function _basePath($path = false)
{
$this->shareName = $this->_getShareName($path);
if ($this->shareName) {
global $User, $Share;
$cur = $User->get_current();
$wantedshare = $Share->filter("name", $this->shareName);
if (!$wantedshare[0]) {
internal_error("not_found");
}
$groups = $cur->groups;
$permission = false;
foreach ($groups as $g) {
foreach ($wantedshare[0]->groups as $sg) {
if ($g == $sg) {
$permission = true;
}
}
}
if (!$permission) {
internal_error("permission_denied");
}
/* $path = explode("/", $path, 2);
$path = $path[2];
die ($GLOBALS['path'] . "/../public/" . ($path ? $path : ""));*/
return $GLOBALS['path'] . "/../public/" . ($path ? $path : "");
} else {
return $GLOBALS['path'] . "/../public/" . ($path ? $path : "");
}
}
function dbcommit($query, $vals = null)
{
global $msq, $pagequeries;
$query = resolvequery($query, $vals);
$perflog = array_sum(explode(' ', microtime()));
$qres = mysqli_query($msq, $query);
$pagequeries[] = '[' . round(array_sum(explode(' ', microtime())) - $perflog, 4) . '] ' . $query;
if (!$qres) {
internal_error("can not execute: " . $query . " \n<br />MySQL error: " . mysqli_error($msq));
}
return $qres;
}
function get_row()
{
global $g_mv_tests;
$cvar = $this->get();
$r = array_filter($g_mv_tests, function ($c) use($cvar) {
return $c["test"] == $this->test && $c["goal"] == $this->goal && $c["variation"] == $cvar;
});
if (count($r) != 1) {
internal_error("Can't find row for test: " . $this->test . " goal:" . $this->goal . " variation:" . $cvar . " in " . print_r($g_mv_tests, true));
}
$r = array_values($r);
return $r[0];
}
function _startup()
{
$this->_link = @ssh2_connect($this->hostname, $this->port ? $this->port : 22);
if (!is_null($this->username)) {
$login = @ssh2_auth_password($this->_link, $this->username, $this->password);
} else {
$login = @ssh2_auth_none($this->_link, "anonymous");
}
if (!$this->_link || is_array($this->_link) || !$login) {
internal_error(!$login ? "remote_authentication_failed" : "remote_connection_failed");
}
$this->_sftp = @ssh2_sftp($this->_link, true);
}
function _chdir($path)
{
$dirs = explode("/", $path);
if ($dirs[0] != $path) {
foreach ($dirs as $dir) {
if ($dir != "") {
$cd = ftp_chdir($this->_link, $dir);
if (!$cd) {
internal_error("generic_err", "path does not exist");
}
}
}
}
return true;
}
function remove($package)
{
global $Package;
$packages = $Package->filter("name", $package);
if (!$packages) {
internal_error("object_not_found", "Package does not exist");
}
foreach ($packages as $pak) {
if ($pak->status == "installed") {
if ($pak->type == "update") {
//cannot uninstall updates
return false;
}
}
}
internal_error("object_not_found", "Matches for package found, but none are installed");
}
function _query($sql, $values = array())
{
$this->_connect();
$this->_result = array();
if (sizeof($values) > 0) {
$statement = $this->_link->prepare($sql, TRUE, MDB2_PREPARE_RESULT);
$resultset = $statement->execute($values);
$statement->free();
} else {
$resultset = $this->_link->query($sql);
}
if (PEAR::isError($resultset)) {
internal_error("db_query_err");
}
while ($row = $resultset->fetchRow(MDB2_FETCHMODE_ASSOC)) {
$this->_result[] = $row;
}
return $this->_result;
}
function XML_Get_Endindex($script, $from, $tag)
{
$cdeepness = 1;
$cpos = $innertagpos = $from;
while (true) {
$res = strpos($script, "</" . $tag . ">", $cpos);
if ($res === false) {
internal_error("no closing for tag: " . $tag . " while processing " . $this->templatefilename);
}
$innerTagIndex = strpos($script, "<" . $tag . " ", $innertagpos);
if ($innerTagIndex === false || $innerTagIndex > $res) {
// no nested tags
return $res;
}
$innertagpos = $innerTagIndex + 1;
// we have a nested tag, so we go find the next ending
$cpos = $res + 1;
}
return $res;
}
curl_setopt($c, CURLOPT_VERBOSE, 0);
curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
curl_setopt($c, CURLOPT_POST, true);
curl_setopt($c, CURLOPT_POSTFIELDS, array('refresh_token' => $refresh_token, 'grant_type' => 'refresh_token'));
$r = curl_exec($c);
$http_retcode = curl_getinfo($c, CURLINFO_HTTP_CODE);
$error = curl_error($c);
if ($http_retcode !== 200) {
header('HTTP/1.0 ' . $http_retcode);
nocache();
print "ERROR 178: " . $error;
die;
}
$token = json_decode($r);
if ($token->token_type != 'Bearer') {
internal_error('Unkknown Token Type: ' . $token->token_type);
}
$access_token = $token->access_token;
}
if ($mode == 'usage') {
$c = curl_init('https://api.hubic.com/1.0/account/usage/');
curl_setopt($c, CURLOPT_HTTPHEADER, array('Authorization: Bearer ' . $access_token));
curl_setopt($c, CURLOPT_VERBOSE, 0);
curl_setopt($c, CURLOPT_RETURNTRANSFER, true);
$r = curl_exec($c);
$http_retcode = curl_getinfo($c, CURLINFO_HTTP_CODE);
$error = curl_error($c);
if ($http_retcode !== 200) {
header('HTTP/1.0 ' . $http_retcode);
nocache();
print "ERROR 207 : " . $error;
} else {
if ($type == 'pilot') {
$query = 'SELECT m.InternalNo, FirstName, LastName, IFNULL(Club, "LFK") as Club, MAX(YEAR(lr.regdate)) as Year FROM skywin.member AS m, skywin.loadrole AS lr WHERE pilot="Y" AND m.internalno = lr.internalno AND lr.roletype = "PILOT" GROUP BY m.internalno';
} else {
if ($type == 'tandem') {
$query = 'SELECT m.InternalNo, FirstName, LastName, m.Club, MAX(mi.Year) as Year FROM skywin.memberinstruct AS mi, skywin.member AS m WHERE m.InternalNo = mi.InternalNo AND InstructType = "T" GROUP BY m.InternalNo';
} else {
if ($type == 'foto') {
$query = 'SELECT InternalNo, FirstName, LastName, Club, Year FROM skywin.member WHERE video="Y"';
} else {
if ($type == 'member') {
$query = 'SELECT NULLIF(MemberNo, 0) as MemberNo, FirstName, LastName, Address1, Address2, phone1.PhoneNo as PhoneWork, phone2.PhoneNo as PhoneHome, phone3.PhoneNo as PhoneMobile, Emailaddress FROM skywin.member ' . 'LEFT JOIN skywin.memberphone phone1 ON phone1.InternalNo = member.InternalNo AND phone1.PhoneType = "A" LEFT JOIN skywin.memberphone phone2 ON phone2.InternalNo = member.InternalNo AND phone2.PhoneType = "B" ' . 'LEFT JOIN skywin.memberphone phone3 ON phone3.InternalNo = member.InternalNo AND phone3.PhoneType = "M" WHERE (pilot="Y" or (club = "LFK" and year > YEAR(NOW()) - 5 and membertype != "PAX")) and LastName != "Övrig"';
} else {
exit('[]');
}
}
}
}
}
}
}
$db = JFactory::getDBO();
$db->setQuery($query);
try {
$db->execute();
} catch (Exception $e) {
send_error_report('Staff DB exception', $e->getMessage());
internal_error('Database exception');
}
$results = $db->loadAssocList();
echo json_encode($results, JSON_UNESCAPED_UNICODE);
function _create_table()
{
$this->_connect();
$this->_link->mgDropTable($this->_link->quoteIdentifier($this->_get_tablename()));
$list = array();
$constraints = array();
foreach ($this as $key => $v) {
if ($key[0] != "_" && is_array($v)) {
if ($v['type'] == "foreignkey") {
$v['type'] = "integer";
}
if ($v['type'] == "array") {
$v['type'] = "text";
}
$list[$key] = $v;
if (isset($v['unique']) && $v['unique']) {
$constraints[] = $key;
unset($v['unique']);
}
}
}
$p = $this->_link->mgCreateTable($this->_link->quoteIdentifier($this->_get_tablename()), $list);
if (PEAR::isError($p)) {
if ($p->getMessage() == "MDB2 Error: connect failed") {
internal_error("db_connect_err", 'Creation of table failed: "' . $p->getMessage() . '"' . ' ' . $p->getDebugInfo());
} else {
internal_error("db_query_err", 'Creation of table failed: "' . $p->getMessage() . '"' . ' ' . $p->getDebugInfo());
}
}
$this->_link->mgCreateIndex($this->_link->quoteIdentifier($this->_get_tablename()), "id_key", array('fields' => array('id' => array())));
$this->_link->createSequence($this->_get_tablename());
foreach ($constraints as $row) {
$definition = array('unique' => true, 'fields' => array($row => array()));
$this->_link->createConstraint($this->_link->quoteIdentifier($this->_get_tablename()), 'unique_' . $row, $definition);
}
}
function listPath($path = false)
{
if ($path == false) {
$path = $this->path;
}
$list = $this->_listPath($path);
if ($list != -1) {
return $list;
} else {
internal_error("not_found");
}
}
$dir = $GLOBALS['path'] . "/../desktop/dojotoolkit/lucid/apps/" . $_POST['filePath'];
if (is_dir($dir)) {
rmdir_recurse($dir);
} else {
if (is_file($dir)) {
unlink($dir);
}
}
}
$out = new intOutput("ok");
}
if ($_GET['action'] == "rename") {
//cannot rename the main file
$parts = explode("/", $_POST['origName']);
if (!(count($parts) >= 2 && $parts[0] != "")) {
internal_error("generic_err");
}
function recursive_rename($source, $target)
{
if (is_dir($source)) {
@mkdir($target, 0777);
$d = dir($source);
while (FALSE !== ($entry = $d->read())) {
if ($entry[0] == '.') {
continue;
}
$Entry = $source . '/' . $entry;
if (is_dir($Entry)) {
recursive_rename($Entry, $target . '/' . $entry);
continue;
}
/**
* dispatch
*
* Analyse the GET string and call the correct function
*
* @return the xml to be sent to the client
*/
function dispatch() {
global $active_entities ;
if (!isset($_GET['entity']) or ($_GET['entity'] == '')) {
internal_error('Entity parameter not defined in request') ;
}
$entity = sanitize_param($_GET['entity']) or internal_error('sanitizing error') ;
if (!in_array($entity, $active_entities)) {
internal_error('Unknown entity "'.$entity.'"') ;
}
// default action
$action = 'list' ;
// search (RESTfull way does not like verbs in url, but complex search is usefull...)
if (isset($_GET['action']) and ($_GET['action'] == 'search')) {
unset($_GET['entity']) ;
unset($_GET['action']) ;
$action = 'search' ;
}
// detail
if ((isset($_GET['entity_id'])) and ($_GET['entity_id'] != 0)) {
$action = 'detail' ;
}
$func = 'get_'.$entity.'_'.$action ;
if (!function_exists($func)) {
internal_error("Can't find function ".sanitize_param($func)) ;
}
return $func() ;
}
function result()
{
global $g_cfg, $g_page, $g_pageforms;
$g_page = $this->defaults;
// GET-less URI
$uri = explode("?", $_SERVER["REQUEST_URI"]);
$uri = $uri[0];
$cm = $this->map($uri);
list($incfn, $childfunc) = is_array($cm) ? $cm : array($cm, null);
// Rule 1: functions are called directly
if ($incfn instanceof Closure) {
$g_page["child"] = $incfn;
} else {
if (endsWith($incfn, ".html")) {
$scr = new Scriptor($incfn, array());
$g_page["child"] = $scr->result();
$incfn = null;
} else {
if (!endsWith($incfn, ".php") && file_exists($incfn)) {
// determine content-type via file extension
$mimetype = "text/plain; charset=utf-8";
if (endsWith($incfn, ".ico")) {
$mimetype = "image/x-icon";
}
if (endsWith($incfn, ".xml")) {
$mimetype = "application/xhtml+xml; charset=UTF-8";
}
header("Content-Type: " . $mimetype);
return file_get_contents($incfn);
}
}
}
// everything from hereon assumed to be UTF-8 string
header("Content-Type: text/html; charset=UTF-8");
// include optional handler file; this gets merged in the global function space
if ($incfn != null && (!is_callable($incfn) && file_exists($incfn))) {
include_once $incfn;
}
// merge child_render into frame
if (!isset($g_page["child"]) && is_callable("child_render")) {
$g_page["child"] = function ($params) {
return child_render($params);
};
}
if (!isset($g_page["child"])) {
internal_error("No renderer for URL: " . $uri);
}
// handle forms
if (isset($_POST["submitedForm"]) && isset($g_pageforms[$_POST["submitedForm"]])) {
$g_page["child"] = $g_pageforms[$_POST["submitedForm"]]($this->regparams, $_POST);
}
if ($g_page["child"] instanceof Closure) {
$g_page["child"] = $g_page["child"]($this->regparams);
}
// results are either:
// - null for redirection,
// - an array for ajax endpoints; or
// - an UTF-8 string containing HTML output
if ($g_page["child"] == null) {
return "";
}
if (is_array($g_page["child"])) {
// JSONP extension
// IE file uploading requires text/html
header("Content-Type: application/json; charset=UTF-8");
if (isset($_GET["perfstats"]) && $g_cfg["debug"] == true) {
global $g_logstart, $pagequeries;
$g_logend = array_sum(explode(' ', microtime()));
$pagegen = $g_logend - $g_logstart;
$g_page["child"]["__perfstats"] = ["total" => $pagegen, "breakdown" => $pagequeries];
}
if (isset($_GET["callback"])) {
return $_GET["callback"] . '(' . json_encode($g_page["child"]) . ')';
} else {
return json_encode($g_page["child"]);
}
}
// format HTML results into the frame
$scr = new Scriptor($g_page["frame"], $g_page);
return $scr->result();
}
<?php
/*
Copyright (c) 2004-2008, The Dojo Foundation & Lucid Contributors
All Rights Reserved.
Licensed under the Academic Free License version 2.1 or above.
*/
require "../lib/includes.php";
import("models.config");
import("models.user");
if ($_GET['section'] == "stream") {
if ($_GET['action'] == "save") {
$p = $User->get_current();
if ($p == false) {
internal_error("generic_err", "user not logged in");
}
$result = $Config->filter("userid", $p->id);
if ($result == false) {
$u = new $Config(array(userid => $p->id));
} else {
$u = $result[0];
}
$u->value = $_POST['value'];
$u->save();
if ($_POST['logged'] == true) {
$p->logged = true;
$p->save();
}
$out = new intOutput();
$out->set("ok");
}
if ($_GET['section'] == "auth") {
if ($_GET['action'] == "login") {
if (!isset($_POST['username'])) {
$cur = $User->get_current();
$_POST['username'] = $cur->username;
$_POST['password'] = base64_decode($_POST['password']);
}
$p = $User->authenticate($_POST['username'], $_POST['password']);
if ($p != FALSE) {
if ($p->has_permission("core.user.auth.login")) {
$p->login();
$_SESSION['remember'] = isset($_POST['remember']) && $_POST['remember'] == "on";
$out = new intOutput("ok");
} else {
internal_error("permission_denied");
}
} else {
sleep(3);
$out = new intOutput("generic_err");
}
}
if ($_GET['action'] == "logout") {
$user = $User->get_current();
$user->logout();
$out = new intOutput("ok");
}
if ($_GET['action'] == "quickLogout") {
$user = $User->get_current();
$user->logged = 0;
if ($_SESSION['remember'] === false) {
function desktop_errorHandler($exception)
{
internal_error("generic_err", $exception->getMessage());
}
