // ensure we have split coordinates if (!$item['latitude'] || !$item['longitude']) {
} // suggest a download if (!headers_sent()) { $file_name = utf8::to_ascii(basename($script[0])); Safe::header('Content-Disposition: attachment; filename="' . str_replace('"', '', $file_name) . '"'); } // several scripts at one } else { // multi-part separator on the first line $text = $separator . $text; // compress the page if possible, but no transcoding -- the bare handler $context['charset'] = 'ASCII'; render_raw('text/html'); // send the response to the caller if (!headers_sent()) { Safe::header('Content-Description: Reference files from YACS environment'); } } // enable 30-minute caching (30*60 = 1800), even through https, to help IE6 on download http::expire(1800); // strong validator $etag = '"' . md5($text) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $text; } // the post-processing hook, then exit
/** * dynamically generate the page * * @see skins/index.php */ function send_body() { global $context; // only associates can proceed if (!Surfer::is_associate()) { Safe::header('Status: 401 Unauthorized', TRUE, 401); echo '<p>' . i18n::s('You are not allowed to perform this operation.') . "</p>\n"; // forward to the index page $menu = array('scripts/' => i18n::s('Server software')); echo Skin::build_list($menu, 'menu_bar'); // ask for confirmation } elseif (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'GET') { // the splash message echo '<p>' . i18n::s('This tool will include most of the running reference PHP scripts. Any syntax error should be spotted easily.') . '</p>'; // the submit button echo '<form method="post" action="' . $context['script_url'] . '" id="main_form"><p>' . Skin::build_submit_button(i18n::s('Yes, I want to validate scripts'), NULL, NULL, 'confirmed') . '</p></form>'; // set the focus on the button Page::insert_script('$("#confirmed").focus();'); // this may take some time echo '<p>' . i18n::s('When you will click on the button the server will be immediately requested to proceed. However, because of the so many things to do on the back-end, you may have to wait for minutes before getting a response displayed. Thank you for your patience.') . '</p>'; // just do it } else { // the splash message echo '<p>' . i18n::s('All reference scripts are included, to show evidence of possible syntax errors.') . "</p>\n"; // list running scripts echo '<p>' . i18n::s('Listing files...') . BR . "\n"; // locate script files starting at root $scripts = Scripts::list_scripts_at(NULL); if (is_array($scripts) && count($scripts)) { echo BR . sprintf(i18n::s('%d scripts have been found.'), count($scripts)) . "\n"; natsort($scripts); } echo "</p>\n"; // including scripts echo '<p>' . i18n::s('Including reference scripts...') . BR . "\n"; // strip as much output as possible $_SERVER['REQUEST_METHOD'] = 'HEAD'; // we will finalize this page later on global $finalizing_fuse; $finalizing_fuse = FALSE; // take care of dependancies include_once '../behaviors/behavior.php'; include_once '../services/codec.php'; include_once '../users/authenticator.php'; // analyse each script $included_files = 0; $links_to_be_checked_manually = array(); foreach ($scripts as $file) { // ensure we have enough time to process this script Safe::set_time_limit(30); // skip run once scripts if (strpos($file, 'run_once/')) { continue; } // don't include ourself if ($file == 'scripts/validate.php') { continue; } // process only reference scripts if (!Scripts::hash($file)) { continue; } // check file content if (!($handle = Safe::fopen($file, 'rb'))) { echo sprintf(i18n::s('%s has no readable content.'), $file) . BR . "\n"; continue; } // look at the beginning of the file if (!($header = fread($handle, 16384))) { echo sprintf(i18n::s('%s has no readable content.'), $file) . BR . "\n"; fclose($handle); continue; } fclose($handle); // skip scripts that generate content asynchronously if (stripos($header, 'send_body') || stripos($header, 'page::content')) { $links_to_be_checked_manually[$file] = '(asynchronous)'; continue; } // skip scripts that would redefine our skin if (stripos($header, 'extends skin_skeleton')) { $links_to_be_checked_manually[$file] = '(skin)'; continue; } // log script inclusion on development host if ($context['with_debug'] == 'Y') { logger::remember('scripts/validate.php: inclusion of ' . $file, '', 'debug'); } // include the script and display any error $included_files += 1; $validate_stamp = time(); echo sprintf(i18n::s('inclusion of %s'), $file) . "\n"; Safe::chdir($context['path_to_root'] . dirname($file)); include_once $context['path_to_root'] . $file; $duration = time() - $validate_stamp; if ($duration) { echo ' (' . $duration . 's.)'; } echo BR; } // memory status $used_memory = ''; if (is_callable('memory_get_usage')) { $used_memory = ' (' . memory_get_usage() . ' bytes)'; } // report of included files if ($included_files > 1) { echo '<p>' . sprintf(i18n::s('%d files have been included.'), $included_files) . $used_memory . '</p>'; } // list files to be checked manually if (count($links_to_be_checked_manually)) { echo '<p>' . i18n::s('Following scripts have to be included separately:') . BR . "\n"; ksort($links_to_be_checked_manually); foreach ($links_to_be_checked_manually as $file => $label) { echo Skin::build_link($file, $file, 'basic') . ' ' . $label . BR . "\n"; } echo sprintf(i18n::s('%d files to be checked manually.'), count($links_to_be_checked_manually)) . '</p>' . "\n"; } // display the execution time $time = round(get_micro_time() - $context['start_time'], 2); echo '<p>' . sprintf(i18n::s('Script terminated in %.2f seconds.'), $time) . '</p>'; // forward to the referential building echo '<form method="get" action="' . $context['url_to_root'] . 'scripts/build.php"><p>' . "\n" . Skin::build_submit_button(i18n::s('If no error has popped up, build the reference set >>')) . "\n" . '</p></form>' . "\n"; // this may take some time echo '<p>' . i18n::s('When you will click on the button the server will be immediately requested to proceed. However, because of the so many things to do on the back-end, you may have to wait for minutes before getting a response displayed. Thank you for your patience.') . '</p>'; // clear text some scripts could have added $context['debug'] = ''; $context['extra'] = ''; $context['navigation'] = ''; $context['suffix'] = ''; $context['text'] = ''; $context['page_details'] = ''; $context['page_footer'] = ''; $context['page_menu'] = array(); $context['page_tags'] = ''; $context['page_tools'] = ''; // now we will finalize this page global $finalizing_fuse; unset($finalizing_fuse); } }
include_once '../services/rss_codec.php'; $result = rss_Codec::encode($values); $status = @$result[0]; $text = @$result[1]; // save in cache for the next request Cache::put($cache_id, $text, 'articles'); } // // transfer to the user agent // // handle the output correctly render_raw('text/xml; charset=' . $context['charset']); // suggest a name on download if (!headers_sent()) { $file_name = utf8::to_ascii($context['site_name'] . '.section.' . $item['id'] . '.rss.xml'); Safe::header('Content-Disposition: inline; filename="' . str_replace('"', '', $file_name) . '"'); } // enable 30-minute caching (30*60 = 1800), even through https, to help IE6 on download http::expire(1800); // strong validator $etag = '"' . md5($text) . '"'; // manage web cache if (http::validate(NULL, $etag)) { return; } // actual transmission except on a HEAD request if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] != 'HEAD') { echo $text; } // the post-processing hook, then exit finalize_page(TRUE);
/** * pull most recent notification * * This script will wait for new updates before providing them to caller. * Because of potential time-outs, you have to care of retries. * * @return array attributes of the oldest notification, if any * * @see users/heartbit.php */ public static function pull() { global $context; // return by reference $output = NULL; // only authenticated surfers can be notified if (!Surfer::get_id()) { Safe::header('Status: 401 Unauthorized', TRUE, 401); die(i18n::s('You are not allowed to perform this operation.')); } // only consider recent records -- 180 = 3 minutes * 60 seconds $threshold = gmstrftime('%Y-%m-%d %H:%M:%S', time() - 180); // the query to get time of last update $query = "SELECT * FROM " . SQL::table_name('notifications') . " AS notifications " . " WHERE (notifications.recipient = " . SQL::escape(Surfer::get_id()) . ")" . "\tAND (edit_date >= '" . SQL::escape($threshold) . "')" . " ORDER BY notifications.edit_date" . " LIMIT 1"; // stop if there is nothing to return if (!($record = SQL::query_first($query)) || !isset($record['data'])) { return 'NTR'; } // restore the entire record $output = Safe::unserialize($record['data']); // localize on server-side message displayed by the client software $lines = array(); switch ($output['type']) { case 'alert': // a new item has been created if (strpos($output['action'], ':create')) { $lines[] = sprintf(i18n::s('New page: %s'), $output['title']) . "\n" . sprintf(i18n::s('%s by %s'), ucfirst(Anchors::get_action_label($output['action'])), $output['nick_name']) . "\n"; // surfer prompt $lines[] = i18n::s('Would you like to browse the page?'); // else consider this as an update } else { // provide a localized message $lines[] = sprintf(i18n::s('Updated: %s'), $output['title']) . "\n" . sprintf(i18n::s('%s by %s'), ucfirst(Anchors::get_action_label($output['action'])), $output['nick_name']) . "\n"; // surfer prompt $lines[] = i18n::s('Would you like to browse the page?'); } break; case 'browse': // message is optional if (isset($output['message']) && trim($output['message'])) { $lines[] = sprintf(i18n::s('From %s:'), $output['nick_name']) . "\n" . $output['message'] . "\n"; } // address is mandatory $lines[] = i18n::s('Would you like to browse the page?'); break; case 'hello': // message is optional if (isset($output['message']) && trim($output['message'])) { $lines[] = sprintf(i18n::s('From %s:'), $output['nick_name']) . "\n" . $output['message'] . "\n"; } // address is present on new chat if (isset($output['address']) && trim($output['address'])) { $lines[] = i18n::s('Would you like to browse the page?'); } break; } // content of the dialog box that will be displayed to surfer if (count($lines)) { $output['dialog_text'] = implode("\n", $lines); } // forget this notification $query = "DELETE FROM " . SQL::table_name('notifications') . " WHERE id = " . SQL::escape($record['id']); SQL::query($query, TRUE); // return the new notification return $output; }
// stop crawlers if (Surfer::is_crawler()) { Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // not found } elseif (!is_object($anchor)) { Safe::header('Status: 404 Not Found', TRUE, 404); Logger::error(i18n::s('No item has been found.')); // permission denied } elseif (!$permitted) { // anonymous users are invited to log in or to register if (!Surfer::is_logged()) { Safe::redirect($context['url_to_home'] . $context['url_to_root'] . 'users/login.php?url=' . urlencode(Categories::get_url($member, 'select'))); } // permission denied to authenticated user Safe::header('Status: 401 Unauthorized', TRUE, 401); Logger::error(i18n::s('You are not allowed to perform this operation.')); // build a form to associates some categories to this item } else { // actual update if (isset($_REQUEST['anchor']) && isset($_REQUEST['member'])) { // on error display the form again if ($error = Members::toggle($_REQUEST['anchor'], $_REQUEST['member'], isset($_REQUEST['father']) ? $_REQUEST['father'] : '')) { Logger::error($error); } } // the current list of linked categories $categories =& Members::list_categories_by_title_for_member($member, 0, CATEGORIES_LIST_SIZE, 'raw'); // the form to link additional categories if (!is_array($categories) || count($categories) < CATEGORIES_LIST_SIZE) { $context['text'] .= '<form method="post" action="' . $context['script_url'] . '"><div style="margin-bottom: 2em;">' . i18n::s('Select a category') . ' <select name="anchor">' . Categories::get_options($categories) . '</select>' . ' ' . Skin::build_submit_button(i18n::s('Categorize')) . '<input type="hidden" name="member" value="' . encode_field($member) . '">' . '</div></form>' . "\n";
$file = $filename; } // read file content if (($content = Safe::file_get_contents($file_prefix . $file)) !== FALSE) { // store binary data $zipfile->store($file, Safe::filemtime($file_prefix . $file), $content); // avoid timeouts if (!($index++ % 50)) { Safe::set_time_limit(30); SQL::ping(); } } } // suggest a download Safe::header('Content-Type: application/zip'); Safe::header('Content-Disposition: attachment; filename="backup_' . $context['skin'] . '.zip"'); // send the archive content echo $zipfile->get(); // do not allow for regular rendering return; // no file } else { $context['text'] .= BR . i18n::s('No item has been found.') . '</p>' . "\n"; } // select the operation to perform } else { // the splash label $context['text'] .= '<p>' . i18n::s('Please select the action to perform.') . "</p>\n"; // backup $context['text'] .= Skin::build_block(i18n::s('Backup database content'), 'title'); // introductory text