/** * reinit loads global config file and initializes * default session variables, register session-objects * if not set, reset needed timers * * @access private * * @author patrick.kracht, thorsten.moll */ private function reinit() { // load global config file or die if (!file_exists("./config.controller.php")) { die("config file 'config.controller.php' not found!"); } else { if (!__check_syntax("./config.controller.php")) { die("config file 'config.controller.php' is invalid!"); } else { __session_start(); include "./config.controller.php"; $_SESSION["_Action"] = ""; $_SESSION["_Errors"] = ""; $_SESSION["_ErrNo"] = ""; $_SESSION["_PageID.current"] = ""; $_SESSION["_PageID.last"] = ""; $_SESSION["_SqlType"] = isset($_SETTINGS["Main"][0]) ? $_SETTINGS["Main"][0] : false; $_SESSION["_TimeOut"] = isset($_SETTINGS["Main"][1]) ? $_SETTINGS["Main"][1] : 300; $_SESSION["_Cookies"] = isset($_SETTINGS["Main"][2]) ? $_SETTINGS["Main"][2] : false; $_SESSION["_Webmaster"] = isset($_SETTINGS["Main"][3]) ? $_SETTINGS["Main"][3] : "webmaster@localhost"; $_SESSION["_Domain"] = isset($_SETTINGS["Main"][4]) ? $_SETTINGS["Main"][4] : "localhost"; $_SESSION["_MaxWorkingH"] = isset($_SETTINGS["Main"][5]) ? $_SETTINGS["Main"][5] : 8; $_SESSION["_TplSqlTable"] = isset($_SETTINGS["Template"][3]) ? $_SETTINGS["Template"][3] : false; } } // try to register needed objects for current session or die try { $this->register("Memory", array(), "MEMORY"); $this->register("Timer", array("Controller", true), "TIMER.PHP"); $_SESSION["TIMER.PHP"]->reset(); $_SESSION["TIMER.PHP"]->start(); $this->register("MySql", $_SETTINGS["MySql"], "MYSQL"); $_SESSION["TIMER.MYSQL"]->reset(); $this->register("Template", $_SETTINGS["Template"], "HTML"); $this->register("Session", array(), "CLIENT"); } catch (Exception $e) { die($e->getMessage()); } }
/** * @description delete session */ function auth_logout() { __session_start(); $_SESSION = []; if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]); } session_destroy(); }
/** * @post update */ function update_post_controller($id) { __is_guest(); if (!empty($_POST)) { if (checked_token($_POST['_token'])) { __session_start(); $_SESSION['old'] = []; $_SESSION['errors'] = []; $rules = ['title' => FILTER_SANITIZE_STRING, 'content' => FILTER_SANITIZE_STRING, 'status' => ['filter' => FILTER_CALLBACK, 'options' => function ($s) { if (in_array($s, ['published', 'unpublished'])) { return $s; } else { return 'unpublished'; } }], 'published_at' => ['filter' => FILTER_CALLBACK, 'options' => function ($checkbox) { if ($checkbox == 'yes') { return new DateTime('now'); } }]]; $sanitize = filter_input_array(INPUT_POST, $rules); $id = (int) $id; // test if errors if (empty($_POST['title'])) { $_SESSION['errors']['title'] = 'title is required'; } if (!empty($_SESSION['errors'])) { $_SESSION['old'] = $sanitize; redirect('post/create'); // exit } if (!empty($_FILES['file']) && is_uploaded_file($_FILES['file']['tmp_name'])) { try { $dateFile = upload($_FILES['file']); beginTransaction(); update_post_model($id, $sanitize); create_media_model(['filename' => $dateFile['filename'], 'post_id' => $id, 'size' => $dateFile['size']]); commit(); setFlashMessage("success stored"); redirect('dashboard'); } catch (Exception $e) { if ($e instanceof RuntimeException) { $_SESSION['old'] = $sanitize; $_SESSION['errors']['upload'] = $e->getMessage(); redirect('post/create'); } rollback(); $_SESSION['old'] = $sanitize; $_SESSION['errors']['file'] = $e->getMessage(); redirect('post/create'); } } else { try { beginTransaction(); update_post_model($id, $sanitize); $media_id = (int) $_POST['m_id']; if (!empty($_POST['m_id']) && !empty($_POST['delete_filename'])) { $media = find_model($media_id, 'medias'); $m = $media->fetch(); destroy_model($media_id, 'medias'); } commit(); if (!empty($m)) { unlink(getEnv('UPLOAD_DIRECTORY') . '/' . htmlentities($m['m_filename'])); } setFlashMessage(trans('success_updated_post', $sanitize['title'])); redirect('dashboard'); } catch (Exception $e) { rollback(); $_SESSION['old'] = $sanitize; $_SESSION['errors']['file'] = $e->getMessage(); redirect('post/create'); } throw new RuntimeException('418'); } } } }