function __construct($ser = NULL, $user = NULL) { parent::__construct(); //echo ( "<br>function LoadPrefs ( $ser=NULL, $user=NULL ) {" ); $this->prefs = new Preferences(); // Make sure that we have the correct server $server = $ser == NULL ? Cfg::get("server") : $ser; // Load up thi s domain information from // the user information If there is no information // in the user, check the alternate domain $sql = "SELECT * FROM tblUser WHERE "; if ($user != NULL) { $sql .= "fldUser='******'"; } else { if ($server != NULL) { $sql .= "'{$server}' LIKE fldDomain"; } } $sql .= " LIMIT 1"; if ($this->_loadUserTable($sql)) { $this->_loadGroupTable(); } else { $sql = "SELECT * FROM tblUser WHERE '{$server}' LIKE fldAltDomain LIMIT 1"; if ($this->_loadUserTable($sql)) { // If it is in the alternate domain the // use these preferences $server = $this->prefs->userPrefs["fldDomain"]; Cfg::set('server', $server); $this->_loadGroupTable(); } } }
public function getRaw($key) { $oldValues = Cfg::turnOffErrorHandling(); eval('$value = $this->formVars' . $key . ';'); if (!isset($value)) { $value = ''; } Cfg::turnOnErrorHandling($oldValues); return $value; }
/** * Generates the html for cron iframe */ public static function iFrame() { $cronUrl = Cfg::get('site_url') . '/cron.php'; $cronHtml = <<<HTML <iframe src="{$cronUrl}" frameboarder="1" scrolling="yes" width="620" height="100"> <p>Your browser does not support iframes.</p> </iframe><br/> HTML; return $cronHtml; }
public static function check() { // If we do not have jackbooted database then have no CSRFGuard if (!Cfg::get('jb_db', false)) { return true; } // If the variable is not there then assume all good if (($csrfKey = Request::get(CSRFGuard::KEY)) == '') { return true; } return self::valid($csrfKey); }
public static function slugRedirect($slug, $menuClasses = null) { foreach (self::getMenuItems($menuClasses) as $menuList) { foreach ($menuList as $row) { if (isset($row['slug']) && $row['slug'] == $slug) { header('Location: ' . Cfg::siteUrl() . '/' . $row['url']); exit; } } } // Default header('Location: ' . Cfg::siteUrl()); exit; }
public static function migrate() { $maxRun = 0; $runItems = []; foreach (DBTable::factory(DB::DEF, 'SELECT * FROM tblMigration') as $row) { if ((int) $row['fldRun'] > $maxRun) { $maxRun = (int) $row['fldRun']; } if (!isset($runItems[$row['fldClass']])) { $runItems[$row['fldClass']] = []; } $runItems[$row['fldClass']][] = $row['fldMethod']; } $maxRun += 1; $html = ''; // Go through all the migration classes foreach (Cfg::get('migration', []) as $migrationClass) { $clazz = new \ReflectionClass($migrationClass); // If new class then just add empty list if (!isset($runItems[$migrationClass])) { $runItems[$migrationClass] = []; } // get a list of methods to run $methodList = []; foreach ($clazz->getMethods() as $method) { if (in_array($method->name, $runItems[$migrationClass])) { continue; } if (strpos($method->name, 'migrate') !== 0) { continue; } // Add the name to the list $methodList[] = $method->name; } // Sort so that it will be date ordered sort($methodList); foreach ($methodList as $method) { if (($result = call_user_func([$migrationClass, $method])) === false) { $html .= "There is a problem running {$migrationClass}::{$method}<br/>\n"; } else { $html .= $result; DB::exec(DB::DEF, 'INSERT INTO tblMigration (fldMigrationID,fldRun,fldClass,fldMethod) VALUES (?,?,?,?)', [DBMaintenance::dbNextNumber(DB::DEF, 'tblMigration'), $maxRun, $migrationClass, $method]); } } } return $html; }
public static function initialize() { $dbType = Cfg::get('local-driver'); switch ($dbType) { case DB::SQLITE: $dbFileName = Cfg::get('local-host'); echo "Checking that the file {$dbFileName} exists\n"; if (file_exists($dbFileName)) { echo "Database exists ({$dbFileName})\n"; } else { echo "Creating empty database\n"; touch($dbFileName); } break; case DB::MYSQL: $fldHostName = Cfg::get('local-host'); $fldDBName = Cfg::get('local-db'); $fldUsername = Cfg::get('local-user'); $fldPassword = Cfg::get('local-pass'); try { $dbh = new \PDO("mysql:host={$fldHostName}", $fldUsername, $fldPassword); $dbh->exec("CREATE DATABASE IF NOT EXISTS {$fldDBName}") or die(print_r($dbh->errorInfo(), true)); } catch (PDOException $e) { die("DB ERROR: " . $e->getMessage()); } break; default: die("Unsupported DB Type: {$dbType}"); } if (count(\Jackbooted\DB\DBMaintenance::getTableList()) == 0) { // Put in the base data $sqlFileName = Cfg::get('tmp_path') . '/base_database.sql'; if (file_exists($sqlFileName)) { echo "Running the commands in {$sqlFileName} against the database\n"; foreach (explode(';', file_get_contents($sqlFileName)) as $statement) { DB::exec(DB::DEF, $statement); } } else { die("Base Database file does not exists ({$sqlFileName}) aborting\n"); } } else { die("Database already seems to be set up."); } echo "audititing Table - AlertsDAO\n"; (new \App\Models\AlertsDAO())->auditTable(); return ''; }
public static function icon($email, $size = 24, $rating = 'PG', $type = null) { if ($type == null) { $type = self::$gravType; } $gHash = md5(strtolower(trim($email))); $tPath = Cfg::get('tmp_path'); $fName = 'GRAV' . $size . $type . $gHash . '.png'; $fPath = $tPath . '/' . $fName; // Locally Caches the gavatar image if (!file_exists($fPath)) { copy(sprintf(self::ICO, self::$URL, $gHash, $size, $rating, $type), $fPath); if (!file_exists($fPath)) { return Tag::img(sprintf(self::ICO, self::$URL, $gHash, $size, $rating, $type)); } } return Tag::img(Cfg::get('site_url') . '/' . basename($tPath) . '/' . $fName); }
public static function init() { self::$log = Log4PHP::logFactory(__CLASS__); self::$encryptionOff = Cfg::get('encrypt_override'); if (!function_exists('mcrypt_get_key_size')) { self::$encryptionOff = true; } // The IV is session specific. See if the key has been set in the session if (isset($_SESSION[G::SESS][G::CRYPTO])) { self::$randKey = md5($_SESSION[G::SESS][G::CRYPTO]); } else { self::$randKey = md5(self::RAND_KEY); self::$log->warn('Using the default key for crypto'); } if (!self::$encryptionOff) { self::$algortithm = Cfg::get('quercus', false) ? MCRYPT_TRIPLEDES : MCRYPT_RIJNDAEL_256; } self::$instance = new Cryptography(self::$randKey); }
static function library($lib, $force = false) { if (!$force && isset(self::$displayedLibraries[$lib])) { return ''; } self::$displayedLibraries[$lib] = true; if (!preg_match('/^http(s)?:\\/\\/.*$/i', $lib)) { $lib = Cfg::get('js_url') . '/' . $lib; } if (preg_match('/^.*\\.js$/i', $lib) || preg_match('/^.*\\jsapi$/i', $lib)) { return Tag::hTag('script', ['type' => 'text/javascript', 'src' => $lib]) . Tag::_hTag('script') . self::$LF; } else { if (preg_match('/^.*\\.css$/i', $lib)) { $attribs = ['type' => 'text/css', 'href' => $lib, 'rel' => 'stylesheet']; if (preg_match('/^.*\\.print\\.css$/i', $lib)) { $attribs['media'] = 'print'; } return Tag::hTag('link', $attribs) . Tag::_hTag('link') . self::$LF; } else { return ''; } } }
public static function access($action = null) { if (!Cfg::get('check_priviliages')) { return true; } if ($action == null) { $action = Request::get(WebPage::ACTION); } if (isset(self::$cache[$action])) { return self::$cache[$action]; } if (($priviliagesIDs = self::getPriviliageIDs($action)) === false) { self::$log->warn('No priviliages found for action: ' . $action); return self::$cache[$action] = true; } $uid = G::get('fldUserID', '0'); $groupIDs = self::getGroupIDs($uid); $params = []; $privIdIn = DB::in($priviliagesIDs, $params); $params[] = $uid; $params[] = (int) G::get('fldLevel', 7); $groupIn = DB::in($groupIDs, $params); $now = time(); $sql = <<<SQL SELECT count(*) FROM tblSecPrivUserMap WHERE fldPrivilegeID IN ( {$privIdIn} ) AND ( fldStartDate=0 OR fldStartDate < {$now} ) AND ( fldEndDate=0 OR fldEndDate > {$now} ) AND ( ( fldUserID IS NOT NULL AND fldUserID<>'' AND fldUserID=? ) OR ( fldLevelID IS NOT NULL AND fldLevelID<>'' AND fldLevelID>=? ) OR fldGroupID IN ( {$groupIn} ) ) SQL; if (DB::oneValue(DB::DEF, $sql, $params) > 0) { return self::$cache[$action] = true; } return self::canLogin($priviliagesIDs); }
public function index($tName = '') { if (($tableName = Request::get('tblName', $tName)) == '') { return ''; } $crud = CRUD::factory($tableName, ['topPager' => false])->copyVarsFromRequest('tblName'); if (preg_match('/^tblMod([A-Z]+[a-z]+)/', $tableName, $matches)) { foreach (Cfg::get('modules', []) as $moduleClass) { eval($moduleClass . '::' . Module::CRUD_MOD . '($crud);'); } } else { switch ($tableName) { case 'tblNextNumber': $crud->setColDisplay('fldTable', [CRUD::SELECT, DBMaintenance::getTableList(), true]); break; case 'tblSecPrivUserMap': $userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_MYSQL; $crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]); $crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]); $crud->setColDisplay('fldPrivilegeID', [CRUD::SELECT, Admin::PRIV_SQL, true]); $crud->setColDisplay('fldLevelID', [CRUD::SELECT, Admin::LEVEL_SQL]); break; case 'tblUserGroupMap': $userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_SQLITE; $crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]); $crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]); break; case 'tblUser': $crud->setColDisplay('fldLevel', [CRUD::SELECT, Admin::LEVEL_SQL]); $crud->setColDisplay('fldTimeZone', [CRUD::SELECT, Admin::TZ_SQL]); break; } } $resp = Response::factory()->set('tblName', $tableName); return Tag::hTag('b') . 'Editing Table: ' . $tableName . Tag::_hTag('b') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->csv()'), 'CSV') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->xls()'), 'XLS') . $crud->index(); }
public static function getTempDir() { if (preg_match('/^(RADWEB|JACKBOOTWEB).*$/', Cfg::get('version'))) { $tmpDir = Cfg::get('tmp_path'); } else { $tmpDir = '/tmp'; if (function_exists('sys_get_temp_dir')) { $tmpDir = sys_get_temp_dir(); } else { foreach (['TMP', 'TEMP', 'TMPDIR'] as $envVar) { if (($temp = getenv($envVar)) !== false) { $tmpDir = $temp; break; } } } } // ensure that there is no trailing slash (Standard) $lastChar = substr($tmpDir, -1); if ($lastChar == '/' || $lastChar == '\\') { $tmpDir = substr($tmpDir, 0, -1); } return $tmpDir; }
<?php /** config.php - This file loads the various configuration options ** ** Written by Brett Dutton of Jackbooted Software ** brett@brettdutton.com ** ** This software is written and distributed under the GNU General Public ** License which means that its source code is freely-distributed and ** available to the general public. ** **/ // Create the $config array $config = []; require_once dirname(__FILE__) . '/config.default.php'; require_once dirname(__FILE__) . '/config.local.php'; // Environment overrides not in version control if (file_exists(dirname(__FILE__) . '/config.env.php')) { require_once dirname(__FILE__) . '/config.env.php'; } require_once $config['site_path'] . '/vendor/jackbooted/config/Cfg.php'; \Jackbooted\Config\Cfg::init($config); // If you want to set everything as global scope then uncheck this // \Jackbooted\Config\Config::setOverrideScope( \Jackbooted\Config\Config::GLOBAL_SCOPE );
public function sendPW() { $sql = 'SELECT fldUserID FROM tblUser WHERE fldUser=?'; if (($id = DB::oneValue(DB::DEF, $sql, Request::get('fldEmail'))) === false) { $msg = 'This email does not exist on this system.<br>' . 'Either choose a new email address or register as new customer.' . $this->forgotPassword(); } else { $pw = Password::passGen(10, Password::MEDIUM); if (DB::driver() == DB::MYSQL) { $sql = 'UPDATE tblUser SET fldPassword=PASSWORD(?) WHERE fldUserID=?'; DB::exec(DB::DEF, $sql, [$pw, $id]); } else { $sql = 'UPDATE tblUser SET fldPassword=? WHERE fldUserID=?'; DB::exec(DB::DEF, $sql, [hash('md5', $pw), $id]); } // Update the Database with the new Password combo $boss = Cfg::get('boss'); $desc = Cfg::get('desc'); // create the email message to notify about a password request $body = '<h3>User requested password<br>Email: <b>%s</b></h3><br>From %s'; Mailer::envelope()->format(Mailer::HTML_TEXT)->from(Request::get('fldEmail'))->to($boss)->subject('User requested password')->body(sprintf($body, Request::get('fldEmail'), $desc))->send(); $body = <<<TXT Message from %s Here are your login details Password: %s Regards %s TXT; // create the email message to notify the user of his/her login details Mailer::envelope()->from($boss)->to(Request::get('fldEmail'))->subject('Login Request ' . $desc)->body(sprintf($body, $desc, $pw, $desc))->send(); $msg = 'Soon you will receive an email that will contain your login details.'; } return Widget::popupWrapper($msg, -1); }
public static function setErrorLevel() { $errMode = self::get('jb_error_mode'); $level = $errMode ? E_ALL | E_STRICT : 0; error_reporting($level); ini_set('display_errors', $errMode ? '1' : '0'); if (Cfg::get('quercus', false)) { set_error_handler([__CLASS__, 'errorHandler'], $level); } self::$errorLevel = $level; }
public function version() { return Cfg::get('build_version', 'No Version info'); }
private static function connectionFactoryFromString($db) { if (isset(self::$connections[$db])) { self::$lastDB = self::$connections[$db]; return self::$lastDB; } else { $dbConnection = ['hostname' => Cfg::get($db . '-host'), 'dbname' => Cfg::get($db . '-db'), 'username' => Cfg::get($db . '-user'), 'password' => Cfg::get($db . '-pass'), 'options' => Cfg::get($db . '-options', ''), 'driver' => Cfg::get($db . '-driver', 'mongodb')]; if ($dbConnection['hostname'] != '') { return self::connectionFactoryFromArray($dbConnection); } else { self::logErrorMessage('Unknown DB: ' . $db); return false; } } }
public function index() { $sitePath = Cfg::get('site_path'); $sitePathLen = strlen($sitePath); $resp = Response::factory()->action(__CLASS__ . '->zoom()'); $html = Tag::ul(); foreach ($this->findImages($sitePath) as $item) { $relItemName = substr($item, $sitePathLen); $html .= Tag::li() . Tag::hRef('?' . $resp->set('url', $relItemName)->toUrl(), $relItemName) . Tag::_li(); } $html .= Tag::_ul(); return $html; }
public function fileChecksumRebase() { DB::exec(DB::DEF, 'TRUNCATE tblFileCheck'); $dirList = PHPExt::dirSearch(Cfg::get('site_path'), '/^[^_].*$/'); $len = strlen(Cfg::get('site_path')) + 1; $fileCount = 0; foreach ($dirList as $fullPath) { $fileCount++; DB::exec(DB::DEF, 'INSERT INTO tblFileCheck VALUES(?,?,?,?)', [DBMaintenance::dbNextNumber(DB::DEF, 'tblFileCheck'), substr($fullPath, $len), filesize($fullPath), sha1_file($fullPath)]); } return "Updated {$fileCount} files<br/>" . $this->fileChecksum(); }
/** * Check to see if there is class level initialisation and then runs it * Need this because PHP does not have static initialisation yet * @param string $className to initialise */ private static function runClassInitialization($className) { if (Cfg::get('quercus', false)) { @eval($className . '::' . self::STATIC_INIT . '();'); } else { if (method_exists($className, self::STATIC_INIT)) { $classLevelInit = [$className, self::STATIC_INIT]; call_user_func($classLevelInit); } } }
/** * @param $row * @return bool|mixed */ public function insert($row, $insertMethod = 'INSERT') { $row = $this->objToRel($row); // This allows for dummy columns to be part of the object without the // DAO automatically accessing them in the queries. if ($this->ignoreCols != null) { foreach ($this->ignoreCols as $ignoreCol) { unset($row[$ignoreCol]); } } if (Cfg::get('jb_db', false)) { $pKey = DBMaintenance::dbNextNumber($this->db, $this->tableName); $row[$this->primaryKey] = $pKey; } $keys = array_keys($row); $values = array_values($row); $sql = $insertMethod . ' INTO ' . $this->tableName . ' (' . join(',', $keys) . ') VALUES (' . DB::in($values) . ')'; if (DB::exec($this->db, $sql, $values) != 1) { return false; } if (!Cfg::get('jb_db', false)) { $pKey = DB::lastInsertId($this->db); } return $pKey; }
public function imageUrl() { $resp = new Response(); $url = Cfg::siteUrl() . '/ajax.php?' . Response::factory()->action(__CLASS__ . '::img()')->set('_CP1', $this->value)->set('_CP4', $this->hatch)->toUrl(Response::UNIQUE_CSRF); return $url; }
protected function insertRows() { $rowsToInsert = (int) Request::get('rows'); $insertedCnt = 0; for ($i = 0; $i < $rowsToInsert; $i++) { $params = array_merge($this->insDefaults, $this->where); $paramValues = null; if (Cfg::get('jb_db', false)) { $params[$this->primaryKey] = DBMaintenance::dbNextNumber($this->db, $this->tableName); } $sql = 'INSERT INTO ' . $this->tableName; if (count($params) > 0) { $sql .= ' (' . join(',', array_keys($params)) . ') ' . 'VALUES (' . DB::in(array_values($params), $paramValues) . ')'; } $insertedCnt += $this->exec($sql, $paramValues); } if ($insertedCnt > 0) { $this->paginator->setRows($this->getRowCount()); } return 'Inserted ' . $insertedCnt . ' row' . StringUtil::plural($insertedCnt) . Tag::br(); }
public static function driver($dbh = self::DEF) { return Cfg::get($dbh . '-driver'); }
public function editAccount() { $resp = new Response(); $uid = G::get('fldUserID'); $html = ''; $props = []; $jsUrl = Cfg::get('js_url'); $jQuery = <<<JS \$().ready(function() { \$('a.facebox').facebox({closeImage: '{$jsUrl}/images/closelabel.png', loadingImage: '{$jsUrl}/images/loading.gif' }); }); JS; $userSql = DB::driver() == DB::MYSQL ? self::USER_SQL_MYSQL : self::USER_SQL_SQLITE; if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) { $uid = Request::get('fldUserID', G::get('fldUserID')); $props['where'] = ['fldUserID' => G::get('fldUserID')]; $html .= Tag::form() . $resp->action(sprintf('%s->%s()', __CLASS__, __FUNCTION__))->toHidden() . Tag::table() . Tag::tr() . Tag::th() . 'User to edit' . Tag::_th() . Tag::td() . Lists::select('fldUserID', $userSql, ['onChange' => 'submit()', 'default' => $uid]) . Tag::_td() . Tag::_tr() . Tag::_table() . Tag::_form(); } $formName = 'Admin_editAccount'; $valid = Validator::factory($formName)->addEqual('fldPassword', 'fldPassword_CHK', 'Your passwords do not match')->addLength('fldPassword', 'Password must be at least 6 characters', 6, null, true)->addExists('fldFirstName', 'You must enter your first name')->addExists('fldLastName', 'You must enter your last name'); $row = DB::oneRow(DB::DEF, 'SELECT * FROM tblUser WHERE fldUserID=?', $uid); $html .= '<h2>Edit User Account</h2>' . $valid->toHtml() . Tag::form(['name' => $formName, 'onSubmit' => $valid->onSubmit()]) . $resp->action(sprintf('%s->%sSave()', __CLASS__, __FUNCTION__))->set('fldUserID', $uid)->toHidden() . Tag::table(); $html .= Tag::tr() . Tag::td() . Tag::table() . Tag::tr() . Tag::td() . 'User Name/Email' . Tag::_td() . Tag::td() . Tag::text('fldUser', $row['fldUser']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Old Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword_OLD') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Confirm Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword_CHK') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Title' . Tag::_td() . Tag::td() . Tag::text('fldSalutation', $row['fldSalutation']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'First Name' . Tag::_td() . Tag::td() . Tag::text('fldFirstName', $row['fldFirstName']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Last Name' . Tag::_td() . Tag::td() . Tag::text('fldLastName', $row['fldLastName']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Time Zone' . Tag::_td() . Tag::td() . Lists::select('fldTimeZone', self::TZ_SQL, ['default' => $row['fldTimeZone']]) . Tag::_td() . Tag::_tr(); if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) { $html .= Tag::tr() . Tag::td() . 'Security Level' . Tag::_td() . Tag::td() . Lists::select('fldLevel', self::LEVEL_SQL, ['default' => $row['fldLevel']]) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Login Fails' . Tag::_td() . Tag::td() . Tag::text('fldFails', $row['fldFails']) . Tag::_td() . Tag::_tr(); } else { $html .= Tag::tr() . Tag::td() . 'Security Level' . Tag::_td() . Tag::td() . Privileges::getSecurityLevel($row['fldLevel']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Login Fails' . Tag::_td() . Tag::td() . $row['fldFails'] . Tag::_td() . Tag::_tr(); } $html .= Tag::tr() . Tag::td(['colspan' => 2]) . Tag::submit('Save') . Tag::_td() . Tag::_tr(); if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) { $html .= Tag::tr() . Tag::td(['colspan' => 2]) . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->newUser()')->toUrl(), 'Create New User', ['class' => 'facebox']) . Tag::_td() . Tag::_tr(); } $html .= Tag::_table() . Tag::_td() . Tag::td(['valign' => 'top', 'align' => 'center']) . Tag::table() . Tag::tr() . Tag::td(['valign' => 'top', 'align' => 'center']) . Gravatar::icon($row['fldUser'], 128) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . Tag::linkButton(Gravatar::getURL(), 'Change Picture', ['target' => '_blank', 'title' => 'your gravatar is associated with your email address ' . $row['fldUser'] . ' (up to 24 hrs to change)']) . Tag::_td() . Tag::_tr(); if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN')) && $uid != G::get('fldUserID')) { $name = $row['fldFirstName'] . ' ' . $row['fldLastName']; $html .= Tag::tr() . Tag::td() . Tag::linkButton('?' . $resp->action(__CLASS__ . '->loginAs()')->set('fldUser', $row['fldUser'])->toUrl(), 'Login as this User', ['title' => "Login as this user ({$name})"]) . Tag::_td() . Tag::_tr(); } $html .= Tag::_table() . Tag::_td() . Tag::_tr() . Tag::_table() . Tag::_form(); return JS::library(JS::JQUERY) . JS::libraryWithDependancies(JS::FACEBOX) . JS::javaScript($jQuery) . $html; }
public function __call($name, $arguments) { $fName = Cfg::get('site_path') . '/' . $name . '.html'; if (file_exists($fName)) { return file_get_contents($fName); } else { return 'Unknown Method Call: ' . $name; } }
/** Function to set a Cookie * @param $s The name of the Cookie * @param $val The value of the Cookie * @public */ public static function set($key, $val) { setcookie($key, self::$crypto->encrypt($val), time() + self::$timeout, Cfg::get('cookie_path', '/')); }
public static function check(Request $request) { if (($formVarLen = $request->count()) == 0) { return true; } foreach ($request as $key => $val) { if (in_array($key, self::$knownFields)) { $formVarLen--; } } if ($formVarLen <= 0) { return true; } if (($checksum = $request->getVar(self::CHECKSUM)) == '') { $request->clear(); if (Cfg::get('jb_tamper_detail', false)) { return 'Checksum Variable Missing from the request.'; } else { self::$log->error('Checksum Variable Missing from the request: ' . $_SERVER['SCRIPT_NAME']); return false; } } else { if (!is_array($checksum)) { $request->clear(); if (Cfg::get('jb_tamper_detail', false)) { return 'Checksum Variable not an array.'; } else { self::$log->error('Checksum Variable not an array: ' . $_SERVER['SCRIPT_NAME']); return false; } } else { if (count($checksum) != 2) { $request->clear(); if (Cfg::get('jb_tamper_detail', false)) { return 'Checksum Variable not 2 elements.'; } else { self::$log->error('Checksum Variable not 2 elements: ' . $_SERVER['SCRIPT_NAME']); return false; } } else { if (!empty($checksum[0])) { $keys = explode(',', $checksum[0]); $allVariablesJoined = $checksum[0]; foreach ($keys as $key) { $allVariablesJoined .= $request->getRaw($key); } } else { $allVariablesJoined = ''; } if (md5($allVariablesJoined) != $checksum[1]) { $request->clear(); if (Cfg::get('jb_tamper_detail', false)) { return 'Checksum failed md5(' . $allVariablesJoined . ')<>' . $checksum[1]; } else { self::$log->error('The checksum has failed. The request variables have been tampered: ' . $_SERVER['SCRIPT_NAME']); return false; } self::$log->error('The checksum has failed. The request variables have been tampered. ' . $_SERVER['SCRIPT_NAME']); } else { return true; } } } } }
?> </td> <td width="100%" align="center"> © <?php echo date('Y'); ?> . Created by <a href="<?php echo Cfg::get('site_url'); ?> "><?php echo Cfg::get('title'); ?> </a> <?php echo Cfg::get('copyright'); ?> </td> <td nowrap="nowrap" align="right"> <?php echo $pageTimer->logLoadTime(); ?> </td> </tr> </table> </td> </tr> </table> <?php /* <script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/bootstrap.min.js"></script> */ ?>