public static function getForm($errors = array())
{
global $cfg;
if (LOGGED) {
redirect(REFERER);
}
$note = new Notifier();
$err = new Error();
if ($errors) {
$note->error($errors);
}
if ($_POST['login'] && $_POST['module']) {
$form = array('logname' => $_POST['logname-session'] ? filter($_POST['logname-session'], 100) : '', 'password' => $_POST['password-session'] ? filter($_POST['password-session'], 100) : '');
$err->setError('empty_logname', t('Logname field is required.'))->condition(!$form['logname']);
$err->setError('logname_not_exists', t('The logname you used isn't registered.'))->condition($form['logname'] && !User::loginNameRegistered($form['logname']));
$err->setError('password_empty', t('Password field is required.'))->condition(!$form['password']);
$err->setError('password_invalid', t('Password is invalid.'))->condition($form['password'] && !User::loginPasswordCorrect($form['password']));
$err->noErrors() ? redirect(REFERER) : $note->restore()->error($err->toArray());
}
$tpl = new PHPTAL('modules/login/form.html');
$tpl->form = $form;
$tpl->err = $err->toArray();
$tpl->note = $note;
echo $tpl->execute();
}
public function Exists()
{
$field = get('field', 'txt');
$value = get('value', 'txt');
if (false != ($f = filter($value)))
{
exit(jsonEncode(array('status'=>'failed','result'=>$f)));
}
$allows = array(
'email', 'name', 'phone'
);
if (false !== array_search($field, $allows))
{
$r = false;
if('name' == $field) {
$r = account()->invaidAccount($value);
} elseif ('email' == $field) {
$r = account()->invaidAccount(null, null, $value);
}
if($r) {
$ops = array('status'=>'failed','result' => $r);
} else {
if ($field == 'phone' && !ini('member.phone.unique')){
$r = false;
}else{
$r = account()->Exists($field, $value);
}
$ops = array('status' => 'ok','result' => $r);
}
}else{
$ops = array('status'=>'failed','result' => __('未允许字段'));
}
exit(jsonEncode($ops));
}
function startjournal($sitename, $user)
{
global $module_name;
$user = filter($user, "nohtml");
$sitename = filter($sitename, "nohtml");
if (is_user($user)) {
$j_user1 = "<center>[ <a href=\"modules.php?name={$module_name}\">" . _JOURNALDIR . "</a> | <a href=\"modules.php?name={$module_name}&file=edit\">" . _YOURJOURNAL . "</a> ]</center>";
$j_user2 = "";
} else {
$j_user1 = "<center>[ <a href=\"modules.php?name={$module_name}\">" . _JOURNALDIR . "</a> | <a href=\"modules.php?name=Your_Account&op=new_user\">" . _CREATEACCOUNT . "</a> ]</center>";
$j_user2 = "<br><center><font class=\"tiny\">" . _MEMBERSCAN . "</font></center>";
}
title("{$sitename}: " . _USERSJOURNAL . "");
if (is_user($user)) {
include "modules/Your_Account/navbar.php";
OpenTable();
nav();
CloseTable();
echo "<br>";
}
OpenTable();
echo "<center><img src=modules/{$module_name}/images/bgimage.gif><br><font class=title><b>" . _USERSJOURNAL . "</b></font></center>";
echo "{$j_user1}";
echo "{$j_user2}";
CloseTable();
}
function sendEmail($name, $email, $message)
{
$to = get_option('smcf_to_email');
$subject = get_option('smcf_subject');
// Filter name
$name = filter($name);
// Filter and validate email
$email = filter($email);
if (!validateEmail($email)) {
$subject .= " - invalid email";
$message .= "\n\nBad email: {$email}";
$email = $to;
}
// Add additional info to the message
if (get_option('smcf_ip')) {
$message .= "\n\nIP: " . $_SERVER['REMOTE_ADDR'];
}
if (get_option('smcf_ua')) {
$message .= "\n\nUSER AGENT: " . $_SERVER['HTTP_USER_AGENT'];
}
// Set and wordwrap message body
$body = "From: {$name}\n\n";
$body .= "Message: {$message}";
$body = wordwrap($body, 70);
// Build header
$header = "From: {$email}\n";
$header .= "X-Mailer: PHP/SimpleModalContactForm";
// Send email - suppress errors
@mail($to, $subject, $body, $header) or die('Unfortunately, your message could not be delivered.');
}
function hreferer()
{
global $bgcolor2, $prefix, $db, $admin_file;
include "header.php";
GraphicAdmin();
OpenTable();
echo "<center><font class=\"title\"><b>" . _HTTPREFERERS . "</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><b>" . _WHOLINKS . "</b></center><br><br>" . "<table border=\"0\" width=\"100%\">";
$row = $db->sql_fetchrow($db->sql_query("SELECT httprefmode from " . $prefix . "_config"));
$httprefmode = intval($row['httprefmode']);
$result = $db->sql_query("SELECT rid, url from " . $prefix . "_referer");
while ($row = $db->sql_fetchrow($result)) {
$rid = intval($row['rid']);
$url = filter($row['url'], "nohtml");
$url2 = urlencode($url);
$title = $url;
if ($httprefmode == 1) {
$url = explode("/", $url);
$url = "http://{$url['2']}";
}
echo "<tr><td bgcolor=\"{$bgcolor2}\"><font class=\"content\">{$rid}</td>" . "<td bgcolor=\"{$bgcolor2}\"><font class=\"content\"><a href=\"index.php?url={$url2}\" target=\"_new\" title=\"{$title}\">{$url}</a></td></tr>";
}
echo "</table>" . "<form action=\"" . $admin_file . ".php\" method=\"post\">" . "<input type=\"hidden\" name=\"op\" value=\"delreferer\">" . "<center><input type=\"submit\" value=\"" . _DELETEREFERERS . "\"></center>";
CloseTable();
include "footer.php";
}
function solution($list)
{
$acc = 1;
$func = function ($item, $acc) {
return $acc * $item;
};
$cellItAll = map($list, function ($item) {
//map
return ceil($item);
});
$leaveJustEven = filter($cellItAll, function ($item) {
//filter
return $item % 2 == 0;
});
$multiplyKill = accumulate($leaveJustEven, $func, $acc);
//reduce
###################################################### // one line solution
// return accumulate(filter(map($list, function($item) {
// return ceil($item);
// }), function($item) {
// return $item % 2 == 0;
// }), function($item, $acc) {
// return $acc * $item;
// }, $acc);
return $multiplyKill;
}
function page_protect()
{
session_start();
global $db;
if (isset($_SESSION['HTTP_USER_AGENT'])) {
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) {
logout();
exit;
}
}
if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) {
if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])) {
$cookie_user_id = filter($_COOKIE['user_id']);
$rs_ctime = mysql_query("select `ckey`,`ctime` from `users` where `id` ='{$cookie_user_id}'") or die(mysql_error());
list($ckey, $ctime) = mysql_fetch_row($rs_ctime);
if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) {
logout();
}
if (!empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)) {
session_regenerate_id();
//against session fixation attacks.
$_SESSION['user_id'] = $_COOKIE['user_id'];
$_SESSION['user_name'] = $_COOKIE['user_name'];
list($user_level) = mysql_fetch_row(mysql_query("select user_level from users where id='{$_SESSION['user_id']}'"));
$_SESSION['user_level'] = $user_level;
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
} else {
logout();
}
} else {
header("Location: login.php");
exit;
}
}
}
function sendEmail($subject, $content, $emailto, $emailfrom)
{
$from = $emailfrom;
$response_sent = 'Thank you. Your comments have been received.';
$response_error = 'Error. Please try again.';
$subject = filter($subject);
$url = "Origin Page: " . $_SERVER['HTTP_REFERER'];
$ip = "IP Address: " . $_SERVER["REMOTE_ADDR"];
$message = $content . "\n{$ip}\r\n{$url}";
// Validate return email & inform admin
$emailto = filter($emailto);
// Setup final message
$body = wordwrap($message);
if ($use_smtp == '1') {
$SmtpServer = 'SMTP SERVER';
$SmtpPort = 'SMTP PORT';
$SmtpUser = '******';
$SmtpPass = '******';
$to = $emailto;
$SMTPMail = new SMTPClient($SmtpServer, $SmtpPort, $SmtpUser, $SmtpPass, $from, $to, $subject, $body);
$SMTPChat = $SMTPMail->SendMail();
$response = $SMTPChat ? $response_sent : $response_error;
} else {
// Create header
$headers = "From: {$from}\r\n";
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/plain; charset=utf-8\r\n";
$headers .= "Content-Transfer-Encoding: quoted-printable\r\n";
// Send email
$mail_sent = @mail($emailto, $subject, $body, $headers);
$response = $mail_sent ? $response_sent : $response_error;
}
return $response;
}
public function getContent()
{
global $sql;
//Lang::load('blocks/shoutbox/lang.*.php');
$err = new Error();
$note = new Notifier('note-shoutbox');
$form['author'] = LOGGED ? User::$nickname : '';
$form['message'] = '';
if (isset($_POST['reply-shoutbox'])) {
$form['author'] = LOGGED ? User::$nickname : filter($_POST['author-shoutbox'], 100);
$form['message'] = filter($_POST['message-shoutbox'], Kio::getConfig('message_max', 'shoutbox'));
$err->setError('author_empty', t('Author field is required.'))->condition(!$form['author']);
$err->setError('author_exists', t('Entered nickname is registered.'))->condition(!LOGGED && is_registered($form['author']));
$err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']);
// No errors
if ($err->noErrors()) {
$sql->exec('
INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip)
VALUES (
' . TIMESTAMP . ',
"' . $form['author'] . '",
"' . cut($form['message'], Kio::getConfig('message_max', 'shoutbox')) . '",
' . UID . ',
"' . IP . '")');
$sql->clearCache('shoutbox');
$note->success(t('Entry was added successfully.'));
redirect(HREF . PATH . '#shoutbox');
} else {
$note->error($err->toArray());
}
}
// If cache for shoutbox doesn't exists
if (!($entries = $sql->getCache('shoutbox'))) {
$query = $sql->query('
SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message
FROM ' . DB_PREFIX . 'shoutbox s
LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = s.author_id
ORDER BY s.id DESC
LIMIT ' . Kio::getConfig('limit', 'shoutbox'));
while ($row = $query->fetch()) {
if ($row['author_id']) {
$row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
$row['message'] = parse($row['message'], Kio::getConfig('parser', 'shoutbox'));
}
$entries[] = $row;
}
$sql->putCacheContent('shoutbox', $entries);
}
try {
$tpl = new PHPTAL('blocks/shoutbox/shoutbox.tpl.html');
$tpl->entries = $entries;
$tpl->err = $err->toArray();
$tpl->form = $form;
$tpl->note = $note;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e->getMessage());
//echo Note::error($e->getMessage());
}
}
/**
* 返回给定字符串的分词后的结果
*
* @param string 给定的字符串,默认从GET传参
* @return array 分词后的结果,一个索引数组
*/
function getSegmentation($str = '')
{
//$text = !empty($str) ? $str : I('request.keywords', '');
$text = !empty($str) ? $str : $_REQUEST['keyword'];
$text = urldecode($text);
if ($text != "") {
$stime = microtime(true);
if (strlen($text) <= 20480) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://192.168.120.47:1985");
$text = iconv("UTF-8", "GBK//IGNORE", $text);
curl_setopt($ch, CURLOPT_POSTFIELDS, urlencode($text));
//增加这个选项后 curl_exec就会返回分词后的内容 而不是true or false
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($ch);
$result = iconv("GBK", "UTF-8//IGNORE", $result);
$result = urldecode($result);
curl_close($ch);
} else {
//字段太长则返回false
return false;
//echo "为防止恶意攻击,文字内容大小限制在了20KB以内。";
}
$etime = microtime(true);
$total = $etime - $stime;
//echo '<br>',$total;
//echo '<pre>';
return filter(explode(' ', $result));
}
}
public static function login($db, $sess_type = SESSION_TYPE)
{
if ($admin = $sess_type()) {
return $admin;
}
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = filter($_POST['username']);
$password = filter($_POST['password']);
if ($username === '' || $password === '') {
return '用户名或密码不能为空!';
}
$sql = "select * from user where username='******' and password='******' and gid=2 limit 1";
if (!($result = $conn->query($sql))) {
return ERROR::err('SQL语句有误!');
}
if (!($admin = $result->fetch_assoc())) {
return '用户名或密码错误!';
}
$sess_type .= '_l';
return $sess_type($admin);
} else {
include ABSPATH . TPLPATH . 'login.html';
return $login_html;
}
}
public static function bootstrap()
{
$inis = glob(TH_ROOT . TH_CONTENT . 'libraries/*/*.ini');
foreach ($inis as $ini) {
$info = parse_ini_file($ini);
$dir = explode('/', dirname($ini));
$dir = end($dir) . '/';
$info = filter('library_library_info', $info);
if (array_key_exists('js_file', $info)) {
$info['js_file'] = (array) $info['js_file'];
array_walk($info['js_file'], 'Library::prependPATH', $dir);
} else {
$info['js_file'] = array();
}
if (array_key_exists('css_file', $info)) {
$info['css_file'] = (array) $info['css_file'];
array_walk($info['css_file'], 'Library::prependPATH', $dir);
} else {
$info['css_file'] = array();
}
if (array_key_exists('php_file', $info)) {
$info['php_file'] = (array) $info['php_file'];
array_walk($info['php_file'], 'Library::prependPATH', $dir);
} else {
$info['php_file'] = array();
}
$info['file'] = array('js' => $info['js_file'], 'css' => $info['css_file'], 'php' => $info['php_file']);
if (array_key_exists('depends_on', $info)) {
$info['depends_on'] = (array) $info['depends_on'];
} else {
$info['depends_on'] = array();
}
self::register($info['type'], $info['name'], $info['file'], $info['importance'], $info['depends_on']);
}
}
function sendEmail($name, $email, $message) {
global $to, $subject, $extra;
// Filter name
$name = filter($name);
// Filter and validate email
$email = filter($email);
if (!validateEmail($email)) {
$subject .= " - invalid email";
$message .= "\n\nBad email: $email";
$email = $to;
}
// Add additional info to the message
if ($extra['ip']) {
$message .= "\n\nIP: " . $_SERVER['REMOTE_ADDR'];
}
if ($extra['user_agent']) {
$message .= "\n\nUSER AGENT: " . $_SERVER['HTTP_USER_AGENT'];
}
// Set and wordwrap message body
$body = "From: $name\n\n";
$body .= "Message: $message";
$body = wordwrap($body, 70);
// Build header
$header = "From: $email\n";
$header .= "X-Mailer: PHP/SimpleModalContactForm";
// Send email
@mail($to, $subject, $body, $header) or
die('Unfortunately, your message could not be delivered.');
}
public function getContent()
{
// User is logged in
if (LOGGED) {
$this->subcodename = 'logged';
$tpl = new PHPTAL('blocks/user_panel/logged.html');
$tpl->user = User::format(User::$id, User::$nickname, User::$groupId);
$pm_item = User::$pmNew ? array(t('Messages <strong>(New: %new)</strong>', array('%new' => $user->pm_new)), 'pm/inbox') : array(t('Messages'), 'pm');
$tpl->items = items(array($pm_item[0] => HREF . $pm_item[1], t('Administration') => HREF . 'admin', t('Edit profile') => HREF . 'edit_profile', t('Log out') => HREF . 'logout'));
return $tpl->execute();
} else {
$err = new Error();
$note = new Notifier('note-user_panel');
$this->subcodename = 'not_logged';
$form = array('logname' => null, 'password' => null);
if ($_POST['login'] && $_POST['user_panel']) {
$form['logname'] = $_POST['logname-session'] ? filter($_POST['logname-session'], 100) : '';
$form['password'] = $_POST['password-session'] ? $_POST['password-session'] : '';
$err->setError('logname_empty', t('Logname field is required.'))->condition(!$form['logname']);
$err->setError('logname_not_exists', t('Entered logname is not registered.'))->condition(!User::loginNameRegistered($form['logname']));
$err->setError('password_empty', t('Password field is required.'))->condition(!$form['password']);
$err->setError('password_incorrect', t('ERROR_PASS_INCORRECT'))->condition($form['password'] && !User::loginPasswordCorrect($form['password']));
if ($err->noErrors()) {
redirect('./');
} else {
$note->error($err->toArray());
}
}
$tpl = new PHPTAL('blocks/user_panel/not_logged.html');
$tpl->note = $note;
$tpl->form = $form;
$tpl->err = $err->toArray();
return $tpl->execute();
}
}
public function getrelayipAction()
{
global $_u, $_c, $_p;
$relay_name = filter($_c->getUriParams(1));
$lighthouse_url = LIGHTHOUSE_HOST . '/getrelayip/' . $relay_name;
echo $relay_host = trim(implode(file($lighthouse_url)));
}
function getMovieLinks($inputString)
{
$json = json_decode(file_get_contents("data.json"), true);
$minEditDistance = strlen($inputString) + 1;
$minMovieLink = "";
$finalList = array();
$inputString = filter($inputString);
foreach ($json as $movieName => $movieLink) {
$currentEditDistance = getEditDistance($inputString, filter($movieName));
if ($currentEditDistance < $minEditDistance) {
$minEditDistance = $currentEditDistance;
$finalList = array();
$finalList[$movieName] = $movieLink;
} else {
if ($currentEditDistance == $minEditDistance) {
$finalList[$movieName] = $movieLink;
}
}
}
/*
foreach($finalList as $movieName=>$movieLink)
echo $movieName." ".$movieLink."<br>";
*/
return $finalList;
}
public function add()
{
//关闭数据库缓存
$this->db->cache_off();
$token = $this->input->post('token', TRUE);
$add['neir'] = $this->input->post('neir', TRUE);
$add['neir'] = filter(get_bm($add['neir']));
if (User_BookFun == 0) {
$error = '10000';
} elseif (!isset($_SESSION['gbooktoken']) || $token != $_SESSION['gbooktoken']) {
$error = '10001';
} elseif (empty($add['neir'])) {
$error = '10002';
} else {
$add['uidb'] = isset($_SESSION['cscms__id']) ? intval($_SESSION['cscms__id']) : 0;
$add['cid'] = 1;
$add['ip'] = getip();
$add['addtime'] = time();
$ids = $this->CsdjDB->get_insert('gbook', $add);
if (intval($ids) == 0) {
$error = '10003';
//失败
} else {
//摧毁token
unset($_SESSION['token']);
$error = '10004';
}
}
$data['error'] = $error;
echo json_encode($data);
}
public static function display()
{
$messages = "";
if ($_POST['cc_form'] === 'add-group') {
$group = $_POST['group'];
$rows = Database::select('users', 'name', array('name = ? AND type = ?', $group, 'group'), null, 1)->fetch(PDO::FETCH_ASSOC);
if (!empty($rows)) {
$messages .= Message::error(__('admin', 'group-in-use'));
} else {
$row = DB::select('users', array('data'), array('users_id = ?', $_GET['parent']))->fetch(PDO::FETCH_ASSOC);
$inheritance = unserialize($row['data']);
$inheritance = $inheritance['permissions'];
$result = Database::insert('users', array('name' => filter('admin_add_group_name', $group), 'type' => 'group', 'group' => '-1', 'data' => serialize(filter('admin_add_group_data', array('permissions' => $inheritance)))));
if ($result === 1) {
$messages .= Message::success(__('admin', 'group-added'));
}
}
}
$form = new Form('self', 'post', 'add-group');
$form->startFieldset(__("admin", 'group-information'));
$form->addInput(__('admin', 'group-name'), 'text', 'group', self::get('group'));
$groups = Users::allGroups();
foreach ($groups as $key => $value) {
$groups[$value->getId()] = $value->getName();
}
$form->addSelectList(__('admin', 'inherit-permissions'), 'parent', $groups);
plugin('admin_add_group_custom_fields', array(&$form));
$form->addSubmit('', 'add-group', __('admin', 'add-group'));
$form->endFieldset();
plugin('admin_add_group_custom_fieldset', array(&$form));
$form = $form->endAndGetHTML();
return array(__('admin', 'add-group'), $messages . $form);
}
public function testHelpersFacade()
{
$this->assertInstanceOf(\Clarity\Support\Auth\Auth::class, auth());
$this->assertInstanceOf(\Phalcon\Config::class, config());
$this->assertInstanceOf(\Phalcon\Mvc\Dispatcher::class, dispatcher());
$this->assertInstanceOf(\Phalcon\Filter::class, filter());
$this->assertInstanceOf(\Phalcon\Flash\Direct::class, flash()->direct());
$this->assertInstanceOf(\Phalcon\Flash\Session::class, flash()->session());
$this->assertInstanceOf(\League\Flysystem\Filesystem::class, flysystem());
$this->assertInstanceOf(\League\Flysystem\MountManager::class, flysystem_manager());
$this->assertInstanceOf(\Clarity\Support\Redirect\Redirect::class, redirect());
$this->assertInstanceOf(\Clarity\Support\Phalcon\Http\Request::class, request());
$this->assertInstanceOf(\Phalcon\Http\Response::class, response());
$this->assertInstanceOf(\Phalcon\Mvc\Router::class, route());
$this->assertInstanceOf(\Phalcon\Security::class, security());
$this->assertInstanceOf(\Phalcon\Tag::class, tag());
$this->assertInstanceOf(\Phalcon\Mvc\Url::class, url());
$this->assertInstanceOf(\Phalcon\Mvc\View::class, view());
# getting an error, will check later on
$this->assertInstanceOf(\Monolog\Logger::class, logger());
# adapter base functions
// $this->assertInstanceOf(, cache());
// $this->assertInstanceOf(, db());
// $this->assertInstanceOf(, queue());
// $this->assertInstanceOf(, session());
$this->assertContains(url()->getBaseUri() . 'auth/login', route('showLoginForm'));
$this->assertInstanceOf(\Phalcon\Mvc\View::class, view('welcome'));
}
function DoAdd()
{
$this->_check_login();
$longtext = $this->Post['longtext'] ? $this->Post['longtext'] : $this->Get['longtext'];
if ('' == trim(strip_tags($longtext))) {
json_error('内容不能为空');
}
$f_rets = filter($longtext);
if ($f_rets && $f_rets['error']) {
json_error('内容 ' . $f_rets['msg']);
}
$data_length_limit = $this->Config['topic_cut_length'] * 2;
$retval_data = trim(strip_tags($longtext));
$retval_data_length = strlen($retval_data);
$ret = 0;
$ret_msg = '';
if ($retval_data_length > $data_length_limit) {
$ret = $this->LongtextLogic->add($longtext);
if ($ret < 1) {
json_error('内容添加失败');
} else {
$ret_msg = '内容添加成功';
}
} else {
$ret_msg = '内容长度过短,点击确定按钮直接发起一条微博';
}
$retval = array('id' => $ret, 'data' => cut_str($retval_data, $data_length_limit, ''));
json_result($ret_msg, $retval);
}
function __invoke($value)
{
foreach ($this->filters as $filter) {
$value = filter($value, $filter);
}
return $value;
}
public static function GetDatasource($datasource,$offset=null,$limit=null,&$count=null)
{
// format for datasource is:
// controller://path/path?arg1=val&q=asdads asd ad ad&arg=[123,232,123]
// channel://channel/datasource?arg1=val&q=asdads asd ad ad&arg=[123,232,123]
// model://profiles/profile_view?arg1!=val&q=asdads asd ad ad&arg=[123,232,123]
$matches=array();
if (preg_match_all('#^([^:]*):\/\/([^?]*)(.*)$#',$datasource,$matches))
{
switch($matches[1][0])
{
case 'controller':
return Dispatcher::Call($matches[2][0]);
case 'model':
$parsed=explode('.',$matches[2][0]);
if (count($parsed)==2)
{
$filter=filter($matches[2][0]);
if ($offset)
$filter->offset=$offset;
if ($limit)
$filter->limit=$limit;
if ($matches[3][0]!='')
$filter->parse(trim($matches[3][0],'?'));
if ($count==null)
$count=$filter->get_count();
return $filter->find();
}
return null;
case 'channel':
$parsed=explode('/',$matches[2][0]);
$channel=Channel::Get($parsed[0]);
$query=trim($matches[3][0],'?');
$args=array();
if ($query!="")
{
$items=explode('&',$query);
foreach($items as $item)
{
$element=explode('=',$item);
$args[trim($element[0])]=trim($element[1]);
}
}
return $channel->datasource($parsed[1],$offset,$limit,$count,$args);
}
}
}
function COOKIE($cookie)
{
if (isset($_COOKIE[$cookie])) {
return filter($_COOKIE[$cookie]);
} else {
return FALSE;
}
}
public function __construct(array $config = [])
{
$this->config = config(['title' => 'Sphido CMS', 'cache' => false, 'content' => realpath(getcwd() . '/pages/'), 'meta' => ['template' => getcwd() . '/layout.latte']], $config, is_file(getcwd() . '/config.php') ? include_once getcwd() . '/config.php' : []);
\route\map([404, 500], new MissingPage());
// add error handler
\route\map(filter(Sphido::class, $this));
// pages handler
}
public function testFilter()
{
$range = range(-5, 5);
$filtered = filter(function ($n) {
return $n < 0;
}, $range);
$this->assertSame([-5, -4, -3, -2, -1], toArray($filtered));
}
/**
* Includes the theme file for the given theme. (it is pretty important).
*
* @param string $theme The name of the theme!
*/
function cc_theme_include($theme)
{
plugin('core_theme_include', array($theme));
$file = filter('core_theme_include', TH_ROOT . TH_THEMES . $theme . '/index.tpl.php');
if (file_exists($file)) {
require_once $file;
}
}
public function testBadCombinator()
{
try {
filter('ID')->equal->value('value')->foo->filter('FOO')->not_equal->value('bar');
$this->fail('Bad combinator should have raised exception!');
} catch (AfsUnknownCombinatorException $e) {
}
}
function myFunc($input)
{
$output = $input;
// Do something
$output = filter('myFuncFilter', $output);
// Call filter function for the any filters hooked to myFuncFilter
return $output;
// Return
}
function page_protect()
{
//session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/sessions'));
//session_save_path('/hermes/bosweb/web032/b328/ipg.undosonet/miconexionv173/sitio-php/sessions');
//ini_set('session.gc_probability', 1);
//echo session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/sessions'));
session_start();
global $db;
/* Secure against Session Hijacking by checking user agent */
if (isset($_SESSION['HTTP_USER_AGENT'])) {
if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) {
logout();
exit;
}
}
// before we allow sessions, we need to check authentication key - ckey and ctime stored in database
/* If session not set, check for cookies set by Remember me */
if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) {
if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])) {
/* we double check cookie expiry time against stored in database */
$cookie_user_id = filter($_COOKIE['user_id']);
$stmt = $conn->prepare('SELECT `ckey`,`ctime` FROM users WHERE id = :Id');
$stmt->execute(array('Id' => $cookie_user_id));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as $row) {
$ckey = $row["ckey"];
$ctime = $row["ctime"];
}
// coookie expiry
if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) {
logout();
}
/* Security check with untrusted cookies - dont trust value stored in cookie.
/* We also do authentication check of the `ckey` stored in cookie matches that stored in database during login*/
if (!empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)) {
session_regenerate_id();
//against session fixation attacks.
$_SESSION['user_id'] = $_COOKIE['user_id'];
$_SESSION['user_name'] = $_COOKIE['user_name'];
/* query user level from database instead of storing in cookies */
$stmt2 = $conn->prepare("SELECT user_level FROM users WHERE id= :Id");
$stmt2->execute(array('Id' => $_SESSION[user_id]));
$rows = $stmt2->fetchAll(PDO::FETCH_ASSOC);
foreach ($rows as $row) {
$user_level = $row["user_level"];
}
$_SESSION['user_level'] = $user_level;
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
} else {
logout();
}
} else {
header("Location: login.php");
exit;
}
}
}
function SESSION($session, $value = false)
{
if (!$value) {
return isset($_SESSION[$session]) ? $_SESSION[$session] : false;
} else {
$_SESSION[$session] = filter($value);
}
return true;
}
