/**
* Utility function redirect the browser location to another url
*
* Can optionally provide a message.
* @param string The URL to redirect to
* @param string A Message to display to the user
*/
function vmRedirect($url, $msg = '')
{
if (function_exists('mosRedirect')) {
mosRedirect($url, $msg);
} elseif (vmIsJoomla('1.5', '>=')) {
global $mainframe;
$mainframe->redirect($url, $msg);
} else {
global $mainframe;
// specific filters
$iFilter = vmInputFilter::getInstance();
$url = $iFilter->process($url);
if (!empty($msg)) {
$msg = $iFilter->process($msg);
}
// Strip out any line breaks and throw away the rest
$url = preg_split("/[\r\n]/", $url);
$url = $url[0];
if ($iFilter->badAttributeValue(array('href', $url))) {
$url = $GLOBALS['mosConfig_live_site'];
}
if (trim($msg)) {
if (strpos($url, '?')) {
$url .= '&mosmsg=' . urlencode($msg);
} else {
$url .= '?mosmsg=' . urlencode($msg);
}
}
if (headers_sent()) {
echo '<script type="text/javascript">document.location.href=\'' . $url . '\';</script>';
} else {
@ob_end_clean();
// clear output buffer
header('HTTP/1.1 301 Moved Permanently');
header("Location: " . $url);
}
$GLOBALS['vm_mainframe']->close(true);
}
}
function _cleanVar($var, $mask = 0, $type = null)
{
// Static input filters for specific settings
static $noHtmlFilter = null;
static $safeHtmlFilter = null;
// If the no trim flag is not set, trim the variable
if (!($mask & 1) && is_string($var)) {
$var = trim($var);
}
// Now we handle input filtering
if ($mask & 2) {
// If the allow raw flag is set, do not modify the variable
$var = $var;
} elseif ($mask & 4) {
// If the allow html flag is set, apply a safe html filter to the variable
if (is_null($safeHtmlFilter)) {
$safeHtmlFilter =& vmInputFilter::getInstance(null, null, 1, 1);
}
$var = $safeHtmlFilter->clean($var, $type);
} else {
// Since no allow flags were set, we will apply the most strict filter to the variable
if (is_null($noHtmlFilter)) {
$noHtmlFilter =& vmInputFilter::getInstance();
}
$var = $noHtmlFilter->clean($var, $type);
}
return $var;
}
/**
* Internal method to strip a tag of certain attributes
*
* @access protected
* @param array $attrSet Array of attribute pairs to filter
* @return array $newSet Filtered array of attribute pairs
*/
function filterAttr($attrSet)
{
/*
* Initialize variables
*/
$newSet = array();
/*
* Iterate through attribute pairs
*/
for ($i = 0; $i < count($attrSet); $i++) {
/*
* Skip blank spaces
*/
if (!$attrSet[$i]) {
continue;
}
/*
* Split into name/value pairs
*/
$attrSubSet = explode('=', trim($attrSet[$i]), 2);
list($attrSubSet[0]) = explode(' ', $attrSubSet[0]);
/*
* Remove all "non-regular" attribute names
* AND blacklisted attributes
*/
if (!preg_match("/^[a-z][a-z0-9]*\$/i", $attrSubSet[0]) || $this->xssAuto && (in_array(strtolower($attrSubSet[0]), $this->attrBlacklist) || substr($attrSubSet[0], 0, 2) == 'on')) {
continue;
}
/*
* XSS attribute value filtering
*/
if ($attrSubSet[1]) {
// strips unicode, hex, etc
$attrSubSet[1] = str_replace('&#', '', $attrSubSet[1]);
// strip normal newline and multiple space chars within attr value
$attrSubSet[1] = str_replace(array("\r\n", "\r", "\n"), array(' ', ' ', ' '), $attrSubSet[1]);
$attrSubSet[1] = preg_replace('/\\s\\s+/', ' ', $attrSubSet[1]);
// strip slashes
$attrSubSet[1] = stripslashes($attrSubSet[1]);
// strip double quotes
$attrSubSet[1] = str_replace('"', '', $attrSubSet[1]);
// [requested feature] convert single quotes from either side to doubles (Single quotes shouldn't be used to pad attr value)
if (substr($attrSubSet[1], 0, 1) == "'" && substr($attrSubSet[1], strlen($attrSubSet[1]) - 1, 1) == "'") {
$attrSubSet[1] = substr($attrSubSet[1], 1, strlen($attrSubSet[1]) - 2);
}
}
/*
* Autostrip script tags
*/
if (vmInputFilter::badAttributeValue($attrSubSet)) {
continue;
}
/*
* Is our attribute in the user input array?
*/
$attrFound = in_array(strtolower($attrSubSet[0]), $this->attrArray);
/*
* If the tag is allowed lets keep it
*/
if (!$attrFound && $this->attrMethod || $attrFound && !$this->attrMethod) {
/*
* Does the attribute have a value?
*/
if ($attrSubSet[1]) {
$newSet[] = $attrSubSet[0] . '="' . $attrSubSet[1] . '"';
} elseif ($attrSubSet[1] == "0") {
/*
* Special Case
* Is the value 0?
*/
$newSet[] = $attrSubSet[0] . '="0"';
} else {
$newSet[] = $attrSubSet[0] . '="' . $attrSubSet[0] . '"';
}
}
}
return $newSet;
}
}
$product_id = vmRequest::getInt('product_id');
$vm_mainframe->setUserState('product_id', $product_id);
if (vmIsAdminMode()) {
$category_id = (int) $vm_mainframe->getUserStateFromRequest('category_id', 'category_id');
} else {
$category_id = vmRequest::getInt('category_id');
}
$manufacturer_id = vmRequest::getInt('manufacturer_id');
$user_info_id = vmRequest::getVar('user_info_id');
$myInsecureArray = array('user_info_id' => $user_info_id, 'page' => $page, 'func' => $func);
/**
* This InputFiler Object will help us filter malicious variable contents
* @global vmInputFiler vmInputFiler
*/
$GLOBALS['vmInputFilter'] = $vmInputFilter = vmInputFilter::getInstance();
// prevent SQL injection
if ($perm->check('admin,storeadmin')) {
$myInsecureArray = $vmInputFilter->safeSQL($myInsecureArray);
$myInsecureArray = $vmInputFilter->process($myInsecureArray);
// Re-insert the escaped strings into $_REQUEST
foreach ($myInsecureArray as $requestvar => $requestval) {
$_REQUEST[$requestvar] = $requestval;
}
} else {
// Strip all tags from all input values
$_REQUEST = $vmInputFilter->process($_REQUEST);
$_REQUEST = $vmInputFilter->safeSQL($_REQUEST);
}
// Limit the keyword (=search string) length to 50
$keyword = substr(urldecode(vmGet($_REQUEST, 'keyword')), 0, 50);
function freePDF($showpage, $flypage, $product_id, $category_id, $limitstart, $limit)
{
global $db, $sess, $auth, $my, $perm, $VM_LANG, $mosConfig_live_site, $mosConfig_sitename, $mosConfig_offset, $mosConfig_hideCreateDate, $mosConfig_hideAuthor, $mosConfig_hideModifyDate, $mm_action_url, $database, $mainframe, $mosConfig_absolute_path, $vendor_full_image, $vendor_name, $limitstart, $limit, $vm_mainframe, $keyword, $cur_template;
while (@ob_end_clean()) {
}
error_reporting(0);
ini_set("allow_url_fopen", "1");
switch ($showpage) {
case "shop.product_details":
$_REQUEST['flypage'] = "shop.flypage_lite_pdf";
$_REQUEST['product_id'] = $product_id;
ob_start();
include PAGEPATH . $showpage . '.php';
$html .= ob_get_contents();
ob_end_clean();
$html = repairImageLinks($html);
break;
case "shop.browse":
// vmInputFilter is needed for the browse page
if (!isset($vmInputFilter) || !isset($GLOBALS['vmInputFilter'])) {
$GLOBALS['vmInputFilter'] = $vmInputFilter = vmInputFilter::getInstance();
}
$_REQUEST['category_id'] = $category_id;
ob_start();
include PAGEPATH . $showpage . '.php';
$html .= ob_get_contents();
ob_end_clean();
$html = repairImageLinks($html);
break;
}
$logo = IMAGEPATH . "vendor/{$vendor_full_image}";
$logourl = IMAGEURL . "vendor/{$vendor_full_image}";
if (version_compare(phpversion(), '5.0') < 0 || extension_loaded('domxml') || !file_exists(CLASSPATH . "pdf/dompdf/dompdf_config.inc.php")) {
define('FPDF_FONTPATH', CLASSPATH . 'pdf/font/');
define('RELATIVE_PATH', CLASSPATH . 'pdf/');
require CLASSPATH . 'pdf/html2fpdf.php';
require CLASSPATH . 'pdf/html2fpdf_site.php';
$pdf = new PDF();
$pdf->AddPage();
$pdf->SetFont('Arial', '', 11);
$pdf->InitLogo($logo);
$pdf->PutTitle($mosConfig_sitename);
$pdf->PutAuthor($vendor_name);
$html = str_replace("&", "&", $html);
$pdf->WriteHTML($html);
$pdf->Output();
} elseif (file_exists(CLASSPATH . "pdf/dompdf/dompdf_config.inc.php")) {
// In this part you can use the dompdf library (http://www.digitaljunkies.ca/dompdf/)
// Just extract the dompdf archive to /classes/pdf/dompdf
//require_once( CLASSPATH . "pdf/dompdf/dompdf_config.inc.php" );
//require_once( CLASSPATH . "pdf/dompdf/load_font.php" );
//require_once( CLASSPATH . "pdf/dompdf/dompdf.php" );
//define('DOMPDF_FONTPATH', CLASSPATH.'pdf/dompdf/lib/fonts/');
//define( 'RELATIVE_PATH', CLASSPATH.'pdf/dompdf/' );
$image_details = getimagesize($logo);
$footer = '<script type="text/php">
if ( isset($pdf) ) {
// Open the object: all drawing commands will
// go to the object instead of the current page
$footer = $pdf->open_object();
$w = $pdf->get_width();
$h = $pdf->get_height();
// Draw a line along the bottom
$y = $h - 2 * 12 - 24;
$pdf->line(16, $y, $w - 16, $y, "grey", 1);
// Add a logo
$img_w = 2 * 72; // 2 inches, in points
$img_h = 1 * 72; // 1 inch, in points -- change these as required
$pdf->image("' . $logourl . '", "' . $image_details[2] . '", ($w - $img_w) / 2.0, $y - $img_h, $img_w, $img_h);
// Close the object (stop capture)
$pdf->close_object();
// Add the object to every page. You can
// also specify "odd" or "even"
$pdf->add_object($footer, "all");
}
</script>';
$website = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>' . $mainframe->getHead() . '
<link rel="stylesheet" href="templates/' . $cur_template . '/css/template_css.css" type="text/css" />
<link rel="stylesheet" href="' . VM_THEMEURL . 'theme.css" type="text/css" />
<link rel="shortcut icon" href="' . $mosConfig_live_site . '/images/favicon.ico" />
<meta http-equiv="Content-Type" content="text/html; ' . _ISO . '" />
<meta name="robots" content="noindex, nofollow" />
</head>
<body class="contentpane">
' . $html . '
' . $footer . '
</body>
</html>';
$website = str_replace("resized%2F", "", $website);
$website = str_replace("&", "&", $website);
$website = str_replace("#", "", $website);
require_once CLASSPATH . "pdf/dompdf/dompdf_config.inc.php";
$dompdf = new DOMPDF();
$dompdf->load_html($website);
$dompdf->render();
// die( htmlspecialchars($website));
//YOU CAN EITHER UNCOMMENT THE FOLLOWING LINES AND COMMENT THIS LINE --> // $dompdf->stream( "virtue".$limitstart.".pdf", array('Attachment' => 1));
// OR LEAVE THE FOLLOWING LINES COMMENTED WITH // AND THE $dompdf->stream( "virtue".$limitstart.".pdf", array('Attachment' => 1)); UNCOMMENTED, BOTH WORK AT LAST !!
// $file = "virtutest1.pdf";
// file_put_contents($file, $website);
// $url = "dompdf.php?input_file=". $mosConfig_live_site."/".rawurlencode($file) .
// "&paper=letter&output_file=" . rawurlencode("virtue".$limitstart.".pdf");
//$url = str_replace ("%3A", ":", $url );
//$url = str_replace ("%5C", "/", $url );
//$url = str_replace ("&", "&", $url);
//header("Location: ".$mosConfig_live_site . "/administrator/components/com_virtuemart/classes/pdf/dompdf/$url");
$dompdf->stream("virtue" . $limitstart . ".pdf", array('Attachment' => 1));
}
}
