public function init() { parent::init(); // Include CMS styles and js Requirements::css(THIRDPARTY_DIR . '/jquery-ui-themes/smoothness/jquery-ui.css'); Requirements::css(FRAMEWORK_ADMIN_DIR . '/css/screen.css'); Requirements::combine_files('cmssecurity.js', array(THIRDPARTY_DIR . '/jquery/jquery.js', THIRDPARTY_DIR . '/jquery-ui/jquery-ui.js', THIRDPARTY_DIR . '/jquery-entwine/dist/jquery.entwine-dist.js', FRAMEWORK_ADMIN_DIR . '/javascript/lib.js', FRAMEWORK_ADMIN_DIR . '/javascript/CMSSecurity.js')); }
/** * @return void */ public function init() { parent::init(); $access = new IpAccess($this->getRequest()->getIP()); if (!$access->hasAccess()) { $access->respondNoAccess($this); } if (Config::inst()->get('AdminLogin', 'UseTheme') !== true) { // this prevents loading frontend css and javscript files Object::useCustomClass('Page_Controller', 'AdminLoginPage_Controller'); Requirements::css('adminlogin/css/style.css'); } Object::useCustomClass('MemberLoginForm', 'AdminLoginForm'); }
public function init() { parent::init(); if (Config::inst()->get('IpAccess', 'enabled')) { $ipAccess = new IpAccess($this->owner->getRequest()->getIP(), Config::inst()->get('IpAccess', 'allowed_ips')); if (!$ipAccess->hasAccess()) { $reponse = ''; if (class_exists('ErrorPage', true)) { $response = ErrorPage::response_for(404); } return $this->owner->httpError(404, $response ? $response : 'The requested page could not be found.'); } } // this prevents loading frontend css and javscript files Requirements::clear(); Requirements::css('adminlogin/css/style.css'); }
public function init() { parent::init(); if (Config::inst()->get('IpAccess', 'enabled')) { $ipAccess = new IpAccess($this->owner->getRequest()->getIP(), Config::inst()->get('IpAccess', 'allowed_ips')); if (!$ipAccess->hasAccess()) { $reponse = ''; if (class_exists('ErrorPage', true)) { $response = ErrorPage::response_for(404); } return $this->owner->httpError(404, $response ? $response : 'The requested page could not be found.'); } } if (Config::inst()->get('AdminLogin', 'UseTheme') !== true) { // this prevents loading frontend css and javscript files Object::useCustomClass('Page_Controller', 'AdminLoginPage_Controller'); Requirements::css('adminlogin/css/style.css'); } Object::useCustomClass('MemberLoginForm', 'AdminLoginForm'); }
* DISCLAIMER: This application is for education use only. Installing it on a * public facing server will expose the server to several security vulnerabilities * The author takes absolutely no resposibility for any damage that may occur * from the use or misuse of any of this code. * * PHP version 5.3 * * @category XssBadWebApp * @package Utilities * @author Anthony Ferrara <*****@*****.**> * @copyright 2011 The Authors * @license http://opensource.org/licenses/bsd-license.php New BSD License */ namespace XssBadWebApp\Utilities; Security::init(); class Security { protected static $seed = 'abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ 0123456789-?/.,)(*^%$#@!~'; public static function init() { static::$seed = preg_replace('/\\s/', '', static::$seed); } public static function makeRandomString($length = 64) { $result = ''; $seedLength = strlen(static::$seed); for ($i = 0; $i < $length; $i++) { $result .= static::$seed[mt_rand(0, $seedLength - 1)];