/**
 * 全局安全过滤函数
 * 支持SQL注入和跨站脚本攻击
 */
function global_filter()
{
    //APP,ACT 分别为控制器和控制器方法
    $params = array(APP, ACT);
    foreach ($params as $k => $v) {
        if (!preg_match("/^[a-zA-Z0-9_-]+\$/", $v)) {
            header_status_404();
        }
    }
    $arrStr = array('%0d%0a', "'", '<', '>', '$', 'script', 'document', 'eval', 'atestu', 'select', 'insert?into', 'delete?from');
    global_inject_input($_SERVER['HTTP_REFERER'], $arrStr, true);
    global_inject_input($_SERVER['HTTP_USER_AGENT'], $arrStr, true);
    global_inject_input($_SERVER['HTTP_ACCEPT_LANGUAGE'], $arrStr, true);
    global_inject_input($_GET, array_merge($arrStr, array('"')), true);
    //global_inject_input($_COOKIE, array_merge($arrStr, array('"', '&')), true);
    //cookie会有对url的记录(pGClX_last_url)。去掉对&的判断
    global_inject_input($_COOKIE, array_merge($arrStr, array('"')), true);
    global_inject_input($_SERVER, array('%0d%0a'), true);
    //处理跨域POST提交问题
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        //处理客户端POST请求处理没有HTTP_REFERER参数问题
        if (isset($_SERVER['HTTP_REFERER'])) {
            $url = parse_url($_SERVER['HTTP_REFERER']);
            $referer_host = !empty($url['port']) && $url['port'] != '80' ? $url['host'] . ':' . $url['port'] : $url['host'];
            if ($referer_host != $_SERVER['HTTP_HOST']) {
                header_status_404();
            }
        }
    }
    global_inject_input($_POST, array('%0d%0a'));
    global_inject_input($_REQUEST, array('%0d%0a'));
}
 public function executeConsole(AgaviRequestDataHolder $request_data)
 {
     $migration_description = $request_data->getParameter('description');
     $migration_timestamp = date('YmdHis');
     $migration_slug = StringToolkit::asSnakeCase(trim($request_data->getParameter('name', 'default')));
     $migration_name = StringToolkit::asStudlyCaps($migration_slug);
     $migration_dir = $this->getAttribute('migration_dir');
     // Bit of a hack to build namespace
     if (!preg_match('#.+/app/(?:modules|migration)/(\\w+_?)(?:$|/.+)#', $migration_dir, $matches)) {
         throw new RuntimeError(sprintf('Could not find namespace info in path %s', $migration_dir));
     }
     $namespace_parts = explode('_', $matches[1]);
     if (count($namespace_parts) == 1) {
         // @todo app migration - introduce a project root namespace setting
         $namespace_parts = ['Your', 'Application'];
     }
     // And a hack to determine the technology namespace
     $target = $request_data->getParameter('target');
     if (strpos($target, 'event_source')) {
         $technology = 'CouchDb';
     } elseif (strpos($target, 'view_store')) {
         $technology = 'Elasticsearch';
     } else {
         $technology = 'RabbitMq';
     }
     $migration_filepath = sprintf('%1$s%2$s%3$s_%4$s%2$s%4$s.php', $migration_dir, DIRECTORY_SEPARATOR, $migration_timestamp, $migration_slug);
     $twig_renderer = TwigRenderer::create(['template_paths' => [__DIR__]]);
     $twig_renderer->renderToFile($technology . 'Migration.tpl.twig', $migration_filepath, ['name' => $migration_name, 'timestamp' => $migration_timestamp, 'description' => $migration_description, 'folder' => $migration_dir, 'filepath' => $migration_filepath, 'vendor_prefix' => $namespace_parts[0], 'package_prefix' => $namespace_parts[1], 'technology' => $technology, 'project_prefix' => AgaviConfig::get('core.project_prefix')]);
     return $this->cliMessage('-> migration template was created here:' . PHP_EOL . $migration_filepath . PHP_EOL);
 }
 public function submitInfo()
 {
     $this->load->model("settings_model");
     // Gather the values
     $values = array('nickname' => htmlspecialchars($this->input->post("nickname")), 'location' => htmlspecialchars($this->input->post("location")));
     // Change language
     if ($this->config->item('show_language_chooser')) {
         $values['language'] = $this->input->post("language");
         if (!is_dir("application/language/" . $values['language'])) {
             die("3");
         } else {
             $this->user->setLanguage($values['language']);
             $this->plugins->onSetLanguage($this->user->getId(), $values['language']);
         }
     }
     // Remove the nickname field if it wasn't changed
     if ($values['nickname'] == $this->user->getNickname()) {
         $values = array('location' => $this->input->post("location"));
     } elseif (strlen($values['nickname']) < 4 || strlen($values['nickname']) > 14 || !preg_match("/[A-Za-z0-9]*/", $values['nickname'])) {
         die(lang("nickname_error", "ucp"));
     } elseif ($this->internal_user_model->nicknameExists($values['nickname'])) {
         die("2");
     }
     if (strlen($values['location']) > 32 && !ctype_alpha($values['location'])) {
         die(lang("location_error", "ucp"));
     }
     $this->settings_model->saveSettings($values);
     $this->plugins->onSaveSettings($this->user->getId(), $values);
     die("1");
 }
/**
 * test if a value is a valid credit card expiration date
 *
 * @param string $value the value being tested
 * @param boolean $empty if field can be empty
 * @param array params validate parameter values
 * @param array formvars form var values
 */
function smarty_validate_criteria_isCCExpDate($value, $empty, &$params, &$formvars)
{
    if (strlen($value) == 0) {
        return $empty;
    }
    if (!preg_match('!^(\\d+)\\D+(\\d+)$!', $value, $_match)) {
        return false;
    }
    $_month = $_match[1];
    $_year = $_match[2];
    if (strlen($_year) == 2) {
        $_year = substr(date('Y', time()), 0, 2) . $_year;
    }
    $_month = (int) $_month;
    $_year = (int) $_year;
    if ($_month < 1 || $_month > 12) {
        return false;
    }
    if (date('Y', time()) > $_year) {
        return false;
    }
    if (date('Y', time()) == $_year && date('m', time()) > $_month) {
        return false;
    }
    return true;
}
Esempio n. 5
1
/**
 * Sanitizes $message, taking into account our special codes
 * for formatting.
 *
 * If you want to include result in element attribute, you should escape it.
 *
 * Examples:
 *
 * <p><?php echo PMA_sanitize($foo); ?></p>
 *
 * <a title="<?php echo PMA_sanitize($foo, true); ?>">bar</a>
 *
 * @uses    preg_replace()
 * @uses    strtr()
 * @param   string   the message
 * @param   boolean  whether to escape html in result
 *
 * @return  string   the sanitized message
 *
 * @access  public
 */
function PMA_sanitize($message, $escape = false, $safe = false)
{
    if (!$safe) {
        $message = strtr($message, array('<' => '&lt;', '>' => '&gt;'));
    }
    $replace_pairs = array('[i]' => '<em>', '[/i]' => '</em>', '[em]' => '<em>', '[/em]' => '</em>', '[b]' => '<strong>', '[/b]' => '</strong>', '[strong]' => '<strong>', '[/strong]' => '</strong>', '[tt]' => '<code>', '[/tt]' => '</code>', '[code]' => '<code>', '[/code]' => '</code>', '[kbd]' => '<kbd>', '[/kbd]' => '</kbd>', '[br]' => '<br />', '[/a]' => '</a>', '[sup]' => '<sup>', '[/sup]' => '</sup>');
    $message = strtr($message, $replace_pairs);
    $pattern = '/\\[a@([^"@]*)@([^]"]*)\\]/';
    if (preg_match_all($pattern, $message, $founds, PREG_SET_ORDER)) {
        $valid_links = array('http', './Do', './ur');
        foreach ($founds as $found) {
            // only http... and ./Do... allowed
            if (!in_array(substr($found[1], 0, 4), $valid_links)) {
                return $message;
            }
            // a-z and _ allowed in target
            if (!empty($found[2]) && preg_match('/[^a-z_]+/i', $found[2])) {
                return $message;
            }
        }
        if (substr($found[1], 0, 4) == 'http') {
            $message = preg_replace($pattern, '<a href="' . PMA_linkURL($found[1]) . '" target="\\2">', $message);
        } else {
            $message = preg_replace($pattern, '<a href="\\1" target="\\2">', $message);
        }
    }
    if ($escape) {
        $message = htmlspecialchars($message);
    }
    return $message;
}
Esempio n. 6
1
 public function __call($s_method_name, $arr_arguments)
 {
     if (!method_exists($this, $s_method_name)) {
         // если еще не имлементировали
         $s_match = "";
         $s_method_prefix = '';
         $s_method_base = '';
         $arr_matches = array();
         $bSucc = preg_match("/[A-Z_]/", $s_method_name, $arr_matches);
         if ($bSucc) {
             $s_match = $arr_matches[0];
             $i_match = strpos($s_method_name, $s_match);
             $s_method_prefix = substr($s_method_name, 0, $i_match) . "/";
             $s_method_base = substr($s_method_name, 0, $i_match + ($s_match === "_" ? 1 : 0));
         }
         $s_class_enter = "__" . $s_method_name;
         // метод, общий для всех режимов
         if (!class_exists($s_class_enter)) {
             $s_entermethod_lib = "methods/" . $s_method_prefix . "__" . $s_method_name . ".lib.php";
             $this->__loadLib($s_entermethod_lib);
             $this->__implement($s_class_enter);
         }
         $s_class_mode = "__" . $s_method_name . "_";
         // метод, выбираемый в зависимости от режима
         if (!class_exists($s_class_mode)) {
             $s_modemethod_lib = "methods/" . $s_method_prefix . "__" . $s_method_name . "_" . cmsController::getInstance()->getCurrentMode() . ".lib.php";
             $this->__loadLib($s_modemethod_lib);
             $this->__implement($s_class_mode);
         }
     }
     return parent::__call($s_method_name, $arr_arguments);
 }
Esempio n. 7
1
 /**
  * Get link definition defined in 'fields' metadata. In linkDefs can be used as value (e.g. "type": "hasChildren") and/or variables (e.g. "entityName":"{entity}"). Variables should be defined into fieldDefs (in 'entityDefs' metadata).
  *
  * @param  string $entityName
  * @param  array  $fieldDef
  * @param  array  $linkFieldDefsByType
  * @return array | null
  */
 public function getLinkDefsInFieldMeta($entityName, $fieldDef, array $linkFieldDefsByType = null)
 {
     if (!isset($fieldDefsByType)) {
         $fieldDefsByType = $this->getFieldDefsByType($fieldDef);
         if (!isset($fieldDefsByType['linkDefs'])) {
             return null;
         }
         $linkFieldDefsByType = $fieldDefsByType['linkDefs'];
     }
     foreach ($linkFieldDefsByType as $paramName => &$paramValue) {
         if (preg_match('/{(.*?)}/', $paramValue, $matches)) {
             if (in_array($matches[1], array_keys($fieldDef))) {
                 $value = $fieldDef[$matches[1]];
             } else {
                 if (strtolower($matches[1]) == 'entity') {
                     $value = $entityName;
                 }
             }
             if (isset($value)) {
                 $paramValue = str_replace('{' . $matches[1] . '}', $value, $paramValue);
             }
         }
     }
     return $linkFieldDefsByType;
 }
 public static function validatePassword(User $user, $value)
 {
     $length = strlen($value);
     $config = $user->getMain()->getConfig();
     $minLength = $config->getNested("Registration.MinLength", 4);
     if ($length < $minLength) {
         $user->getPlayer()->sendMessage($config->getNested("Messages.Register.PasswordUnderflow", "too short"));
         return false;
     }
     $maxLength = $config->getNested("Registration.MaxLength", -1);
     if ($maxLength !== -1 and $length > $maxLength) {
         $user->getPlayer()->sendMessage($config->getNested("Messages.Register.PasswordOverflow", "too long"));
         return false;
     }
     if ($config->getNested("Registration.BanPureLetters", false) and preg_match('/^[a-z]+$/i', $value)) {
         $user->getPlayer()->sendMessage($config->getNested("Messages.Register.PasswordPureLetters", "only letters"));
         return false;
     }
     if ($config->getNested("Registration.BanPureNumbers", false) and preg_match('/^[0-9]+$/', $value)) {
         $user->getPlayer()->sendMessage($config->getNested("Messages.Register.PasswordPureNumbers", "only numbers"));
         return false;
     }
     if ($config->getNested("Registration.DisallowSlashes", true) and $value[0] === "/") {
         $user->getPlayer()->sendMessage($config->getNested("Messages.Register.PasswordSlashes", "do not start with slashes"));
         return false;
     }
     return true;
 }
 /**
  * Constructs HTML for the tutorial (laboriously), including an imagemap for the clickable "Help desk" button.
  *
  * @param MediaTransformOutput $thumb
  * @param String|null $campaign Upload Wizard campaign for which the tutorial should be displayed.
  *
  * @return String HTML representing the image, with clickable helpdesk button
  */
 public static function getImageHtml(MediaTransformOutput $thumb, $campaign = null)
 {
     $helpDeskUrl = wfMessage('mwe-upwiz-help-desk-url')->text();
     // Per convention, we may be either using an absolute URL or a wiki page title in this UI message
     if (preg_match('/^(?:' . wfUrlProtocols() . ')/', $helpDeskUrl)) {
         $helpDeskHref = $helpDeskUrl;
     } else {
         $helpDeskTitle = Title::newFromText($helpDeskUrl);
         $helpDeskHref = $helpDeskTitle ? $helpDeskTitle->getLocalURL() : '#';
     }
     $buttonCoords = UploadWizardConfig::getSetting('tutorialHelpdeskCoords', $campaign);
     $useMap = $buttonCoords !== false && trim($buttonCoords) != '';
     $imgAttributes = array('src' => $thumb->getUrl(), 'width' => $thumb->getWidth(), 'height' => $thumb->getHeight());
     if ($useMap) {
         $imgAttributes['usemap'] = '#' . self::IMAGEMAP_ID;
     }
     // here we use the not-yet-forgotten HTML imagemap to add a clickable area to the tutorial image.
     // we could do more special effects with hovers and images and such, not to mention SVG scripting,
     // but we aren't sure what we want yet...
     $imgHtml = Html::element('img', $imgAttributes);
     if ($useMap) {
         $areaAltText = wfMessage('mwe-upwiz-help-desk')->text();
         $area = Html::element('area', array('shape' => 'rect', 'coords' => $buttonCoords, 'href' => $helpDeskHref, 'alt' => $areaAltText, 'title' => $areaAltText));
         $imgHtml = Html::rawElement('map', array('id' => self::IMAGEMAP_ID, 'name' => self::IMAGEMAP_ID), $area) . $imgHtml;
     }
     return $imgHtml;
 }
Esempio n. 10
0
 public function created_on()
 {
     if (preg_match('/Created On :[\\s]+(.*?)\\n/', $this->body, $match)) {
         return strtotime($match[1]);
     }
     return null;
 }
Esempio n. 11
0
 public static function preProcessing(Dwoo_Compiler $compiler, array $params, $prepend, $append, $type)
 {
     $params = $compiler->getCompiledParams($params);
     $parsedParams = array();
     if (!isset($params['*'])) {
         $params['*'] = array();
     }
     foreach ($params['*'] as $param => $defValue) {
         if (is_numeric($param)) {
             $param = $defValue;
             $defValue = null;
         }
         $param = trim($param, '\'"');
         if (!preg_match('#^[a-z0-9_]+$#i', $param)) {
             throw new Dwoo_Compilation_Exception($compiler, 'Function : parameter names must contain only A-Z, 0-9 or _');
         }
         $parsedParams[$param] = $defValue;
     }
     $params['name'] = substr($params['name'], 1, -1);
     $params['*'] = $parsedParams;
     $params['uuid'] = uniqid();
     $compiler->addTemplatePlugin($params['name'], $parsedParams, $params['uuid']);
     $currentBlock =& $compiler->getCurrentBlock();
     $currentBlock['params'] = $params;
     return '';
 }
Esempio n. 12
0
/**
 * On modifie les URLS des images dans le corps de l'article
 */
function filtre_picture($content, $url, $id)
{
    $matches = array();
    $processing_pictures = array();
    // list of processing image to avoid processing the same pictures twice
    preg_match_all('#<\\s*(img)[^>]+src="([^"]*)"[^>]*>#Si', $content, $matches, PREG_SET_ORDER);
    foreach ($matches as $i => $link) {
        $link[1] = trim($link[1]);
        if (!preg_match('#^(([a-z]+://)|(\\#))#', $link[1])) {
            $absolute_path = get_absolute_link($link[2], $url);
            $filename = basename(parse_url($absolute_path, PHP_URL_PATH));
            $directory = create_assets_directory($id);
            $fullpath = $directory . '/' . $filename;
            if (in_array($absolute_path, $processing_pictures) === true) {
                // replace picture's URL only if processing is OK : already processing -> go to next picture
                continue;
            }
            if (download_pictures($absolute_path, $fullpath) === true) {
                $content = str_replace($matches[$i][2], $fullpath, $content);
            }
            $processing_pictures[] = $absolute_path;
        }
    }
    return $content;
}
 public function actionIndex()
 {
     if (isset($_GET['id'])) {
         $model = Document::model()->findByPk($_GET['id']);
         $this->render('detail', array('model' => $model));
         $cfg = (require dirname(__FILE__) . '/../../config/main.php');
         //print '<pre>';
         //print_r($cfg['components']['db']);
         if (preg_match("/^mysql:host=(\\w.*);dbname=(\\w.*)/i", $cfg['components']['db']['connectionString'], $match)) {
             //print_r($match);
         }
         //$db_name = "myphotos";
         //$db_server = "localhost";
         //$db_user = "******";
         //$db_pass = "";
         $db_name = $match[2];
         $db_server = $match[1];
         $db_user = $cfg['components']['db']["username"];
         $db_pass = $cfg['components']['db']["password"];
         $sql = "UPDATE gs_document SET counter=counter+1 WHERE doc_id='" . $_GET['id'] . "'";
         //print $sql;
         //$command = Yii::app()->db->createCommand($sql);
         //$command->execute();
         $dbh = new PDO('mysql:host=' . $db_server . ';port=3306;dbname=' . $db_name, $db_user, $db_pass, array(PDO::ATTR_PERSISTENT => false));
         $stmt = $dbh->prepare($sql);
         $stmt->execute();
     } else {
         $criteria = new CDbCriteria();
         $criteria->select = '*';
         $criteria->condition = 'status = 1';
         $criteria->order = 'sort_order ASC ,last_update DESC';
         $model = Document::model()->findAll($criteria);
         $this->render('index', array('model' => $model));
     }
 }
Esempio n. 14
0
function getTangentText($type, $keyword)
{
    global $dbHost, $dbUser, $dbPassword, $dbName;
    $link = @mysql_connect($dbHost, $dbUser, $dbPassword);
    if (!$link) {
        die("Cannot connect : " . mysql_error());
    }
    if (!@mysql_select_db($dbName, $link)) {
        die("Cannot find database : " . mysql_error());
    }
    $result = mysql_query("SELECT sr_keywords, sr_text FROM soRandom WHERE sr_type = '" . $type . "' ORDER BY sr_ID ASC;", $link);
    $tempCounter = 0;
    while ($row = mysql_fetch_assoc($result)) {
        $pKey = "/" . $keyword . "/";
        $pos = preg_match($pKey, $row['sr_keywords']);
        //echo $pos . " is pos<br>";
        //echo $keyword;
        //echo " is keyword and this is the search return: " . $row['keywords'];
        if ($pos != 0) {
            $text[$tempCounter] = stripslashes($row["sr_text"]);
            $tempCounter++;
        }
    }
    mysql_close($link);
    //$text=htmlentities($text);
    return $text;
}
Esempio n. 15
0
function wpcf7_submit_shortcode_handler($tag)
{
    if (!is_array($tag)) {
        return '';
    }
    $options = (array) $tag['options'];
    $values = (array) $tag['values'];
    $atts = '';
    $id_att = '';
    $class_att = '';
    foreach ($options as $option) {
        if (preg_match('%^id:([-0-9a-zA-Z_]+)$%', $option, $matches)) {
            $id_att = $matches[1];
        } elseif (preg_match('%^class:([-0-9a-zA-Z_]+)$%', $option, $matches)) {
            $class_att .= ' ' . $matches[1];
        }
    }
    if ($id_att) {
        $atts .= ' id="' . trim($id_att) . '"';
    }
    if ($class_att) {
        $atts .= ' class="' . trim($class_att) . '"';
    }
    $value = $values[0];
    if (empty($value)) {
        $value = __('Send', 'wpcf7');
    }
    $ajax_loader_image_url = wpcf7_plugin_url('images/ajax-loader.gif');
    $html = '<input type="submit" value="' . esc_attr($value) . '"' . $atts . ' />';
    $html .= ' <img class="ajax-loader" style="visibility: hidden;" alt="ajax loader" src="' . $ajax_loader_image_url . '" />';
    return $html;
}
Esempio n. 16
0
 function schema()
 {
     $this->column('id')->integer()->primary()->autoIncrement();
     $this->column('name')->typeConstraint()->required()->varchar(128);
     $this->column('description')->varchar(128);
     $this->column('category_id')->integer();
     $this->column('address')->varchar(64)->validator(function ($val, $args, $record) {
         if (preg_match('/f**k/', $val)) {
             return array(false, "Please don't");
         }
         return array(true, "Good");
     })->filter(function ($val, $args, $record) {
         return str_replace('John', 'XXXX', $val);
     })->default(function () {
         return 'Default Address';
     })->varchar(256);
     $this->column('country')->varchar(12)->required()->index()->validValues(array('Taiwan', 'Taipei', 'Tokyo'));
     $this->column('type')->varchar(24)->validValues(function () {
         return array('Type Name A' => 'type-a', 'Type Name B' => 'type-b', 'Type Name C' => 'type-c');
     });
     $this->column('confirmed')->boolean();
     $this->column('date')->date()->isa('DateTime')->deflator(function ($val) {
         if ($val instanceof \DateTime) {
             return $val->format('Y-m-d');
         } elseif (is_integer($val)) {
             return strftime('%Y-%m-%d', $val);
         }
         return $val;
     })->inflator(function ($val) {
         return new \DateTime($val);
     });
     $this->seeds('TestSeed');
 }
 /**
  * Validate an UA code
  *
  * @param $ua_code
  *
  * @return bool
  */
 private function validate_ua_code($ua_code)
 {
     if (preg_match('/UA-[0-9]{6,10}-[0-9]{1,3}/i', $ua_code)) {
         return true;
     }
     return false;
 }
Esempio n. 18
0
 public function __get($name)
 {
     // if there is a _ in the name, there is a filter at the end
     if (strpos($name, '_') !== false) {
         // pick off the last _'d piece
         preg_match('/^(.*)_([^_]+)$/', $name, $matches);
         list($junk, $name, $filter) = $matches;
         // so that we don't break every info value that has a _ in it, only _out is an acceptable filter name
         if ($filter != 'out') {
             // put it back together
             $name = $name . '_' . $filter;
             // turn off the filter
             $filter = false;
         }
     } else {
         $filter = false;
     }
     // get the value by calling our parent function directly
     $value = parent::__get($name);
     // apply the main filter so values can be altered regardless of any _filter
     $value = Plugins::filter("post_info_{$name}", $value);
     // if there is a filter, apply that specific one too
     if ($filter) {
         $value = Plugins::filter("post_info_{$name}_{$filter}", $value);
     }
     return $value;
 }
Esempio n. 19
0
function list_ressource($automount)
{
    $sock = new sockets();
    $datas = $sock->getFrameWork("cmd.php?B64-dirdir=" . base64_encode("/automounts/{$automount}"));
    $files = unserialize(base64_decode(trim($datas)));
    if (!is_array($files)) {
        $_GET["cyrus-brows-comp"] = "/automounts/{$automount}";
        list_ressources2();
        return;
    }
    $html = "<table style='width:80%'>";
    if (is_array($files)) {
        while (list($num, $ligne) = each($files)) {
            if (!preg_match("#backup\\.[0-9\\-]+#", $ligne)) {
                continue;
            }
            $md5 = md5($num);
            $ligne = str_replace("backup.", "", $ligne);
            $js = "SelectMountRestoreLevel2('{$md5}','{$num}')";
            $html = $html . "\n\t\t\t<tr " . CellRollOver($js, "{select_this_container}") . ">\n\t\t\t\t<td with=1%><img src='img/folder-32-sh\tare.png'>\n\t\t\t\t<td width=99%><span style='font-size:14px'>{$ligne}</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td colspan=2><div id='{$md5}'><hr></div></td>\n\t\t\t</tR>\n\t\t\t\t\t\n\t\t\t";
        }
    }
    $html = $html . "</table>";
    return $html;
}
 public function edit($user, $type, $pass, $name, $email, $phone, $descr, $age_cat)
 {
     $this->load->helper('security');
     $query = $this->db->query('Select ID from age where category="' . $age_cat . '"');
     foreach ($query->result() as $row) {
         $id_age_cat = $row->ID;
     }
     if ($pass == "") {
         $query = $this->db->query('UPDATE all_users SET type="' . $type . '", name="' . $name . '", email="' . $email . '", phone_number="' . $phone . '", description="' . $descr . '", age_id="' . $id_age_cat . '" WHERE username="******"');
     } else {
         if (preg_match("/[A-Z]+/", $pass) && preg_match("/[`'\"~!@# \$*()<>,:;{}\\|1234567890]/", $pass)) {
             $this->load->helper('security');
             $passhash = do_hash($pass, 'md5');
             $query = $this->db->query('UPDATE all_users SET type="' . $type . '", password="******", name="' . $name . '", email="' . $email . '", phone_number="' . $phone . '", description="' . $descr . '", age_id="' . $id_age_cat . '" WHERE username="******"');
         } else {
             return "8";
         }
     }
     if ($this->db->affected_rows() == 1) {
         return "3";
         //The user's information was updated
     } else {
         return "4";
         //Could not update user's information
     }
 }
Esempio n. 21
0
 function installLanguage2($f, $l, $m)
 {
     global $php;
     $patt = '/^([A-Z0-9_]+)[\\s]{0,}=[\\s]{0,}[\'"](.*)[\'"];$/';
     foreach (file($f) as $item) {
         $item = trim($item);
         if ($item != '') {
             if (preg_match($patt, $item, $match)) {
                 if (isset($php[$match[1]])) {
                     $php[$match[1]][$l] = addslashes($match[2]);
                 } else {
                     $save = array();
                     if (preg_match('/^[0-9]+$/', $value)) {
                         $save['type'] = 'int';
                     } else {
                         $save['type'] = 'text';
                     }
                     $save['key'] = $match[1];
                     $save['owner'] = $m;
                     $save[$l] = addslashes($match[2]);
                     $save['js'] = 1;
                     $php[$match[1]] = $save;
                 }
             }
         }
     }
 }
Esempio n. 22
0
 /**
  * @return insert data to url table
  */
 public function postUrl(Request $request)
 {
     $this->validate($request, ['name' => 'required|unique:urls|max:255']);
     $url = Url::create($request->all());
     $requesturl = $request->input('name');
     $scrapedurl = Url::where('name', $requesturl)->firstOrFail();
     $this->urlId = $scrapedurl->id;
     $crawler = $this->helper_crawler($scrapedurl->name);
     $isBlock = $crawler->filter('p')->text();
     //dd($crawler->html());
     if (strpos($isBlock, 'blocked') != false) {
         echo "Your ip is blocked. Please try again later";
         die;
     } else {
         $data = $crawler->filterXpath("//div[@class='rows']");
         $data->filter('p > a')->each(function ($node) {
             $scrapedurl = $node->attr('href');
             if (!preg_match("/\\/\\/.+/", $scrapedurl)) {
                 $this->getInfo($scrapedurl);
             }
         });
     }
     $leads = Lead::all();
     Session::flash('leads', $leads);
     return redirect()->back()->with('message', "Link was scraped please view link");
 }
Esempio n. 23
0
 public function run($sql = null, $bind = array())
 {
     $this->flush();
     if (!empty($sql)) {
         $this->sql = $sql;
     }
     if (!empty($bind)) {
         $this->bind = $bind;
     }
     if (empty($this->sql)) {
         $this->error = 'No query to execute!';
         $this->result = false;
         return false;
     }
     try {
         $stmt = $this->prepare($this->sql);
         if (false === $stmt->execute($this->bind)) {
             $this->result = false;
         } else {
             if (preg_match("/^(insert|delete|update|replace|drop|create)\\s+/i", $this->sql)) {
                 if (preg_match("/^(insert|replace)\\s+/i", $this->sql)) {
                     $this->insert_id = @$this->lastInsertId();
                 }
                 $this->num_rows = @$stmt->rowCount();
                 $this->result = $this->num_rows;
             } else {
                 return $stmt;
             }
         }
     } catch (PDOException $e) {
         $this->error = $e->getMessage();
         $this->result = false;
     }
     return $this->result;
 }
Esempio n. 24
0
function sunrise_wpml_filter_queries($q)
{
    global $wpdb, $table_prefix, $current_blog;
    static $no_recursion;
    if (empty($current_blog) && empty($no_recursion)) {
        $no_recursion = true;
        if (preg_match("#SELECT \\* FROM {$wpdb->blogs} WHERE domain = '(.*)'#", $q, $matches)) {
            if (!$wpdb->get_row($q)) {
                $icl_blogs = $wpdb->get_col("SELECT blog_id FROM {$wpdb->blogs}");
                foreach ($icl_blogs as $blog_id) {
                    $prefix = $blog_id > 1 ? $table_prefix . $blog_id . '_' : $table_prefix;
                    $icl_settings = $wpdb->get_var("SELECT option_value FROM {$prefix}options WHERE option_name='icl_sitepress_settings'");
                    if ($icl_settings) {
                        $icl_settings = unserialize($icl_settings);
                        if ($icl_settings && $icl_settings['language_negotiation_type'] == 2) {
                            if (in_array('http://' . $matches[1], $icl_settings['language_domains'])) {
                                $found_blog_id = $blog_id;
                                break;
                            }
                        }
                    }
                }
                if ($found_blog_id) {
                    $q = "SELECT * FROM {$wpdb->blogs} WHERE blog_id = '" . $found_blog_id . "'";
                }
            }
        }
        $no_recursion = false;
    }
    return $q;
}
Esempio n. 25
0
 /**
  * Convert 3.0 ACM type to 3.1 cache driver class name
  *
  * @param string $acm_type ACM type
  * @return string cache driver class
  */
 protected function convert_30_acm_type($acm_type)
 {
     if (preg_match('#^[a-z]+$#', $acm_type)) {
         return 'phpbb\\cache\\driver\\' . $acm_type;
     }
     return $acm_type;
 }
Esempio n. 26
0
function sp_execute_sql($db, $file, $tablepre)
{
    //读取SQL文件
    $sql = file_get_contents(MODULE_PATH . 'Data/' . $file);
    $sql = str_replace("\r", "\n", $sql);
    $sql = explode(";\n", $sql);
    //替换表前缀
    $default_tablepre = "cmf_";
    $sql = str_replace(" `{$default_tablepre}", " `{$tablepre}", $sql);
    //开始安装
    sp_show_msg('开始安装数据库...');
    foreach ($sql as $item) {
        $item = trim($item);
        if (empty($item)) {
            continue;
        }
        preg_match('/CREATE TABLE `([^ ]*)`/', $item, $matches);
        if ($matches) {
            $table_name = $matches[1];
            $msg = "创建数据表{$table_name}";
            if (false !== $db->execute($item)) {
                sp_show_msg($msg . ' 完成');
            } else {
                sp_show_msg($msg . ' 失败!', 'error');
            }
        } else {
            $db->execute($item);
        }
    }
}
Esempio n. 27
0
 function fetchElement($name, $value, &$node, $control_name)
 {
     jimport('joomla.filesystem.folder');
     // path to images directory
     $path = JPATH_ROOT . DS . $node->attributes('directory');
     $filter = $node->attributes('filter');
     $exclude = $node->attributes('exclude');
     $recursive = $node->attributes('recursive') == 1 ? true : false;
     $folders = JFolder::folders($path, $filter, $recursive);
     $folders = $this->recursive_listdir($path, $node);
     $options = array();
     foreach ($folders as $key => $folder) {
         if ($exclude) {
             if (preg_match(chr(1) . $exclude . chr(1), $folder)) {
                 continue;
             }
         }
         $options[] = JHTML::_('select.option', $key, $folder);
     }
     if (!$node->attributes('hide_none')) {
         array_unshift($options, JHTML::_('select.option', '-1', '- ' . JText::_('Do not use') . ' -'));
     }
     if (!$node->attributes('hide_default')) {
         array_unshift($options, JHTML::_('select.option', '', '- ' . JText::_('Use default') . ' -'));
     }
     $fullName = ElementHelper::getFullName($this, $control_name, $name);
     return JHTML::_('select.genericlist', $options, $fullName, 'class="inputbox"', 'value', 'text', $value, "params{$name}");
 }
Esempio n. 28
0
 public static function getBaseUrlFrom($url)
 {
     if (preg_match('/payments/', $url)) {
         $baseUrl = 'https://reports.litle.com';
     } else {
         if (preg_match('/sandbox/', $url)) {
             $baseUrl = 'https://www.testlitle.com/sandbox';
         } else {
             if (preg_match('/prelive/', $url)) {
                 $baseUrl = 'https://reports-prelive.litle.com';
             } else {
                 if (preg_match('/precert/', $url)) {
                     $baseUrl = 'https://reports.precert.litle.com';
                 } else {
                     if (preg_match('/cert/', $url)) {
                         $baseUrl = 'https://reports.cert.litle.com';
                     } else {
                         $baseUrl = 'http://localhost:2190';
                     }
                 }
             }
         }
     }
     return $baseUrl;
 }
Esempio n. 29
0
    public function updatePost($id, $created, $source, $title)
    {
        $data = array('source' => $source, 'title' => $title);
        // Valid date given (YYYY-MM-DD)?
        if (preg_match('/^\\d{4}.\\d{2}.\\d{2}.+\\d{2}.\\d{2}$/', $created) && strtotime($created)) {
            $data['created'] = $created;
            $initial = $this->db->getRow('SELECT UNIX_TIMESTAMP(created) as created, image, thumb 
				FROM ' . ASAPH_TABLE_POSTS . '
				WHERE id = :1', $id);
            // OK, this sucks hard. If the date changed, we may have to move the thumb and image
            // into another path and make sure to not overwrite any other imagess.
            $initialPath = date('Y/m', $initial['created']);
            $newPath = date('Y/m', strtotime($created));
            if ($initialPath != $newPath && !empty($initial['thumb'])) {
                $newImageDir = ASAPH_PATH . Asaph_Config::$images['imagePath'] . $newPath;
                $newThumbDir = ASAPH_PATH . Asaph_Config::$images['thumbPath'] . $newPath;
                $newImageName = $this->getUniqueFileName($newImageDir, $initial['image']);
                $newThumbName = $this->getUniqueFileName($newThumbDir, $initial['thumb']);
                $initialImagePath = ASAPH_PATH . Asaph_Config::$images['imagePath'] . $initialPath . '/' . $initial['image'];
                $initialThumbPath = ASAPH_PATH . Asaph_Config::$images['thumbPath'] . $initialPath . '/' . $initial['thumb'];
                $newImagePath = $newImageDir . '/' . $newImageName;
                $newThumbPath = $newThumbDir . '/' . $newThumbName;
                $data['image'] = $newImageName;
                $data['thumb'] = $newThumbName;
                if (!$this->mkdirr($newImageDir) || !$this->mkdirr($newThumbDir) || !@rename($initialImagePath, $newImagePath) || !@rename($initialThumbPath, $newThumbPath)) {
                    return false;
                }
            }
        }
        $this->db->updateRow(ASAPH_TABLE_POSTS, array('id' => $id), $data);
        return true;
    }
 protected function parseImageData($data)
 {
     $images = array();
     foreach ($data as $name => $value) {
         if (preg_match('/img-(\\d*)-(\\d*)$/', $name, $matches)) {
             if (!empty($matches[1]) && !empty($matches[2])) {
                 $key = $matches[1] . '-' . $matches[2];
                 if (empty($images[$key])) {
                     $images[$key] = array();
                 }
                 $images[$key]['wikiId'] = $matches[1];
                 $images[$key]['pageId'] = $matches[2];
                 $images[$key]['state'] = $value;
             }
         } elseif (preg_match('/img-(\\d*)-(\\d*)-([a-z]+)/', $name, $matches)) {
             if (!empty($matches[1]) && !empty($matches[2]) && !empty($matches[3])) {
                 $key = $matches[1] . '-' . $matches[2];
                 if (empty($images[$key])) {
                     $images[$key] = array();
                 }
                 $valname = $matches[3];
                 switch ($valname) {
                     case 'lang':
                         $images[$key]['lang'] = $value;
                         break;
                     case 'file':
                         $images[$key]['name'] = $value;
                         break;
                 }
             }
         }
     }
     return $images;
 }