function SSO_OutputHeartbeat() { global $sso_db, $sso_db_temp_sessions, $sso_sessionrow, $sso_session_info, $sso_indexphp; if ($sso_session_info["initmsg"] != "" || $sso_session_info["files"]) { $sso_session_info["initmsg"] = ""; $sso_session_info["files"] = 0; SSO_SaveSessionInfo(); } if ($sso_sessionrow->heartbeat > 0) { $sso_db->Query("UPDATE", array($sso_db_temp_sessions, array("updated" => CSDB::ConvertToDBTime(time())), array("heartbeat" => "heartbeat - 1"), "WHERE" => "id = ? AND heartbeat > 0"), $sso_sessionrow->id); } ?> <script type="text/javascript"> if (typeof(window.jQuery) == 'undefined') { document.write('<' + 'script type="text/javascript" src="<?php echo htmlspecialchars(SSO_ROOT_URL . "/" . SSO_SUPPORT_PATH . "/jquery-1.11.0.min.js"); ?> " /' + '><' + '/script' + '>'); document.write('<' + 'script type="text/javascript"' + '>jQuery.noConflict();<' + '/script' + '>'); } </script> <script type="text/javascript"> function SSO_Heartbeat() { jQuery('#sso_heartbeat').load('<?php echo SSO_ROOT_URL . "/" . $sso_indexphp; ?> ', { 'sso_ajax' : 1, 'sso_id' : '<?php echo htmlspecialchars(BB_JSSafe($_REQUEST["sso_id"])); ?> ', 'sso_action' : 'sso_heartbeat' }); } jQuery(function() { setInterval(SSO_Heartbeat, 3300000); }); </script> <div id="sso_heartbeat" style="display: none;"></div> <?php }
private function DisplaySignup($userinfo, $admin) { global $sso_target_url; $data = @json_decode(@file_get_contents(SSO_ROOT_PATH . "/" . SSO_SUPPORT_PATH . "/sms_mms_gateways.txt")); if (is_object($data)) { $info = $this->GetInfo(); if ($admin) { $options = array("" => "None"); $country = $info["first"]; if ($country != "" && isset($data->countries->{$country}) && isset($data->sms_carriers->{$country})) { $options2 = array(); foreach ($data->sms_carriers->{$country} as $key => $item) { $options2[$country . "-" . $key] = $item[0]; } $options[$data->countries->{$country}] = $options2; unset($data->sms_carriers->{$country}); } foreach ($data->sms_carriers as $country => $items) { $options2 = array(); foreach ($items as $key => $item) { $options2[$country . "-" . $key] = $item[0]; } $options[$data->countries->{$country}] = $options2; } $result = array(array("title" => "Mobile Phone Number", "type" => "text", "name" => "sso_login_sms_recovery_phone", "value" => BB_GetValue("sso_login_sms_recovery_phone", ""), "desc" => "Optional. Can be used to recover access to this account."), array("title" => "Mobile Phone Carrier", "type" => "select", "name" => "sso_login_sms_recovery_carrier", "options" => $options, "select" => BB_GetValue("sso_login_sms_recovery_carrier", ""), "desc" => "Required when Mobile Phone Number is specified.")); return $result; } else { $carrier = SSO_FrontendFieldValue($userinfo !== false ? "sso_login_sms_recovery_carrier_update" : "sso_login_sms_recovery_carrier", $userinfo !== false && isset($userinfo["sso_sms_recovery"]) ? $userinfo["sso_sms_recovery"]["carrier"] : ""); ?> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Your Mobile Phone Number")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text sso_login_changehook_smsrecovery" type="text" name="<?php echo SSO_FrontendField($userinfo !== false ? "sso_login_sms_recovery_phone_update" : "sso_login_sms_recovery_phone"); ?> " value="<?php echo htmlspecialchars(SSO_FrontendFieldValue($userinfo !== false ? "sso_login_sms_recovery_phone_update" : "sso_login_sms_recovery_phone", $userinfo !== false && isset($userinfo["sso_sms_recovery"]) ? $userinfo["sso_sms_recovery"]["phone"] : "")); ?> " /></div> <div class="sso_main_formdesc"><?php echo htmlspecialchars(BB_Translate("Optional. Can be used to recover access to this account.")); ?> </div> </div> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Your Mobile Phone Carrier")); ?> </div> <div class="sso_main_formdata"><select class="sso_main_dropdown sso_login_changehook_smsrecovery" name="<?php echo SSO_FrontendField($userinfo !== false ? "sso_login_sms_recovery_carrier_update" : "sso_login_sms_recovery_carrier"); ?> "> <option value=""<?php if ($carrier == "") { echo " selected"; } ?> ><?php echo htmlspecialchars(BB_Translate("None")); ?> </option> <?php $country = $info["first"]; if ($country != "" && isset($data->countries->{$country}) && isset($data->sms_carriers->{$country})) { ?> <optgroup label="<?php echo htmlspecialchars(BB_Translate($data->countries->{$country})); ?> "> <?php foreach ($data->sms_carriers->{$country} as $key => $item) { $select = $country . "-" . $key; ?> <option value="<?php echo htmlspecialchars($select); ?> "<?php if ($carrier == $select) { echo " selected"; } ?> ><?php echo htmlspecialchars(BB_Translate($item[0])); ?> </option> <?php } ?> </optgroup> <?php unset($data->sms_carriers->{$country}); } foreach ($data->sms_carriers as $country => $items) { ?> <optgroup label="<?php echo htmlspecialchars(BB_Translate($data->countries->{$country})); ?> "> <?php foreach ($items as $key => $item) { $select = $country . "-" . $key; ?> <option value="<?php echo htmlspecialchars($select); ?> "<?php if ($carrier == $select) { echo " selected"; } ?> ><?php echo htmlspecialchars(BB_Translate($item[0])); ?> </option> <?php } ?> </optgroup> <?php } ?> </select></div> <div class="sso_main_formresult sso_sms_recovery_result"></div> </div> <script type="text/javascript"> var SSO_SendFields_SMSRecovery_data = {}; function SSO_SendFields_SMSRecovery() { var found = false; jQuery('.sso_login_changehook_smsrecovery').each(function() { if (SSO_SendFields_SMSRecovery_data[this.name] != jQuery(this).val()) { SSO_SendFields_SMSRecovery_data[this.name] = jQuery(this).val(); found = true; } }); if (found) { jQuery('.sso_sms_recovery_result').html('<div class="sso_main_formchecking"><?php echo BB_JSSafe(BB_Translate("Checking...")); ?> </div>'); jQuery('.sso_sms_recovery_result').load('<?php echo BB_JSSafe($userinfo !== false ? $sso_target_url . "&sso_login_action=update_info&sso_v=" . urlencode($_REQUEST["sso_v"]) . "&sso_ajax=1" : $sso_target_url . "&sso_login_action=signup_check&sso_ajax=1"); ?> ', SSO_SendFields_SMSRecovery_data); } } jQuery(function() { jQuery('.sso_login_changehook_smsrecovery').each(function() { SSO_SendFields_SMSRecovery_data[this.name] = jQuery(this).val(); }); jQuery('.sso_login_changehook_smsrecovery').change(SSO_SendFields_SMSRecovery); jQuery('select.sso_login_changehook_smsrecovery').keyup(SSO_SendFields_SMSRecovery); }); </script> <?php } } }
public function ProcessBBAction() { global $bb_widget, $bb_widget_id, $bb_account, $bb_revision_num, $g_bb_content_shortcodes, $g_bb_content_security, $g_bb_content_security_path; if (!BB_IsMemberOfPageGroup("_p")) { exit; } if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_content_configure_security_submit") { BB_RunPluginAction("pre_bb_content_configure_security_submit"); // Rebuild the security context array. $g_bb_content_security = array(); foreach ($g_bb_content_shortcodes as $sname => $info) { if (isset($info["security"])) { foreach ($info["security"] as $key => $desc) { $key2 = $sname . "|" . $key; if (isset($_REQUEST[$key2]) && $_REQUEST[$key2] != "" && ($_REQUEST[$key2] == "content" || $_REQUEST[$key2] == "design" || $_REQUEST[$key2] == "dev")) { if (!isset($g_bb_content_security[$sname])) { $g_bb_content_security[$sname] = array(); } $g_bb_content_security[$sname][$key] = $_REQUEST[$key2]; } } } } // Save security contexts. $data = "<" . "?php\n\t\$g_bb_content_security = " . BB_CreatePHPStorageData($g_bb_content_security) . ";\n?" . ">"; if (BB_WriteFile($g_bb_content_security_path, $data) === false) { BB_PropertyFormError("Unable to save the shortcode security options."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Global shortcode security options updated.")); ?> </div> <script type="text/javascript"> window.parent.CloseProperties(); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_content_configure_security_submit"); } else { if ($bb_account["type"] == "dev" && $_REQUEST["bb_action"] == "bb_content_configure_security") { BB_RunPluginAction("pre_bb_content_configure_security"); $options = array("title" => "Configure Global Shortcode Security", "desc" => "Configure the global shortcode display options based on login account type.", "fields" => array(), "submit" => "Save", "focus" => true); foreach ($g_bb_content_shortcodes as $sname => $info) { if (isset($info["security"])) { foreach ($info["security"] as $key => $desc) { if ($key == "") { $options["fields"][] = array("title" => $desc[0], "type" => "select", "name" => $sname . "|" . $key, "options" => array("dev" => "Developers only", "design" => "Developers and Web Designers", "content" => "Everyone"), "select" => isset($g_bb_content_security[$sname]) && isset($g_bb_content_security[$sname][$key]) ? $g_bb_content_security[$sname][$key] : "", "desc" => $desc[1]); } else { $options["fields"][] = array("title" => $desc[0], "type" => "select", "name" => $sname . "|" . $key, "options" => array("" => "None", "content" => "Content Editors only", "design" => "Web Designers and Content Editors", "dev" => "Everyone"), "select" => isset($g_bb_content_security[$sname]) && isset($g_bb_content_security[$sname][$key]) ? $g_bb_content_security[$sname][$key] : "", "desc" => $desc[1]); } } } } BB_RunPluginActionInfo("bb_content_configure_security_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_content_configure_security"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_load") { BB_RunPluginAction("pre_bb_content_edit_load"); if (isset($bb_widget->body)) { echo rawurlencode(UTF8::ConvertToHTML($bb_widget->body)); } else { echo rawurlencode("<p></p>"); } BB_RunPluginAction("post_bb_content_edit_load"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_save") { BB_RunPluginAction("pre_bb_content_edit_save"); $options = array("shortcodes" => true, "shortcode_placeholder" => "bb_content_shortcode_placeholder", "shortcode_ids" => array()); $shortcodes = $bb_widget->shortcodes; $base = "wid_" . htmlspecialchars($bb_widget_id) . "_"; foreach ($shortcodes as $num => $shortcode) { $options["shortcode_ids"][$base . $num] = isset($shortcode["_sn"]) && isset($g_bb_content_shortcodes[$shortcode["_sn"]]) ? htmlspecialchars($g_bb_content_shortcodes[$shortcode["_sn"]]["mainicon"]) : ""; } $bb_widget->body = BB_HTMLPurifyForWYMEditor($_REQUEST["content"], $options); if (!$this->RegenerateContent(true)) { echo htmlspecialchars(BB_Translate("Unable to save content. Try again.")); } else { echo "OK\n"; echo "<script type=\"text/javascript\">ReloadIFrame();</script>"; } BB_RunPluginAction("post_bb_content_edit_save"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_add_shortcode" && BB_IsSecExtraOpt("sname")) { BB_RunPluginAction("pre_bb_content_edit_add_shortcode"); if (!isset($_REQUEST["sname"]) || !isset($g_bb_content_shortcodes[$_REQUEST["sname"]])) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Shortcode handler not found."))); ?> '); </script> <?php } else { if (!$this->IsShortcodeAllowed($_REQUEST["sname"], "")) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Shortcode access denied."))); ?> '); </script> <?php } else { $sname = $_REQUEST["sname"]; $sid = count($bb_widget->shortcodes); $bb_widget->shortcodes[] = array("_sn" => $sname, "_id" => $sid); if (!BB_SaveLangPage($bb_revision_num)) { ?> <script type="text/javascript"> alert('<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Unable to add a new %s.", $g_bb_content_shortcodes[$sname]["name"]))); ?> '); </script> <?php } else { ?> <script type="text/javascript"> InsertWYMEditorContent('contenteditor', 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> ', '<img id="wid_<?php echo BB_JSSafe($bb_widget_id); ?> _<?php echo $sid; ?> " class="bb_content_shortcode_placeholder" src="<?php echo htmlspecialchars(BB_JSSafe($g_bb_content_shortcodes[$sname]["mainicon"])); ?> " />'); </script> <?php } } } BB_RunPluginAction("post_bb_content_edit_add_shortcode"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit_edit_shortcode" && (!isset($_REQUEST["sc_action"]) || BB_IsSecExtraOpt("sid") && BB_IsSecExtraOpt("sc_action"))) { BB_RunPluginAction("pre_bb_content_edit_edit_shortcode"); if (!isset($_REQUEST["sid"])) { BB_PropertyFormLoadError("Shortcode ID not specified."); } $sid = $_REQUEST["sid"]; $pos = strrpos($sid, "_"); if ($pos !== false) { $sid = substr($sid, $pos + 1); } $sid = (int) $sid; if (!isset($bb_widget->shortcodes[$sid]) || !isset($bb_widget->shortcodes[$sid]["_sn"])) { BB_PropertyFormLoadError("Invalid shortcode ID."); } $sname = $bb_widget->shortcodes[$sid]["_sn"]; if (!isset($g_bb_content_shortcodes[$sname])) { BB_PropertyFormLoadError("Shortcode handler not found."); } if (!$this->IsShortcodeAllowed($sname, "")) { BB_PropertyFormLoadError("Shortcode access denied."); } if (!isset($_REQUEST["sc_action"])) { $_REQUEST["sc_action"] = $sname . "_configure"; } $shortcode = "bb_content_shortcode_" . $sname; $shortcode = new $shortcode(); $this->currsid = $sid; $shortcode->ProcessShortcodeBBAction($this); BB_RunPluginAction("post_bb_content_edit_edit_shortcode"); } else { if ($_REQUEST["bb_action"] == "bb_content_edit") { BB_RunPluginAction("pre_bb_content_edit"); ?> <script type="text/javascript"> html = '<style type="text/css">\n'; <?php foreach ($g_bb_content_shortcodes as $sname => $info) { $sname2 = preg_replace('/[^A-Za-z0-9_]/', "_", trim($sname)); ?> html += '.wym_skin_barebones .wym_buttons li.wym_tools_custom_<?php echo htmlspecialchars(BB_JSSafe($sname2)); ?> a { background-image: url(<?php echo htmlspecialchars(BB_JSSafe($info["toolbaricon"])); ?> ); background-repeat: no-repeat; }\n'; <?php } ?> html += '</style>\n'; $("head").append(html); window.bb_content_WYMEditorPostInit = function(eid, id, wym) { <?php foreach ($g_bb_content_shortcodes as $sname => $info) { if ($this->IsShortcodeAllowed($sname, "")) { $sname2 = preg_replace('/[^A-Za-z0-9_]/', "_", trim($sname)); ?> var html = '<li class="wym_tools_custom_<?php echo htmlspecialchars(BB_JSSafe($sname2)); ?> "><a name="<?php echo htmlspecialchars(BB_JSSafe($info["name"])); ?> " href="#"><?php echo htmlspecialchars(BB_JSSafe($info["name"])); ?> </a></li>'; $(wym._box).find(wym._options.toolsSelector + wym._options.toolsListSelector).append(html); $(wym._box).find('li.wym_tools_custom_<?php echo BB_JSSafe($sname2); ?> a').click(function() { $('#' + eid + '_loader').load(Gx__URLBase, <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_add_shortcode", array("sname" => $sname), true); ?> ); return false; }); <?php } } ?> $(wym._doc).bind('dblclick', function(e) { if (e.target.tagName == 'IMG' && $(e.target).hasClass('bb_content_shortcode_placeholder') && typeof(e.target.id) == 'string' && e.target.id != '') { window.parent.LoadProperties({ 'bb_action' : 'bb_content_edit_edit_shortcode', 'wid' : '<?php echo BB_JSSafe($bb_widget_id); ?> ', 'sid' : e.target.id, 'bbt' : '<?php echo BB_JSSafe(BB_CreateSecurityToken("bb_content_edit_edit_shortcode", $bb_widget_id)); ?> ' }); } }); } if (typeof(window.parent.CreateWYMEditorInstance) != 'function') { window.bb_content_ClosedAllContent = function(eid) { setTimeout(function() { DestroyWYMEditorInstance(eid); $('#' + eid).hide(); }, 250); } } window.parent.LoadConditionalScript(Gx__RootURL + '/' + Gx__SupportPath + '/editcontent.js?_=20090725', true, function(loaded) { return ((!loaded && typeof(window.CreateWYMEditorInstance) == 'function') || (loaded && !IsConditionalScriptLoading())); }, function(params) { $('#contenteditor').show(); var fileopts = { loadurl : Gx__URLBase, loadparams : <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_load", array(), true); ?> , id : 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> ', display : '<?php echo BB_JSSafe($bb_widget->_f); ?> ', saveurl : Gx__URLBase, saveparams : <?php echo BB_CreateWidgetPropertiesJS("bb_content_edit_save", array(), true); ?> , wymtoolbar : 'bold,italic,superscript,subscript,pasteword,undo,redo,createlink,unlink,insertorderedlist,insertunorderedlist,indent,outdent', wymeditorpostinit : bb_content_WYMEditorPostInit }; var editopts = { ismulti : true, closelast : bb_content_ClosedAllContent, width : '100%', height : '300px' }; CreateWYMEditorInstance('contenteditor', fileopts, editopts); }); window.parent.CloseProperties2(false); </script> <?php BB_RunPluginAction("post_bb_content_edit"); } else { if (isset($_REQUEST["action"])) { // Pass other requests onto the shortcode action handler. if (isset($_REQUEST["sid"])) { $sid = (int) $_REQUEST["sid"]; if (isset($bb_widget->shortcodes[$sid]) && isset($bb_widget->shortcodes[$sid]["_sn"])) { $sname = $bb_widget->shortcodes[$sid]["_sn"]; if (isset($g_bb_content_shortcodes[$sname])) { $shortcode = "bb_content_shortcode_" . $sname; $shortcode = new $shortcode(); $this->currsid = $sid; $shortcode->ProcessShortcodeAction($this); } } } } } } } } } } } }
function BB_PropertyForm($options) { global $bb_formtables, $bb_formwidths; if (!isset($bb_formtables) || !is_bool($bb_formtables)) { $bb_formtables = true; } if (!isset($bb_formwidths) || !is_bool($bb_formwidths)) { $bb_formwidths = true; } $dateused = false; $accordionused = false; $multiselectused = array(); $multiselectheight = 200; $tableorderused = false; $tablestickyheaderused = false; $autofocus = false; // Certain types of fields require the Admin Pack extras package. $jqueryuiused = false; if (defined("BB_ROOT_URL")) { $rooturl = BB_ROOT_URL; } else { if (defined("ROOT_URL")) { $rooturl = ROOT_URL; } else { $rooturl = BB_GetRequestURLBase(); if (substr($rooturl, -1) != "/") { $rooturl = dirname($rooturl); } if (substr($rooturl, -1) == "/") { $rooturl = substr($rooturl, 0, -1); } } } if (defined("BB_SUPPORT_PATH")) { $supportpath = BB_SUPPORT_PATH; } else { if (defined("SUPPORT_PATH")) { $supportpath = SUPPORT_PATH; } else { $supportpath = "support"; } } ?> <noscript><style type="text/css"> div.maincontent div.proptitle div.navbutton { display: none; } div.leftnav { display: block; } </style></noscript> <div class="proptitle"><div id="navbutton">Menu</div><div id="navdropdown"></div><?php echo htmlspecialchars(BB_Translate($options["title"])); ?> </div> <div class="propdesc"><?php echo htmlspecialchars(BB_Translate($options["desc"])); if (isset($options["htmldesc"])) { echo $options["htmldesc"]; } ?> </div> <div class="propinfo"></div> <div class="propmain"> <?php if (isset($options["submit"]) || isset($options["useform"]) && $options["useform"]) { ?> <form id="propform" method="post" enctype="multipart/form-data" action="<?php echo htmlspecialchars(BB_GetRequestURLBase()); ?> "> <?php $extra = array(); if (isset($options["hidden"])) { foreach ($options["hidden"] as $name => $value) { ?> <input type="hidden" name="<?php echo htmlspecialchars($name); ?> " value="<?php echo htmlspecialchars($value); ?> " /> <?php if ($options["nonce"] != $name) { $extra[$name] = $value; } } ?> <input type="hidden" name="sec_extra" value="<?php echo htmlspecialchars(implode(",", array_keys($extra))); ?> " /> <input type="hidden" name="sec_t" value="<?php echo htmlspecialchars(BB_CreateSecurityToken($options["hidden"][$options["nonce"]], $extra)); ?> " /> <?php } unset($extra); } if (isset($options["fields"])) { ?> <div class="formfields<?php if (count($options["fields"]) == 1 && !isset($options["fields"][0]["title"]) && !isset($options["fields"][0]["htmltitle"])) { echo " alt"; } ?> "> <?php $insiderow = false; $insideaccordion = false; foreach ($options["fields"] as $num => $field) { if (is_string($field)) { if ($field == "split" && !$insiderow) { echo "<hr />"; } else { if ($field == "endaccordion" || $field == "endaccordian") { if ($insiderow) { ?> </tr></table></div> <?php $insiderow = false; } ?> </div> </div> <?php $insideaccordion = false; } else { if ($field == "nosplit") { if ($insideaccordion) { $firstaccordionitem = true; } } else { if ($field == "startrow") { if ($insiderow) { echo "</tr><tr>"; } else { if ($bb_formtables) { $insiderow = true; ?> <div class="fieldtablewrap<?php if ($insideaccordion && $firstaccordionitem) { echo " firstitem"; } ?> "><table class="rowwrap"><tr> <?php $firstaccordionitem = false; } } } else { if ($field == "endrow" && $bb_formtables) { ?> </tr></table></div> <?php $insiderow = false; } else { if (substr($field, 0, 5) == "html:") { echo substr($field, 5); } } } } } } } else { if ($field["type"] == "accordion" || $field["type"] == "accordian") { if ($insiderow) { ?> </tr></table></div> <?php $insiderow = false; } if ($insideaccordion) { ?> </div> <h3><?php echo htmlspecialchars(BB_Translate($field["title"])); ?> </h3> <div class="formaccordionitems"> <?php } else { ?> <div class="formaccordionwrap"> <h3><?php echo htmlspecialchars(BB_Translate($field["title"])); ?> </h3> <div class="formaccordionitems"> <?php $insideaccordion = true; $accordionused = true; } $firstaccordionitem = true; } else { if ($insiderow) { echo "<td>"; } ?> <div class="formitem<?php echo isset($field["split"]) && $field["split"] === false || $insideaccordion && $firstaccordionitem ? " firstitem" : ""; ?> "> <?php $firstaccordionitem = false; if (isset($field["title"])) { if (is_string($field["title"])) { ?> <div class="formitemtitle"><?php echo htmlspecialchars(BB_Translate($field["title"])); ?> </div> <?php } } else { if (isset($field["htmltitle"])) { ?> <div class="formitemtitle"><?php echo BB_Translate($field["htmltitle"]); ?> </div> <?php } else { if ($field["type"] == "checkbox" && $insiderow) { ?> <div class="formitemtitle"> </div> <?php } } } if (isset($field["width"]) && !$bb_formwidths) { unset($field["width"]); } if (isset($field["name"]) && isset($field["default"])) { if ($field["type"] == "select") { if (!isset($field["select"])) { $field["select"] = BB_GetValue($field["name"], $field["default"]); if (is_array($field["select"])) { $field["select"] = BB_SelectValues($field["select"]); } } } else { if (!isset($field["value"])) { $field["value"] = BB_GetValue($field["name"], $field["default"]); } } } switch ($field["type"]) { case "static": ?> <div class="static"<?php if (isset($field["width"])) { echo " style=\"width: " . htmlspecialchars($field["width"]) . ";\""; } ?> ><?php echo htmlspecialchars($field["value"]); ?> </div> <?php break; case "text": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } ?> <input class="text"<?php if (isset($field["width"])) { echo " style=\"width: " . htmlspecialchars($field["width"]) . ";\""; } ?> type="text" id="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> " name="<?php echo htmlspecialchars($field["name"]); ?> " value="<?php echo htmlspecialchars($field["value"]); ?> " /> <?php break; case "password": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } ?> <input class="text"<?php if (isset($field["width"])) { echo " style=\"width: " . htmlspecialchars($field["width"]) . ";\""; } ?> type="password" id="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> " name="<?php echo htmlspecialchars($field["name"]); ?> " value="<?php echo htmlspecialchars($field["value"]); ?> " /> <?php break; case "checkbox": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } ?> <input class="checkbox" type="checkbox" id="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> " name="<?php echo htmlspecialchars($field["name"]); ?> " value="<?php echo htmlspecialchars($field["value"]); ?> "<?php if (isset($field["check"]) && $field["check"]) { echo " checked"; } ?> /> <label for="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> "><?php echo htmlspecialchars(BB_Translate($field["display"])); ?> </label> <?php break; case "select": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } if (!isset($field["multiple"]) || $field["multiple"] !== true) { $mode = "select"; } else { if (!isset($field["mode"]) || $field["mode"] != "flat" && $field["mode"] != "dropdown" && $field["mode"] != "tags" && $field["mode"] != "select") { $mode = "checkbox"; } else { $mode = $field["mode"]; } } if (!isset($field["width"]) && !isset($field["height"])) { $style = ""; } else { $style = array(); if (isset($field["width"])) { $style[] = "width: " . htmlspecialchars($field["width"]); } if (isset($field["height"]) && isset($field["multiple"]) && $field["multiple"] === true) { $style[] = "height: " . htmlspecialchars($field["height"]); $multiselectheight = (int) $field["height"]; } $style = " style=\"" . implode("; ", $style) . ";\""; } if (!isset($field["select"])) { $field["select"] = array(); } else { if (is_string($field["select"])) { $field["select"] = array($field["select"] => true); } } $idbase = htmlspecialchars("f" . $num . "_" . $field["name"]); if ($mode == "checkbox") { $idnum = 0; foreach ($field["options"] as $name => $value) { if (is_array($value)) { foreach ($value as $name2 => $value2) { $id = $idbase . ($idnum ? "_" . $idnum : ""); ?> <input class="checkbox" type="checkbox" id="<?php echo $id; ?> " name="<?php echo htmlspecialchars($field["name"]); ?> []" value="<?php echo htmlspecialchars($name2); ?> "<?php if (isset($field["select"][$name2])) { echo " checked"; } ?> /> <label for="<?php echo $id; ?> "><?php echo htmlspecialchars(BB_Translate($name)); ?> - <?php echo $value2 == "" ? " " : htmlspecialchars(BB_Translate($value2)); ?> </label><br /> <?php $idnum++; } } else { $id = $idbase . ($idnum ? "_" . $idnum : ""); ?> <input class="checkbox" type="checkbox" id="<?php echo $id; ?> " name="<?php echo htmlspecialchars($field["name"]); ?> []" value="<?php echo htmlspecialchars($name); ?> "<?php if (isset($field["select"][$name])) { echo " checked"; } ?> /> <label for="<?php echo $id; ?> "><?php echo $value == "" ? " " : htmlspecialchars(BB_Translate($value)); ?> </label><br /> <?php $idnum++; } } } else { ?> <select class="<?php echo isset($field["multiple"]) && $field["multiple"] === true ? "multi" : "single"; ?> " id="<?php echo $idbase; ?> " name="<?php echo htmlspecialchars($field["name"]) . (isset($field["multiple"]) && $field["multiple"] === true ? "[]" : ""); ?> "<?php if (isset($field["multiple"]) && $field["multiple"] === true) { echo " multiple"; } echo $style; ?> > <?php foreach ($field["options"] as $name => $value) { if (is_array($value)) { ?> <optgroup label="<?php echo htmlspecialchars(BB_Translate($name)); ?> "> <?php foreach ($value as $name2 => $value2) { ?> <option value="<?php echo htmlspecialchars($name2); ?> "<?php if (isset($field["select"][$name2])) { echo " selected"; } ?> ><?php echo $value2 == "" ? " " : htmlspecialchars(BB_Translate($value2)); ?> </option> <?php } ?> </optgroup> <?php } else { ?> <option value="<?php echo htmlspecialchars($name); ?> "<?php if (isset($field["select"][$name])) { echo " selected"; } ?> ><?php echo $value == "" ? " " : htmlspecialchars(BB_Translate($value)); ?> </option> <?php } } ?> </select> <?php if (isset($field["multiple"]) && $field["multiple"] === true) { if (!$jqueryuiused) { BB_OutputJQueryUI($rooturl, $supportpath); $jqueryuiused = true; } if ($mode == "tags") { if (!isset($multiselectused[$mode])) { ?> <link rel="stylesheet" href="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-select2/select2.css"); ?> " type="text/css" media="all" /> <script type="text/javascript" src="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-select2/select2.min.js"); ?> "></script> <?php } ?> <script type="text/javascript"> $(function() { if (jQuery.fn.select2) $('div.formfields div.formitem select.multi[name="<?php echo BB_JSSafe($field["name"] . "[]"); ?> "]').select2({ <?php if (isset($field["mininput"])) { echo "minimumInputLength: " . (int) $field["mininput"]; } ?> }); else alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI select2 for multiple selection field.\n\\This feature requires AdminPack Extras.")); ?> '); }); </script> <?php } else { if ($mode == "dropdown") { if (!isset($multiselectused[$mode])) { ?> <link rel="stylesheet" href="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-widget/jquery.multiselect.css"); ?> " type="text/css" media="all" /> <link rel="stylesheet" href="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-widget/jquery.multiselect.filter.css"); ?> " type="text/css" media="all" /> <script type="text/javascript" src="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-widget/jquery.multiselect.min.js"); ?> "></script> <script type="text/javascript" src="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-widget/jquery.multiselect.filter.js"); ?> "></script> <?php } ?> <script type="text/javascript"> $(function() { if (jQuery.fn.multiselect && jQuery.fn.multiselectfilter) $('div.formfields div.formitem select.multi[name="<?php echo BB_JSSafe($field["name"] . "[]"); ?> "]').multiselect({ selectedText: '<?php echo BB_JSSafe(BB_Translate("# of # selected")); ?> ', selectedList: 5, height: <?php echo $multiselectheight; ?> , position: { my: 'left top', at: 'left bottom', collision: 'flip' } }).multiselectfilter(); else alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI multiselect widget or multiselectfilter for dropdown multiple selection field.\n\\This feature requires AdminPack Extras.")); ?> '); }); </script> <?php } else { if ($mode == "flat") { if (!isset($multiselectused[$mode])) { ?> <link rel="stylesheet" href="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-flat/css/jquery.uix.multiselect.css"); ?> " type="text/css" media="all" /> <script type="text/javascript" src="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/multiselect-flat/js/jquery.uix.multiselect.js"); ?> "></script> <?php } ?> <script type="text/javascript"> $(function() { if (jQuery.fn.multiselect) { $('div.formfields div.formitem select.multi[name="<?php echo BB_JSSafe($field["name"] . "[]"); ?> "]').multiselect({ availableListPosition: <?php echo $bb_formtables ? "'left'" : "'top'"; ?> , sortable: true, sortMethod: null }); $(window).resize(function() { $('div.formfields div.formitem select.multi[name="<?php echo BB_JSSafe($field["name"] . "[]"); ?> "]').multiselect('refresh'); }); } else { alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI multiselect plugin for flat multiple selection field.\n\\This feature requires AdminPack Extras.")); ?> '); } }); </script> <div style="clear: both;"></div> <?php } } } $multiselectused[$mode] = true; } } break; case "textarea": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } if (!isset($field["width"]) && !isset($field["height"])) { $style = ""; } else { $style = array(); if (isset($field["width"])) { $style[] = "width: " . htmlspecialchars($field["width"]); } if (isset($field["height"])) { $style[] = "height: " . htmlspecialchars($field["height"]); } $style = " style=\"" . implode("; ", $style) . ";\""; } ?> <div class="textareawrap"><textarea class="text"<?php echo $style; ?> id="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> " name="<?php echo htmlspecialchars($field["name"]); ?> " rows="5" cols="50"><?php echo htmlspecialchars($field["value"]); ?> </textarea></div> <?php break; case "table": $order = isset($field["order"]) ? $field["order"] : ""; $idbase = "f" . $num . "_" . (isset($field["name"]) ? $field["name"] : "table"); if ($bb_formtables) { ?> <table id="<?php echo htmlspecialchars($idbase); ?> "<?php if (isset($field["class"])) { echo " class=\"" . htmlspecialchars($field["class"]) . "\""; } if (isset($field["width"])) { echo " style=\"width: " . htmlspecialchars($field["width"]) . "\""; } ?> > <thead> <tr<?php if ($order != "") { echo " id=\"" . htmlspecialchars($idbase . "_head") . "\""; } ?> class="head<?php if ($order != "") { echo " nodrag nodrop"; } ?> "> <?php if ($order != "") { ?> <th><?php echo htmlspecialchars(BB_Translate($order)); ?> </th> <?php } foreach ($field["cols"] as $num2 => $col) { ?> <th><?php echo htmlspecialchars(BB_Translate($col)); ?> </th> <?php } ?> </tr> </thead> <tbody> <?php $rownum = 0; $altrow = false; if (isset($field["callback"]) && is_callable($field["callback"])) { $field["rows"] = call_user_func($field["callback"]); } while (count($field["rows"])) { foreach ($field["rows"] as $row) { ?> <tr<?php if ($order != "") { echo " id=\"" . htmlspecialchars($idbase . "_" . $rownum) . "\""; } ?> class="row<?php if ($altrow) { echo " altrow"; } ?> "> <?php if ($order != "") { ?> <td class="draghandle"> </td> <?php } $num2 = 0; foreach ($row as $col) { ?> <td<?php if (count($row) < count($field["cols"]) && $num2 + 1 == count($row)) { echo " colspan=\"" . (count($field["cols"]) - count($row) + 1) . "\""; } ?> ><?php echo $col; ?> </td> <?php $num2++; } ?> </tr> <?php $rownum++; $altrow = !$altrow; } if (isset($field["callback"]) && is_callable($field["callback"])) { $field["rows"] = call_user_func($field["callback"]); } else { $field["rows"] = array(); } } ?> </tbody> </table> <?php if ($order != "") { if (!$tableorderused) { ?> <script type="text/javascript" src="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/jquery.tablednd-20140418.min.js"); ?> "></script> <?php $tableorderused = true; } ?> <script type="text/javascript"> if (jQuery.fn.tableDnD) { InitPropertiesTableDragAndDrop('<?php echo BB_JSSafe($idbase); ?> '<?php if (isset($field["reordercallback"])) { echo ", " . $field["reordercallback"]; } ?> ); } else { alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery TableDnD plugin for drag-and-drop row ordering.\n\\This feature requires AdminPack Extras.")); ?> '); } </script> <?php } if (isset($field["stickyheader"]) && $field["stickyheader"]) { if (!$tablestickyheaderused) { ?> <script type="text/javascript" src="<?php echo htmlspecialchars($rooturl . "/" . $supportpath . "/jquery.stickytableheaders.min.js"); ?> "></script> <?php $tablestickyheaderused = true; } ?> <script type="text/javascript"> if (jQuery.fn.stickyTableHeaders) { $('#<?php echo BB_JSSafe($idbase); ?> ').stickyTableHeaders(); } else { alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery Sticky Table Headers plugin.\n\\This feature requires AdminPack Extras.")); ?> '); } </script> <?php } } else { ?> <div class="nontablewrap" id="<?php echo htmlspecialchars("f" . $num . "_" . (isset($field["name"]) ? $field["name"] : "table")); ?> "> <?php $altrow = false; foreach ($field["rows"] as $num2 => $row) { ?> <div class="nontable_row<?php if ($altrow) { echo " altrow"; } if (!$num2) { echo " firstrow"; } ?> "> <?php foreach ($row as $num3 => $col) { ?> <div class="nontable_th<?php if (!$num3) { echo " firstcol"; } ?> "><?php echo htmlspecialchars(BB_Translate($field["cols"][$num3])); ?> </div> <div class="nontable_td"><?php echo $col; ?> </div> <?php } ?> </div> <?php $altrow = !$altrow; } ?> </div> <?php } break; case "file": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } ?> <input class="text" type="file" id="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> " name="<?php echo htmlspecialchars($field["name"]); ?> " /> <?php break; case "date": if ($autofocus === false) { $autofocus = htmlspecialchars("f" . $num . "_" . $field["name"]); } ?> <input class="date"<?php if (isset($field["width"])) { echo " style=\"width: " . htmlspecialchars($field["width"]) . "\""; } ?> type="text" id="<?php echo htmlspecialchars("f" . $num . "_" . $field["name"]); ?> " name="<?php echo htmlspecialchars($field["name"]); ?> " value="<?php echo htmlspecialchars($field["value"]); ?> " /> <?php $dateused = true; break; case "custom": echo $field["value"]; break; } if (isset($field["desc"]) && $field["desc"] != "") { ?> <div class="formitemdesc"><?php echo htmlspecialchars(BB_Translate($field["desc"])); ?> </div> <?php } else { if (isset($field["htmldesc"]) && $field["htmldesc"] != "") { ?> <div class="formitemdesc"><?php echo $field["htmldesc"]; ?> </div> <?php } } ?> </div> <?php if ($insiderow) { echo "</td>"; } } } } if ($insiderow) { ?> </tr></table></div> <?php } if ($insideaccordion) { ?> </div> </div> <?php } ?> </div> <?php } if (isset($options["submit"])) { if (is_string($options["submit"])) { $options["submit"] = array($options["submit"]); } ?> <div class="formsubmit"> <?php foreach ($options["submit"] as $val) { ?> <input class="submit" type="submit"<?php if (isset($options["submitname"])) { echo " name=\"" . htmlspecialchars($options["submitname"]) . "\""; } ?> value="<?php echo htmlspecialchars(BB_Translate($val)); ?> " /> <?php } ?> </div> <?php } if (isset($options["submit"]) || isset($options["useform"]) && $options["useform"]) { ?> </form> <?php } ?> </div> <?php if ($dateused) { if (!$jqueryuiused) { BB_OutputJQueryUI($rooturl, $supportpath); $jqueryuiused = true; } ?> <script type="text/javascript"> $(function() { if (jQuery.fn.datepicker) $('div.formfields div.formitem input.date').datepicker({ dateFormat: 'yy-mm-dd' }); else alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI for date field.\n\nThis feature requires AdminPack Extras.")); ?> '); }); </script> <?php } if ($accordionused) { if (!$jqueryuiused) { BB_OutputJQueryUI($rooturl, $supportpath); $jqueryuiused = true; } ?> <script type="text/javascript"> $(function() { if (jQuery.fn.accordion) $('div.formaccordionwrap').accordion({ collapsible : true, active : false, heightStyle : 'content' }); else alert('<?php echo BB_JSSafe(BB_Translate("Warning: Missing jQuery UI for accordion.\n\nThis feature requires AdminPack Extras.")); ?> '); }); </script> <?php } if (isset($options["focus"]) && (is_string($options["focus"]) || $options["focus"] === true && $autofocus !== false)) { ?> <script type="text/javascript"> $('#<?php echo BB_JSSafe(is_string($options["focus"]) ? $options["focus"] : $autofocus); ?> ').focus(); </script> <?php } }
} if ($id === false) { echo "<span class=\"error\">Unable to create session.</span>"; exit; } SetCookieFixDomain("bbl", $id, $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", "", USE_HTTPS, true); SetCookieFixDomain("bbq", "1", $bb_accounts["sessions"][$id]["expire"], ROOT_URL . "/", ""); ?> <span class="success">Successfully logged in.</span><br /> <a href="<?php echo htmlspecialchars(BB_GetFullRootURLBase("http")); ?> /">Click here to continue</a> <script type="text/javascript"> window.location = '<?php echo BB_JSSafe(BB_GetFullRootURLBase("http")); ?> /'; </script> <?php } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Login</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link rel="stylesheet" href="<?php echo htmlspecialchars(ROOT_URL); ?> /<?php
private function OutputJS($ajaxurl = false) { global $sso_target_url; ?> <script type="text/javascript"> SSO_Vars = { 'checking' : '<?php echo BB_JSSafe(BB_Translate("Checking...")); ?> ', <?php if ($ajaxurl !== false) { ?> 'ajaxurl' : '<?php echo BB_JSSafe($ajaxurl); ?> ', <?php } ?> 'showpassword' : '<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Show password"))); ?> ' }; </script> <script type="text/javascript" src="<?php echo htmlspecialchars(SSO_ROOT_URL . "/" . SSO_PROVIDER_PATH . "/sso_login/sso_login.js"); ?> "></script> <?php }
function BB_FileExplorer_ReplaceStr($find, $replace, $str) { return str_replace(array("%%HTML_" . $find . "%%", "%%HTML_JS_" . $find . "%%"), array(htmlspecialchars($replace), htmlspecialchars(BB_JSSafe($replace))), $str); }
public function Generate($options, $errors = array(), $lastform = true) { $formvars = $this->InitFormVars($options); $this->OutputFormCSS(); ?> <div class="bb_formwrap"> <div class="bb_formwrapinner"> <?php if (isset($options["submit"]) || isset($options["useform"]) && $options["useform"]) { $this->numforms++; ?> <form id="form_<?php echo $this->numforms; ?> " method="post" enctype="multipart/form-data" action="<?php echo htmlspecialchars(BB_GetRequestURLBase()); ?> "> <?php $extra = array(); if (isset($options["hidden"])) { foreach ($options["hidden"] as $name => $value) { ?> <input type="hidden" name="<?php echo htmlspecialchars($name); ?> " value="<?php echo htmlspecialchars($value); ?> " /> <?php if (isset($options["nonce"]) && $options["nonce"] != $name) { $extra[$name] = $value; } } if ($options["nonce"]) { ?> <input type="hidden" name="sec_extra" value="<?php echo htmlspecialchars(implode(",", array_keys($extra))); ?> " /> <input type="hidden" name="sec_t" value="<?php echo htmlspecialchars($this->CreateSecurityToken($options["hidden"][$options["nonce"]], $extra)); ?> " /> <?php } } unset($extra); } if (isset($options["fields"])) { ?> <div class="formfields<?php if (count($options["fields"]) == 1 && !isset($options["fields"][0]["title"]) && !isset($options["fields"][0]["htmltitle"])) { echo " alt"; } ?> "> <?php foreach ($options["fields"] as $num => $field) { $id = "f" . $this->numforms . "_" . $num; if (!is_string($field) && isset($field["name"])) { if (isset($errors[$field["name"]])) { $field["error"] = $errors[$field["name"]]; } if (isset($options["randomnames"]) && $options["randomnames"]) { $field["origname"] = $field["name"]; $field["name"] = $this->GetRandomizedFieldName($field["name"]); } $id .= "_" . $field["name"]; if (isset($options["randomnames"]) && $options["randomnames"] && isset($options["focus"]) && is_string($options["focus"]) && $options["focus"] == $field["origname"]) { $options["focus"] = $id; } } $this->ProcessField($formvars, $field, $id); } $this->CleanupFields($formvars); ?> </div> <?php } if (isset($options["submit"])) { $this->ProcessSubmit($formvars, $options); } if (isset($options["submit"]) || isset($options["useform"]) && $options["useform"]) { ?> </form> <?php } ?> </div> </div> <?php if ($lastform) { $this->Finalize($formvars); } if (isset($options["focus"]) && (is_string($options["focus"]) || $options["focus"] === true && $formvars["autofocus"] !== false)) { ?> <script type="text/javascript"> jQuery('#<?php echo BB_JSSafe(is_string($options["focus"]) ? $options["focus"] : $formvars["autofocus"]); ?> ').focus(); </script> <?php } }
public function ProcessFrontend() { global $sso_provider, $sso_settings, $sso_target_url, $sso_header, $sso_footer, $sso_providers; $message = ""; if (SSO_FrontendFieldValue("submit") !== false) { $username = SSO_FrontendFieldValue("username"); $password = SSO_FrontendFieldValue("password"); if ($username === false || $username == "" || $password === false || $sso_settings["sso_ldap"]["password"] && $password == "") { $message = BB_Translate("Please fill in the fields."); } else { $ldap = @ldap_connect($sso_settings["sso_ldap"]["server"]); if ($ldap === false) { $message = BB_Translate("Unable to connect to the LDAP server. Error: %s", ldap_error($ldap)); } else { $replacemap = array("," => "\\,", "\\" => "\\\\", "/" => "\\/", "#" => "\\#", "+" => "\\+", "<" => "\\<", ">" => "\\>", ";" => "\\;", "\"" => "\\\"", "=" => "\\="); $dnusername = str_replace(array_keys($replacemap), array_values($replacemap), $username); if (substr($dnusername, 0, 1) === " ") { $dnusername = "******" . $dnusername; } if (strlen($dnusername) > 2 && substr($dnusername, -1) === " ") { $dnusername = substr($dnusername, 0, -1) . "\\ "; } $dn = str_replace("@USERNAME@", $dnusername, $sso_settings["sso_ldap"]["dn"]); $userinfo = array(); @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); $result = @ldap_bind($ldap, $dn, $password); if ($result === false && ldap_errno($ldap)) { $extra = ldap_error($ldap); } else { $extra = ""; $result = @ldap_read($ldap, $dn, "objectClass=*"); if (!is_resource($result)) { $extra = ldap_error($ldap); $result = false; } else { $items = @ldap_get_entries($ldap, $result); @ldap_free_result($result); $result = $items["count"] > 0; // Boil down the results to just key-value pairs. if ($result === false) { $extra = "Unable to retrieve entries"; } else { foreach ($items[0] as $key => $val) { if (is_string($key) && $key != "count") { if (is_string($val)) { $userinfo[$key] = $val; } else { if (is_array($val) && $val["count"] > 0) { $userinfo[$key] = $val[0]; } } } } if ($sso_settings["sso_ldap"]["debug"]) { echo "LDAP fields:<br />"; echo "<table>"; foreach ($userinfo as $key => $val) { echo "<tr><td style=\"padding-right: 15px;\"><b>" . htmlspecialchars($key) . "</b></td><td>" . htmlspecialchars($val) . "</td></tr>"; } echo "</table>"; } } } } @ldap_close($ldap); if ($result === false) { $message = BB_Translate("Invalid username or password. %s.", $extra); } else { $origusername = $username; if ($sso_settings["sso_ldap"]["remove_domain"]) { $username = str_replace("\\", "/", $username); $pos = strrpos("/", $username); if ($pos !== false) { $username = substr($username, $pos + 1); } } $mapinfo = array(); $lines = explode("\n", str_replace("\r", "\n", $sso_settings["sso_ldap"]["map_custom"])); foreach ($lines as $line) { $line = trim($line); $pos = strpos($line, "="); if ($pos !== false) { $srcfield = substr($line, 0, $pos); $destfield = substr($line, $pos + 1); if (isset($userinfo[$srcfield]) && SSO_IsField($destfield)) { $mapinfo[$destfield] = $userinfo[$srcfield]; } } } $mapinfo[$sso_settings["sso_ldap"]["map_username"]] = $username; if ($sso_settings["sso_ldap"]["debug"]) { echo "Mapped fields:<br />"; echo "<table>"; foreach ($mapinfo as $key => $val) { echo "<tr><td style=\"padding-right: 15px;\"><b>" . htmlspecialchars($key) . "</b></td><td>" . htmlspecialchars($val) . "</td></tr>"; } echo "</table>"; exit; } SSO_ActivateUser($dn, serialize($sso_settings["sso_ldap"]), $mapinfo); // Only falls through on account lockout or a fatal error. $message = BB_Translate("User activation failed."); } } } } echo $sso_header; SSO_OutputHeartbeat(); ?> <script type="text/javascript"> SSO_Vars = { 'showpassword' : '<?php echo htmlspecialchars(BB_JSSafe(BB_Translate("Show password"))); ?> ' }; </script> <script type="text/javascript" src="<?php echo htmlspecialchars(SSO_ROOT_URL . "/" . SSO_PROVIDER_PATH . "/sso_ldap/sso_ldap.js"); ?> "></script> <div class="sso_main_wrap sso_ldap"> <div class="sso_main_wrap_inner"> <?php if ($message != "") { ?> <div class="sso_main_messages_wrap"> <div class="sso_main_messages"> <div class="sso_main_messageerror"><?php echo htmlspecialchars($message); ?> </div> </div> </div> <?php } ?> <div class="sso_main_form_wrap sso_ldap_signin_form"> <div class="sso_main_form_header"><?php echo htmlspecialchars(BB_Translate("Sign in")); ?> </div> <form class="sso_main_form" name="sso_ldap_form" method="post" accept-charset="UTF-8" enctype="multipart/form-data" action="<?php echo htmlspecialchars($sso_target_url); ?> "> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Username")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="text" name="<?php echo SSO_FrontendField("username"); ?> " /></div> </div> <script type="text/javascript"> jQuery('input.sso_main_text:first').focus(); </script> <div class="sso_main_formitem"> <div class="sso_main_formtitle"><?php echo htmlspecialchars(BB_Translate("Password")); ?> </div> <div class="sso_main_formdata"><input class="sso_main_text" type="password" name="<?php echo SSO_FrontendField("password"); ?> " /></div> </div> <div class="sso_main_formsubmit"> <input type="submit" name="<?php echo SSO_FrontendField("submit"); ?> " value="<?php echo htmlspecialchars(BB_Translate("Sign in")); ?> " /> </div> </form> </div> <?php ?> </div> </div> <?php echo $sso_footer; }
public function ProcessBBAction() { global $bb_widget, $bb_widget_id, $bb_account, $bb_revision_num; if (!BB_IsMemberOfPageGroup("_p")) { exit; } if ($_REQUEST["bb_action"] == "bb_code_edit_langmap_submit") { BB_RunPluginAction("pre_bb_code_edit_langmap_submit"); $bb_widget->langmap = $_REQUEST["langmap"]; if (!BB_SaveLangPage($bb_revision_num)) { BB_PropertyFormError("Unable to save the language mapping."); } ?> <div class="success"><?php echo htmlspecialchars(BB_Translate("Language mapping saved.")); ?> </div> <script type="text/javascript"> window.parent.CloseProperties(); window.parent.ReloadIFrame(); </script> <?php BB_RunPluginAction("post_bb_code_edit_langmap_submit"); } else { if ($_REQUEST["bb_action"] == "bb_code_edit_langmap") { BB_RunPluginAction("pre_bb_code_edit_langmap"); $options = array("title" => BB_Translate("Edit %s Language Map", $bb_widget->_f), "desc" => "Edit the language map. One mapping entry per line. First character indicates the termination character of the key. Empty keys are ignored.", "fields" => array(array("title" => "", "type" => "textarea", "name" => "langmap", "value" => $bb_widget->langmap, "desc" => "Example: |key|value")), "submit" => "Save", "focus" => true); BB_RunPluginActionInfo("bb_code_edit_langmap_options", $options); BB_PropertyForm($options); BB_RunPluginAction("post_bb_code_edit_langmap"); return; } } if ($bb_account["type"] == "dev") { $types = array("init" => array("ltitle" => "init", "utitle" => "Init"), "action" => array("ltitle" => "action", "utitle" => "Action"), "prehtml" => array("ltitle" => "pre-HTML", "utitle" => "Pre-HTML"), "head" => array("ltitle" => "head", "utitle" => "Head"), "body" => array("ltitle" => "body", "utitle" => "Body")); foreach ($types as $key => $typeinfo) { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key . "_load") { BB_RunPluginAction("pre_bb_code_edit_" . $key . "_load"); if (isset($bb_widget->{$key})) { echo rawurlencode($bb_widget->{$key}); } BB_RunPluginAction("post_bb_code_edit_" . $key . "_load"); return; } else { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key . "_save") { BB_RunPluginAction("pre_bb_code_edit_" . $key . "_save"); $bb_widget->{$key} = $_REQUEST["content"]; if (!BB_SaveLangPage($bb_revision_num)) { echo htmlspecialchars(BB_Translate("Unable to save " . $typeinfo["ltitle"] . " content. Try again.")); } else { echo "OK\n"; echo "<script type=\"text/javascript\">ReloadIFrame();</script>"; } BB_RunPluginAction("post_bb_code_edit_" . $key . "_save"); return; } else { if ($_REQUEST["bb_action"] == "bb_code_edit_" . $key) { BB_RunPluginAction("pre_bb_code_edit_" . $key); ?> <script type="text/javascript"> window.parent.LoadConditionalScript(Gx__RootURL + '/' + Gx__SupportPath + '/editfile.js?_=20140418', true, function(loaded) { return ((!loaded && typeof(window.CreateEditAreaInstance) == 'function') || (loaded && !IsConditionalScriptLoading())); }, function(params) { $('#fileeditor').show(); var fileopts = { loadurl : Gx__URLBase, loadparams : <?php echo BB_CreateWidgetPropertiesJS("bb_code_edit_" . $key . "_load", array(), true); ?> , id : 'wid_<?php echo BB_JSSafe($bb_widget_id); ?> _<?php echo BB_JSSafe($key); ?> ', display : '<?php echo BB_JSSafe($bb_widget->_f . " - " . $typeinfo["utitle"]); ?> ', saveurl : Gx__URLBase, saveparams : <?php echo BB_CreateWidgetPropertiesJS("bb_code_edit_" . $key . "_save", array(), true); ?> , syntax : 'php', aceopts : { 'focus' : true, 'theme' : 'crimson_editor' } }; var editopts = { ismulti : true, closelast : ClosedAllFiles, width : '100%', height : '500px' }; CreateEditAreaInstance('fileeditor', fileopts, editopts); }); window.parent.CloseProperties(false); </script> <?php BB_RunPluginAction("post_bb_code_edit_" . $key); return; } } } } } // Pass other requests onto the action handler. if (isset($_REQUEST["action"])) { foreach ($GLOBALS as $key => $val) { if (substr($key, 0, 3) == "bb_" || substr($key, 0, 2) == "g_") { global ${$key}; } } if (isset($bb_widget->action)) { eval("?" . ">" . $bb_widget->action); } } }
function SSO_ExternalRedirect($url, $final = false) { SetCookieFixDomain("sso_server_er", base64_encode($url), 0, "", "", SSO_IsSSLRequest(), true); SetCookieFixDomain("sso_server_ern", md5(SSO_FrontendField("external_redirect") . ":" . $url), 0, "", "", SSO_IsSSLRequest(), true); $url = BB_GetRequestHost() . SSO_ROOT_URL . "/index.php?sso_action=sso_redirect" . ($final ? "&sso_final=1" : "") . (isset($_REQUEST["lang"]) ? "&lang=" . urlencode($_REQUEST["lang"]) : ""); ?> <!DOCTYPE html> <html> <head> <script type="text/javascript"> document.location.replace('<?php echo BB_JSSafe($url); ?> '); </script> <title><?php echo BB_Translate("Redirecting..."); ?> </title> <meta http-equiv="refresh" content="3; URL=<?php echo htmlspecialchars($url); ?> " /> </head> <body> <div style="text-align: center;"><?php echo BB_Translate("Redirecting..."); ?> </div> </body> </html> <?php exit; }
function SSO_CreateConfigLink($title, $action2, $extra = array(), $confirm = "") { return "<a href=\"" . htmlspecialchars(SSO_CreateConfigURL($action2, $extra)) . "\"" . ($confirm != "" ? " onclick=\"return confirm('" . htmlspecialchars(BB_JSSafe(BB_Translate($confirm))) . "');\"" : "") . ">" . htmlspecialchars(BB_Translate($title)) . "</a>"; }
function BB_PreMainJS() { global $bb_pref_lang, $bb_revision_num, $bb_paths; ?> <script type="text/javascript"> var Gx__RootURL = '<?php echo BB_JSSafe(isset($bb_paths) ? $bb_paths["ROOT_URL"] : ROOT_URL); ?> '; var Gx__SupportDebug = <?php echo defined("DEBUG_JS") ? "true" : "false"; ?> ; var Gx__SupportPath = '<?php echo BB_JSSafe(isset($bb_paths) ? $bb_paths["SUPPORT_PATH"] : SUPPORT_PATH); ?> '; var Gx__URLBase = '<?php echo BB_JSSafe(BB_GetRequestURLBase()); ?> '; var Gx__PrefLang = '<?php echo BB_JSSafe($bb_pref_lang); ?> '; var Gx__FullRootURL = '<?php echo BB_JSSafe(BB_GetFullRootURLBase()); ?> '; var Gx__FullRootURLHTTP = '<?php echo BB_JSSafe(BB_GetFullRootURLBase("http")); ?> '; var Gx__FullRootURLHTTPS = '<?php echo BB_JSSafe(BB_GetFullRootURLBase("https")); ?> '; var Gx__FullURLBase = '<?php echo BB_JSSafe(BB_GetFullRequestURLBase()); ?> '; var Gx__FullURLBaseHTTP = '<?php echo BB_JSSafe(BB_GetFullRequestURLBase("http")); ?> '; var Gx__FullURLBaseHTTPS = '<?php echo BB_JSSafe(BB_GetFullRequestURLBase("https")); ?> '; <?php if (isset($bb_revision_num)) { echo "var Gx__RevisionNum = " . $bb_revision_num . ";\n"; } ?> var Gx__MaxSendSize = <?php echo min(BB_PHPShorthandToBytes(ini_get("post_max_size")), BB_PHPShorthandToBytes(ini_get("upload_max_filesize"))); ?> ; <?php BB_RunPluginAction("bb_premainjs"); ?> </script> <?php }