public function init()
{
parent::init();
// Include CMS styles and js
Requirements::css(THIRDPARTY_DIR . '/jquery-ui-themes/smoothness/jquery-ui.css');
Requirements::css(FRAMEWORK_ADMIN_DIR . '/css/screen.css');
Requirements::combine_files('cmssecurity.js', array(THIRDPARTY_DIR . '/jquery/jquery.js', THIRDPARTY_DIR . '/jquery-ui/jquery-ui.js', THIRDPARTY_DIR . '/jquery-entwine/dist/jquery.entwine-dist.js', FRAMEWORK_ADMIN_DIR . '/javascript/lib.js', FRAMEWORK_ADMIN_DIR . '/javascript/CMSSecurity.js'));
}
/**
* @return void
*/
public function init()
{
parent::init();
$access = new IpAccess($this->getRequest()->getIP());
if (!$access->hasAccess()) {
$access->respondNoAccess($this);
}
if (Config::inst()->get('AdminLogin', 'UseTheme') !== true) {
// this prevents loading frontend css and javscript files
Object::useCustomClass('Page_Controller', 'AdminLoginPage_Controller');
Requirements::css('adminlogin/css/style.css');
}
Object::useCustomClass('MemberLoginForm', 'AdminLoginForm');
}
public function init()
{
parent::init();
if (Config::inst()->get('IpAccess', 'enabled')) {
$ipAccess = new IpAccess($this->owner->getRequest()->getIP(), Config::inst()->get('IpAccess', 'allowed_ips'));
if (!$ipAccess->hasAccess()) {
$reponse = '';
if (class_exists('ErrorPage', true)) {
$response = ErrorPage::response_for(404);
}
return $this->owner->httpError(404, $response ? $response : 'The requested page could not be found.');
}
}
// this prevents loading frontend css and javscript files
Requirements::clear();
Requirements::css('adminlogin/css/style.css');
}
public function init()
{
parent::init();
if (Config::inst()->get('IpAccess', 'enabled')) {
$ipAccess = new IpAccess($this->owner->getRequest()->getIP(), Config::inst()->get('IpAccess', 'allowed_ips'));
if (!$ipAccess->hasAccess()) {
$reponse = '';
if (class_exists('ErrorPage', true)) {
$response = ErrorPage::response_for(404);
}
return $this->owner->httpError(404, $response ? $response : 'The requested page could not be found.');
}
}
if (Config::inst()->get('AdminLogin', 'UseTheme') !== true) {
// this prevents loading frontend css and javscript files
Object::useCustomClass('Page_Controller', 'AdminLoginPage_Controller');
Requirements::css('adminlogin/css/style.css');
}
Object::useCustomClass('MemberLoginForm', 'AdminLoginForm');
}
* DISCLAIMER: This application is for education use only. Installing it on a
* public facing server will expose the server to several security vulnerabilities
* The author takes absolutely no resposibility for any damage that may occur
* from the use or misuse of any of this code.
*
* PHP version 5.3
*
* @category XssBadWebApp
* @package Utilities
* @author Anthony Ferrara <*****@*****.**>
* @copyright 2011 The Authors
* @license http://opensource.org/licenses/bsd-license.php New BSD License
*/
namespace XssBadWebApp\Utilities;
Security::init();
class Security
{
protected static $seed = 'abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789-?/.,)(*^%$#@!~';
public static function init()
{
static::$seed = preg_replace('/\\s/', '', static::$seed);
}
public static function makeRandomString($length = 64)
{
$result = '';
$seedLength = strlen(static::$seed);
for ($i = 0; $i < $length; $i++) {
$result .= static::$seed[mt_rand(0, $seedLength - 1)];
