/** * @private * See http://www.php.net/manual/en/function.strip-tags.php#93567 */ private static function array_strip_tags(&$params) { $tags = cfg_getd('requestparam', 'tagstostrip', false); if (!$tags) { return; } $size = sizeof($tags); $keys = array_keys($tags); $paramsize = sizeof($params); $paramkeys = array_keys($params); for ($j = 0; $j < $paramsize; $j++) { for ($i = 0; $i < $size; $i++) { $tag = $tags[$keys[$i]]; if (is_string($params[$paramkeys[$j]])) { if (stripos($params[$paramkeys[$j]], $tag) !== false) { $params[$paramkeys[$j]] = preg_replace('#</?' . $tag . '[^>]*>#is', '', $params[$paramkeys[$j]]); } } elseif (is_array($params[$paramkeys[$j]])) { Args::array_strip_tags($params[$paramkeys[$j]]); } } } }
/** * Checks if the user has seen and accepted a confirmation. * * See <AjaxAction::Confirm> * @param string $text_base Text base the user confirmed * @return boolean True if user clicked OK */ public static function IsConfirmed($text_base) { if (isset($_SESSION['ajax_confirm'][$text_base]) && $_SESSION['ajax_confirm'][$text_base] == Args::request('confirmed', false)) { return true; } return false; }
/** * Executes the current request. * * This is the second of two essential functions. * It runs the actual execution. If fact it is the only place where you will * find an `echo` in the ScavixWDF code. * @return void */ function system_execute() { session_sanitize(); execute_hooks(HOOK_POST_INITSESSION); // respond to PING requests that are sended to keep the session alive if (Args::request('ping', false)) { session_keep_alive(); execute_hooks(HOOK_PING_RECIEVED); die("PONG"); } // respond to DEBUG requests if ($GLOBALS['CONFIG']['system']['ajax_debug_argument']) { $data = Args::request($GLOBALS['CONFIG']['system']['ajax_debug_argument'], false); if ($data) { logging_add_category("JS"); $data = json_decode($data, true); if (is_array($data) && count($data) > 0) { log_write(Args::request('sev', ''), array_shift($data), $data); } else { log_write(Args::request('sev', ''), $data); } die('"OK"'); } } Args::strip_tags(); global $current_controller, $current_event; list($current_controller, $current_event) = system_parse_request_path(); $current_controller = system_instanciate_controller($current_controller); if (!(system_method_exists($current_controller, $current_event) || system_method_exists($current_controller, '__method_exists') && $current_controller->__method_exists($current_event))) { $current_event = cfg_get('system', 'default_event'); } if (!isset($GLOBALS['wdf_route'])) { $GLOBALS['wdf_route'] = array($current_controller, $current_event); } if (system_method_exists($current_controller, $current_event) || system_method_exists($current_controller, '__method_exists') && $current_controller->__method_exists($current_event)) { $content = system_invoke_request($current_controller, $current_event, HOOK_PRE_EXECUTE); } else { $content = ''; } execute_hooks(HOOK_POST_EXECUTE); @set_time_limit(ini_get('max_execution_time')); system_exit($content, false); }
/** * Detects the browsers culture settings. * * @return CultureInfo The detected culture */ public static function getBrowserCulture() { if (Args::sanitized('culture', false, 'CG')) { return self::getCultureInfo(Args::sanitized('culture', false, 'CG')); } // language detection forced by request (like api calls from client, portal, ...) if (isset($_SERVER['HTTP_FORCE_LANGUAGE'])) { // Prepare the string that looks like this: // ja,en-us;q=0.8,de-de;q=0.6,en;q=0.4,de;q=0.2 $langs = explode(",", $_SERVER['HTTP_FORCE_LANGUAGE']); $parts = array(); foreach ($langs as $k => $v) { $v = explode(";", $v); $w = isset($v[1]) && substr($v[1], 0, 2) == "q=" ? substr($v[1], 2) : 1; $parts[$w * 100] = trim($v[0]); } // check for first valid language foreach ($parts as $k => $v) { if (strlen($v) == 2) { // this is only a language, so get the default region $regions = internal_getRegionsForLanguage($v); $region = $regions[0]; $v = $region->KnownCultures[0]; } $ci = self::getCultureInfo($v); if ($ci) { return $ci; } } } if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { // Prepare the string that looks like this: // ja,en-us;q=0.8,de-de;q=0.6,en;q=0.4,de;q=0.2 $langs = explode(",", $_SERVER['HTTP_ACCEPT_LANGUAGE']); $parts = array(); foreach ($langs as $k => $v) { $v = explode(";", $v); $w = isset($v[1]) && substr($v[1], 0, 2) == "q=" ? substr($v[1], 2) : 1; $parts[$w * 100] = trim($v[0]); } // check for first valid language foreach ($parts as $k => $v) { if (strlen($v) == 2) { // this is only a language, so get the default region $regions = internal_getRegionsForLanguage($v); if ($regions && count($regions) > 0) { $region = $regions[0]; $v = $region->KnownCultures[0]; } else { continue; } } $ci = self::getCultureInfo($v); if ($ci) { return $ci; } } } return false; }