function process($filename) { global $modx, $modx_version; $this->dbVersion = 3.23; // assume version 3.23 if (function_exists("mysql_get_server_info")) { $ver = mysql_get_server_info(); $this->dbVersion = (double) $ver; // Typecasting (float) instead of floatval() [PHP < 4.2] } // check to make sure file exists $path = "{$this->base_path}install/sql/{$filename}"; if (!is_file($path)) { $this->mysqlErrors[] = array("error" => "File '{$path}' not found"); $this->installFailed = true; return false; } $idata = file_get_contents($path); $idata = str_replace("\r", '', $idata); if (version_compare($this->dbVersion, '4.1.0', '>=')) { $char_collate = "DEFAULT CHARSET={$this->connection_charset} COLLATE {$this->connection_collation}"; $idata = str_replace('ENGINE=MyISAM', "ENGINE=MyISAM {$char_collate}", $idata); } // replace {} tags $ph = array(); $ph['PREFIX'] = $this->prefix; $ph['ADMINNAME'] = $this->adminname; $ph['ADMINFULLNAME'] = substr($this->adminemail, 0, strpos($this->adminemail, '@')); $ph['ADMINEMAIL'] = $this->adminemail; $ph['ADMINPASS'] = genHash($this->adminpass, '1'); $ph['MANAGERLANGUAGE'] = $this->managerlanguage; $ph['DATE_NOW'] = time(); $idata = parse($idata, $ph, '{', '}'); $sql_array = preg_split('@;[ \\t]*\\n@', $idata); $num = 0; foreach ($sql_array as $sql_entry) { $sql_do = trim($sql_entry, "\r\n; "); $num++; if ($sql_do) { mysql_query($sql_do); } if (mysql_error()) { // Ignore duplicate and drop errors - Raymond if ($this->ignoreDuplicateErrors) { if (mysql_errno() == 1060 || mysql_errno() == 1061 || mysql_errno() == 1091) { continue; } } // End Ignore duplicate $this->mysqlErrors[] = array("error" => mysql_error(), "sql" => $sql_do); $this->installFailed = true; } } }
require_once './server/functions.php'; // Get the configuration require_once './server/read-main.php'; require_once './server/read-hosts.php'; // Get some extra-libs require_once './server/gettext.php'; // Prepare application enableErrorSink(); hideErrors(); compressThis(); // Include the good language file $locale = checkLanguage(); includeTranslation($locale, 'main'); // Get the Jappix version & its hash $version = getVersion(); $hash = genHash($version); // Include the good application file $include_app = 'desktop'; // App to include? if (!isInstalled()) { // Not yet installed $include_app = 'install'; } else { if (anonymousMode()) { // Anonymous $include_app = 'desktop'; } else { if (isset($_GET['m']) && !empty($_GET['m'])) { // Not anonymous, any forced mode? $force_mode = $_GET['m']; // Switch between two Jappix apps
/** * Generate and set a form token * * @param string $from - the form name * @set session vars * @return bool */ function genFormToken($form) { // generate a token from an unique value, taken from microtime, you can also use salt-values, other crypting methods... $token = genHash(uniqid(microtime(), true)); // Write the generated token to the session variable to check it against the hidden field when the form is sent $_SESSION['tokens'][$form] = $token; return $token; }
/** * Generates a fingerprint for anti session hijacking * * @return string */ static function getFinger() { $user_agent = $_SERVER['HTTP_USER_AGENT']; // get browser name from user return genHash($user_agent . SALT); // return hash of browser and salt }
ifTokenBad('Add User'); } // set email and comment and clean $email = cleanvar($_POST['email']); $comment = cleanvar($_POST['comment']); $group = cleanvar($_POST['group']); // check the new email address is a valid email address if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { sendBack('That email is not valid'); } // Create a unique key for the user $text = $admin_id . $email . uniqid(microtime(), true) . $group; // take sent data and some random data to create a random string $rand_text = str_shuffle($text); // shuffle the string to make more random $user_key = genHash($rand_text); // hash the random string to get the user hash ## run query to add key to the DB ## $add_user = $dbl->addEchKey($user_key, $email, $comment, $group, $mem->id); if (!$add_user) { sendBack('There was a problem adding the key into the database'); } //send the email or message after adding to the DB if (USE_MAIL) { ## email user about the key ## $body = '<html><body>'; $body .= '<h2>Echelon User Key</h2>'; $body .= $config['cosmos']['email_header']; $body .= 'This is the key you will need to use to register on Echelon. <a href="http://' . $_SERVER['SERVER_NAME'] . PATH . 'register.php?key=' . $user_key . '&email=' . $email . '">Register here</a>.<br />'; $body .= 'Registration Key: ' . $user_key;
$email = cleanvar($_POST['email']); // check the new email address is a valid email address if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { sendBack('That email is not valid'); } $verify = $dbl->verifyUser($name, $email); if ($verify == false) { // no user, return error sendBack('Either the username or email supplied do not match any known user.'); } else { // there is user by that name and email, return the user's id $user_id = $verify; } // generate some random string with thier username, email, the current time in micro seconds and their user id $rand = $name . $email . uniqid(microtime(), true) . $user_id; $key = genHash($rand); // hash the random text for a 40 char key // key, email, comment, perms, admin_id (in the case of admin_id it will serve as the place to store the connected client_id for the password reset) $db_results = $dbl->addEchKey($key, $email, 'PW', 0, $user_id); // create a key for the link that is to be sent if (!$db_results) { // if no rows affected (return false) sendBack('Failure on key creation and storage'); } ## email user the link ## $body = '<html><body>'; $body .= '<h2>Echelon Lost Password Service</h2>'; $body .= $config['cosmos']['email_header']; $body .= 'This email is about how to reset your password on Echelon. Please do not foward this message on to anyone, this is a private email. If you did not request a password reset don\'t worry. You\'re password is still secure and has not been changed. Delete this email if you like.<br /><br />
function createChart($datas = array(), $legend = array(), $link, $evolution = FALSE, $type = 'others') { $this->has_errors = FALSE; $max = 0; // One or two data arrays if (isset($datas[0]) && is_array($datas[0])) { $datas_number = count($datas[0]); if ($datas_number >= 1) { $max = max($datas[0]); } else { $this->has_errors = TRUE; } } else { $datas_number = count($datas); if ($datas_number >= 1) { $max = max($datas); } else { $this->has_errors = TRUE; } } // Set the width of the chart if ($datas_number * 55 > 400) { $width = $datas_number * 55; } else { $width = 400; } $height = 250; $this->datas = $datas; $this->legend = $legend; $this->link = $link; $this->evolution = $evolution; $this->type = $type; $this->xml_elements = array(); // Scale if ($max <= 20) { $scale[4] = 20; $scale[3] = 15; $scale[2] = 10; $scale[1] = 5; } else { $scale[4] = ceil($max / 20) * 20; $scale[3] = $scale[4] * 3 / 4; $scale[2] = $scale[4] * 2 / 4; $scale[1] = $scale[4] * 1 / 4; } if ($scale[4] == 0 || $max == 0) { $this->has_errors = TRUE; } if ($this->has_errors) { return TRUE; } $this->xml_object = new DOMDocument('1.0', 'utf-8'); // Process the static file host prefix $static_prefix = '.'; if (hasStatic()) { $static_prefix = HOST_STATIC . '/php'; } // Add the stylesheet $style = $this->xml_object->createProcessingInstruction("xml-stylesheet", "type='text/css' href='" . getFiles(genHash(getVersion()), '', 'css', '', 'stats-svg.css') . "'"); $this->xml_object->appendChild($style); // Create the root SVG element $this->svg = $this->xml_object->createElement('svg'); $this->svg->setAttribute('xmlns:svg', 'http://www.w3.org/2000/svg'); $this->svg->setAttribute('xmlns', 'http://www.w3.org/2000/svg'); $this->svg->setAttribute('xmlns:xlink', 'http://www.w3.org/1999/xlink'); $this->svg->setAttribute('version', '1.1'); $this->svg->setAttribute('width', $width); $this->svg->setAttribute('height', $height); $this->svg->setAttribute('id', 'svg'); $this->xml_object->appendChild($this->svg); // Create a definition $this->xml_elements['basic_defs'] = $this->xml_object->createElement('defs'); $path = $this->xml_object->createElement('path'); $path->setAttribute('id', 'mark'); $path->setAttribute('d', 'M 0,234 v 4 '); $path->setAttribute('stroke', '#596171'); $path->setAttribute('stroke-width', '2px'); $this->xml_elements['basic_defs']->appendChild($path); // Create the static background $this->xml_elements['static_background'] = $this->xml_object->createElement('g'); $this->xml_elements['static_background']->setAttribute('class', 'static-background'); // Draw the legend $this->drawLegend(); // Draw the table $this->drawTable($scale, $width); // Draw the chart $this->drawChart($scale, $width); }