/**
* Creates new instance of session. $name is optional, and sets session_name
* if session has not been started
*
* @param string $site optional name for session
* @return void
*/
public function __construct($name = null)
{
//Do not create new session of one has already been created
if (session_status() !== PHP_SESSION_ACTIVE) {
//Avoid trying to figure out cookie paramaters for CLI
if (PHP_SAPI != 'cli') {
if (!is_string($name)) {
$path = explode(DIRECTORY_SEPARATOR, BASE);
$name = end($path);
unset($path);
}
$name = preg_replace('/[\\W]/', null, strtolower($name));
session_name($name);
if (!array_key_exists($name, $_COOKIE)) {
session_set_cookie_params(0, parse_url(URL, PHP_URL_PATH), parse_url(URL, PHP_URL_HOST), https(), true);
}
}
session_start();
}
}
case 'update_sitemap':
require_login('admin');
update_sitemap();
$resp->notify('Sitemap has been updated', 'View ' . URL . 'sitemap.xml', 'images/icons/db.png');
break;
case 'update_rss':
require_login('admin');
update_rss();
$resp->notify('Rss Feed has been updated', 'View ' . URL . 'feed.rss', 'images/icons/db.png');
break;
case 'keep-alive':
$resp->log('Kept-alive @ ' . date('h:i A'));
break;
case 'tracking_header_check':
$headers = getallheaders();
if (https()) {
$resp->notify('Your connection is encrypted', 'The tracking header is only injected for non-encrypted traffic');
} elseif (array_key_exists('X-UIDH', $headers)) {
$resp->notify('Your carrier is tracking you!', 'Your tracking ID is ' . $headers['X-UIDH']);
} else {
$resp->notify('No tracking headers found.', 'This only tests for one specific header, and does not mean that another doesn\'t exist');
}
break;
case 'git_command':
require_login('admin');
if (array_key_exists('prompt_value', $_POST) and strlen($_POST['prompt_value'])) {
$command = 'git ' . escapeshellcmd($_POST['prompt_value']);
$result = `{$command}`;
$resp->notify($command, $result, 'images/logos/git.png');
}
break;
function vacuum($f, $sj = '')
{
$f = https($f);
$f = http($f);
$f = utmsrc($f);
$reb = vaccum_ses($f);
if (!$reb) {
$_SESSION['vacuum'][nohttp($f)] = '';
return array('nothing');
}
if ($_POST['see']) {
eco($reb, 1);
}
$enc = embed_detect(strtolower($reb), 'charset=', '"');
if (!$enc) {
$enc = mb_detect_encoding($reb);
}
list($defid, $defs) = verif_defcon($f);
//defcons
if (!$defs) {
$defs = known_defcon($reb);
}
if (!$defs) {
$defs = recognize_defcon($reb);
}
$auv = auto_video($f, 'pop');
if (!$defs && !$auv) {
add_defcon($f);
return array('Title', $f, $f, '', '', '');
}
if (strtolower($enc) == 'utf-8' or $_POST['utf'] or $defs[5]) {
$reb = utf8_decode_b($reb);
}
if ($defs[2]) {
if (!$defs[3]) {
$suj = embed_detect_c($reb, $defs[2]);
} elseif ($defs[3]) {
$suj = embed_detect($reb, $defs[2], $defs[3]);
}
$suj = trim(del_n($suj));
$suj = interpret_html($suj, "ok");
}
if ($defs[0]) {
if (!$defs[1]) {
$rec = embed_detect_c($reb, $defs[0]);
} elseif ($defs[1]) {
$rec = embed_detect($reb, $defs[0], $defs[1]);
}
} else {
$rec = embed_detect_c($reb, '<body');
}
if ($defs[8]) {
if (!$defs[9]) {
$opt = embed_detect_c($reb, $defs[8]);
} elseif ($defs[9]) {
$opt = embed_detect($reb, $defs[8], $defs[9]);
}
if ($opt) {
$opt .= br() . br();
}
}
if ($defs[4] && $defs[4] != 1) {
if (strpos($reb, $defs[4]) !== false) {
$end = embed_detect_c($reb, $defs[4]);
}
if ($end) {
$end = br() . br() . $end;
}
}
if ($auv) {
$ret = $auv;
} elseif (strpos($f, 'twitter.com')) {
//twit
list($suj, $ret, $day) = plugin_func('twit', 'twit_vacuum', $f);
} else {
$ret = converthtml($opt . $rec . $end);
}
//foot
if ($suj) {
$title = clean_title($suj);
} else {
$title = clean_internaltag(pre_clean($sj ? $sj : 'Title'));
}
if ($defs[6]) {
$ret = post_treat_batch($ret, $title, $defs[6]);
}
//post_treat
if ($_SESSION['sugm']) {
$sug = sugnote();
}
if (!$auv) {
$ret .= "\n\n" . $sug . '[' . $f . ']';
}
//eco($rec,1);
return array($title, $ret, $rec, $defid, $defs);
}
June 24, 2015
Student Declaration
I/we declare that the attached assignment is my/our own work in
accordance with Seneca Academic Policy. No part of this assignment
has been copied manually or electronically from any other source
(including web sites) or distributed to other students.
Name: Daniel Brennan
Student ID: 020 194 114
*/
include "library.php";
startsess("login.php");
https("add.php");
if (isset($_SESSION['search'])) {
unset($_SESSION['search']);
}
$flag = true;
$iName_error = "";
$desc_error = "";
$sCode_error = "";
$cost_error = "";
$sPrice_error = "";
$noHand_error = "";
$rPnt_error = "";
if ($_POST) {
if (empty($_POST['iName']) || preg_match('/^ *$/', $_POST['iName'])) {
$iName_error = "Inventory Name may not be empty.";
$flag = false;
function rssin($k, $v)
{
$lk = prepdlink($v);
$f = $lk[0];
$f = https($f);
if (substr($f, 0, 4) != 'http' && $f) {
$f = 'http://' . $f;
}
$r = rssin_load($f);
$nb = count($r);
$ret = hidden('', 'addop', 1);
$t = rssin_t($k, $v, $f);
foreach ($r as $k => $v) {
list($va, $lnk, $dat, $id) = $v;
$btc = '';
$lnj = ajx($lnk);
$i++;
if (!$id) {
$btc = ljc('', 'popup', 'ajxf_batch*preview_' . $lnj, picto('view'));
$fb = nohttp($lnk);
if (auth(4)) {
$mem = @$_SESSION['vacuum'][$fb] ? 'ok' : picto('add');
$btc .= lj('" id="ars' . $i, 'ars' . $i . '_batch___' . $lnj . '_p', $mem);
$btc .= saveiec($lnj, @$_SESSION['vaccat'][$fb], 'rss' . randid(), '', '', '', '', $va);
$btc .= lj('', 'popup_search__3_' . ajx($va) . '_', picto('search'));
}
} else {
$btc .= popart($id) . ' ';
}
$btc .= lkt('', $lnk, picto('url'));
$btc .= btn('txtsmall', $dat);
if ($va) {
$ret .= balc('li', '', $btc . ' ' . $va);
}
}
//$id?'hide':
$ret = scroll_b($nb, $ret, 16, 320);
return $t . balc("ul", "panel pubart", $ret);
}
function save_art()
{
$dayx = $_SESSION['dayx'];
$frm = $_SESSION['frm'];
$qb = $_SESSION['qb'];
$base = $_SESSION['qda'];
$qdm = $_SESSION['qdm'];
$USE = $_SESSION['USE'];
if (!$frm or $frm == "Home" or $frm == "user") {
$frm = "public";
}
$suj = clean_title($_POST['suj']);
$suj = etc($suj, 240);
$msg = nl2br($_POST['msg']);
$name = $_POST['name'];
$mail = $_POST['mail'];
$ib = trim($_POST['ib']);
$pdat = $_POST['postdat'];
$urlsrc = $_POST['urlsrc'];
if ($_POST['pub']) {
$re = 1;
}
if ($urlsrc) {
$mail = https($urlsrc);
}
$mail = utmsrc($mail);
if (!$ib) {
$ib = '/';
}
//!$_POST['sub'] or
if (!$name or $name == nms(38)) {
alert("empty_name {$name}");
$stoop = "ok";
}
if ($mail == "mail" or $mail == "url") {
$mail = '';
$urlsrc = '';
}
$msg = str_replace(array("<br />", "<br/>", "<br>", "<BR>"), "\n", $msg);
$msg = str_replace("\n", "", $msg);
$msg = str_replace("\r", "\n", $msg);
if (!$msg && $urlsrc) {
list($suj, $msg) = vacuum($mail, $suj);
}
$msg = html_entity_decode_b($msg);
$msg = embed_links($msg);
$msg = unescape($msg);
$msg = clean_br_lite($msg);
$msg = clean_punct($msg);
if ($pdat != date("y-m-d-H-i", $dayx) && $pdat) {
$rdat = explode('-', $pdat);
$pdt = mktime($rdat[3], $rdat[4], 0, $rdat[1], $rdat[2], $rdat[0]);
} else {
$pdt = $dayx;
}
if (empty($suj)) {
$suj = "forbidden title";
}
if (empty($msg)) {
alert('msg forbidden');
$stoop = 'ok';
}
if ($stoop == "") {
$msg = mysql_real_escape_string(stripslashes($msg));
$siz = strlen($msg);
$suj = mysql_real_escape_string(stripslashes($suj));
$frm = mysql_real_escape_string(stripslashes($frm));
$nid = msquery("INSERT INTO {$base} VALUES ('','{$ib}','{$name}','{$mail}','{$pdt}','{$qb}','{$frm}','{$suj}','{$re}','{$lu}','{$img}','{$kywk}','{$siz}')");
$nid = msquery("INSERT INTO {$qdm} VALUES ('{$nid}','{$msg}')");
}
if ($nid && $USE != $qb && $_SESSION["auth"] < 6) {
mail($_SESSION['qbin']["adminmail"], 'new article: ' . stripslashes($suj), '
' . host() . '/' . $nid . ',
auth_level: ' . $_SESSION["auth"] . "\n", 'From: ' . $USE);
}
if ($_SESSION['vacuum'][nohttp($urlsrc)]) {
unset($_SESSION['vacuum'][nohttp($urlsrc)]);
}
if ($nid) {
$_SESSION['rqt'][$nid] = array($pdt, stripslashes($frm), stripslashes($suj), '', $qb, '', '', '', $siz, $urlsrc, $ib, $re);
$msg = correct_txt($msg, $nid, 'savimg');
$exp_out = $nid;
$_GET['read'] = $nid;
deductions_from_read($nid, '');
$_POST = '';
}
$_SESSION['daya'] = $_SESSION['dayx'];
return $exp_out;
}
<?php
/* Subject Code and Section (eg. IPC144A, OOP244B, etc.)
Daniel Brennan
June 24, 2015
Student Declaration
I/we declare that the attached assignment is my/our own work in
accordance with Seneca Academic Policy. No part of this assignment
has been copied manually or electronically from any other source
(including web sites) or distributed to other students.
Name: Daniel Brennan
Student ID: 020 194 114
*/
include "library.php";
startsess("login.php");
https("logout.php");
session_unset();
session_destroy();
setcookie("role", "", time() - 61200, "/");
setcookie("username", "", time() - 61200, "/");
header("Location: login.php");
June 24, 2015
Student Declaration
I/we declare that the attached assignment is my/our own work in
accordance with Seneca Academic Policy. No part of this assignment
has been copied manually or electronically from any other source
(including web sites) or distributed to other students.
Name: Daniel Brennan
Student ID: 020 194 114
*/
include "library.php";
startsess("login.php");
https("view.php");
if (isset($_COOKIE["Sorted"])) {
$ob = $_COOKIE["Sorted"];
} else {
$ob = 'id';
}
if (!empty($_GET['ob'])) {
$ob = $_GET['ob'];
setcookie("Sorted", $ob, time() + 60 * 60 * 24 * 365 / 12, "/");
}
if (isset($_GET['dest'])) {
unset($_SESSION['search']);
}
if (isset($_POST['search'])) {
$_SESSION['search'] = escape($_POST['search']);
}
June 24, 2015
Student Declaration
I/we declare that the attached assignment is my/our own work in
accordance with Seneca Academic Policy. No part of this assignment
has been copied manually or electronically from any other source
(including web sites) or distributed to other students.
Name: Daniel Brennan
Student ID: 020 194 114
*/
include "library.php";
startsess("login.php");
https("delete.php");
if ($_GET['deleted'] == 'n') {
$del = 'Y';
} else {
$del = 'N';
}
$id = $_GET['id'];
$query = 'UPDATE inventory
set deleted="' . $del . '"
where id="' . $id . '"';
$status = new DBlink();
$res = $status->set($status->conn(), $query);
if ($res) {
header("Location: view.php");
} else {
echo "Your query didn't work. <a href=add.php>try again</a>";
$URL->host = substr($URL->host, 4);
$redirect = true;
} elseif (array_key_exists('tags', $_REQUEST)) {
$URL->path .= 'tags/' . urlencode($_REQUEST['tags']);
$redirect = true;
}
if ($redirect) {
unset($URL->user, $URL->pass, $URL->query, $URL->fragment);
http_response_code(301);
$headers->Location = "{$URL}";
exit;
}
unset($redirect);
$session = \shgysk8zer0\Core\Session::load();
$cookie = \shgysk8zer0\Core\Cookies::load($URL->host);
$cookie->path = $URL->path;
$cookie->secure = https();
$cookie->httponly = true;
if (isset($session->logged_in) and $session->logged_in) {
//Check login if session
\shgysk8zer0\Core\Login::load()->setUser($session->user)->setPassword($session->password)->setRole($session->role)->setLogged_In($session->logged_in);
}
require_once __DIR__ . DIRECTORY_SEPARATOR . 'std-php-functions' . DIRECTORY_SEPARATOR . 'error_handler.php';
if (in_array('application/json', explode(',', $headers->accept))) {
require_once __DIR__ . DIRECTORY_SEPARATOR . 'ajax.php';
exit;
}
unset($URL, $login, $session, $cookie, $headers);
CSP();
//Do this here to avoid CSP being set on ajax requests.
load('html');
I/we declare that the attached assignment is my/our own work in
accordance with Seneca Academic Policy. No part of this assignment
has been copied manually or electronically from any other source
(including web sites) or distributed to other students.
Name: Daniel Brennan
Student ID: 020 194 114
*/
include "library.php";
session_start();
if (isset($_SESSION['username'])) {
header("Location: view.php");
}
https("login.php");
$flag = false;
$login_error = "";
//$user="";
//$pass="";
if ($_POST && !$_GET) {
if (!empty($_POST['user']) && !empty($_POST['pass'])) {
$link = new DBlink();
$user = $_POST['user'];
$pass = $_POST['pass'];
$user = escape($user);
$pass = escape($pass);
if (CRYPT_MD5 == 1) {
$encryptuser = crypt($user, "\$1\$1p0rHF1b\$");
$encryptpass = crypt($pass, "\$1\$1p0rHF1b\$");
}
function f_inp($mil, $link)
{
$_SESSION['cur_div'] = 'content';
$ip = hostname();
$qda = $_SESSION['qda'];
$USE = $_SESSION['USE'];
$cont = $_GET['continue'];
$read = $_SESSION['read'];
$raed = $_SESSION['raed'];
$frm = $_SESSION['frm'];
if ($USE) {
$us = $USE;
} else {
list($us, $ml) = sql('name,mail', 'qdi', 'r', 'host="' . $ip . '" ORDER BY id DESC LIMIT 1');
}
$currid = lastid('qda') + 1;
if ($frm == "" or $frm == "Home") {
$frm = "public";
}
//sections
if ($_GET['edit'] == "=") {
$cit = "&edit==";
}
$goto = '/?read=' . $read . $cit;
if (substr($link, 0, 4) == 'http' && !$cont) {
$link = https(utmsrc($link));
//vacuum
$_GET['urlsrc'] = $link;
list($suj, $msg) = vacuum($link, '');
}
//elseif($read)$link=$_SESSION['rqt'][$read][9];
if (!$cont) {
$r['urlsrc'] = autoclic('urlsrc', "url", '10" id="urlsrc" onClick="SaveI(\'urlsrc\')" onContextMenu="SaveIt()" value="' . $link, '250', '') . btd('urledt', '');
}
//urlsrc
if ($USE && !$cont) {
$r['trkname'] = hidden('name', 'trkname', $USE) . hidden('mail', 'trkmail', '');
$r['slcat'] = select_j('frm', 'category', $frm, '3', $frm, '');
} elseif (!$USE) {
$gn = '" onkeyup="log_goodname(\'trkname\');';
$r['trkname'] = autoclic('name" id="trkname' . $gn, $us ? $us : nms(38), '8', '50', 'txtx');
//name
$r['trkmail'] = autoclic('mail" id="trkmail', $ml ? $ml : 'mail', '13', '50', 'txtx');
}
//mail
if (!$cont) {
$r['parent'] = select_jp('ib', 'parent', rstr(10) ? $read : '', '0', picto('topo'), '1');
}
//if(!$cont)$r['parent']=togbub();
if (!$cont && auth(3)) {
$r['publish'] = checkbox_j('pub', $_SESSION['auth'] < 4 ? 0 : rstr(11), nms(29));
} else {
$r['publish'] = hidden('pub', 'pub', 0);
}
if (!$cont) {
//new
$r['pstdat'] = select_j('postdat', 'date', date('y-m-d-H-i'), 0, picto('time'), 0);
$r['pstsuj'] = balise('input', array('', '', 'suj', 'suj1', '', 'editor', 7 => 255, 16 => 'width:100%;', 23 => $suj ? $suj : nms(71)), '');
}
if ($cont) {
$msg = sql('msg', 'qdm', 'v', 'id=' . $read);
$btcntn = 'continue=ok#' . $read;
$alrt = conn_correct($msg);
} else {
$goto = '/?read=' . $currid;
$btcntn = 'insert=ok';
}
//&continue==#'.$currid
$msg = str_replace("\r", "", $msg);
//msg
$msg = str_replace(array("<br />\n", "<br />", "<br>"), "\n", $msg);
//save
$ids = 'suj1|frm|urlsrc|postdat|trkname|trkmail|ib|pub';
//|sub
$c = 'popbt';
$sav = ljb($c, 'SaveJb', 'socket_saveart_txtarea_id4_' . $read . '_no\',\'art' . $read . '_readart___' . $read, picto('save'));
if ($cont && rstr(53)) {
$sav .= ljb($c, 'SaveJb', 'txarea_saveart_txtarea_id4_' . $read . '\',\'art' . $read . '_readart___' . $read, nms(57)) . ' ';
} elseif (!rstr(53)) {
$sav .= submitj($c, 'sav', nms(57)) . ' ';
} else {
$sav .= lj($c, 'socket_newart_txtarea_' . (rstr(57) ? 7 : 9) . '_____' . $ids, nms(57)) . ' ';
}
//pop
$btdt = lj('', 'popup_artwedit_txtarea__', pictit('editor', nms(107))) . ' ';
$btdt .= ljb('' . '" title="test', 'captslct', 'preview', picto('valid')) . ' ';
if ($cont && $read) {
$btdt .= urledt_id($read);
}
//defcon//urledt($link)
$ret = '<form method="POST" id="sav" action="' . $goto . '&' . $btcntn . '">' . "\n";
//form
$ret .= btd('bts' . $read, $sav) . ' ' . $btdt;
$ret .= implode(' ', $r);
$ret .= sesmk('conn_edit', '', '');
//1
$ret .= $alrt;
$ret .= divd('txarea', txarea1($msg));
//if(auth(4))$ret.=checkbox("randim","ok","rename_img",0);
$ret .= ' </form>' . "\n";
return $ret;
}