コード例 #1
0
/**
 * Function which returns a correct filename, means to add a slash at the beginning if there wasn't one.
 *
 * @param string filename the filename
 *
 * @return string the corrected filename
 *
 * @author Florian Lippert <*****@*****.**>
 * @author Michael Russ <*****@*****.**>
 * @author Martin Burchert <*****@*****.**>
 */
function makeCorrectFile($filename)
{
    if (substr($filename, 0, 1) != '/') {
        $filename = '/' . $filename;
    }
    $filename = makeSecurePath($filename);
    return $filename;
}
コード例 #2
0
/**
 * Function which returns a correct dirname, means to add slashes at the beginning and at the end if there weren't some
 *
 * @param string The dirname
 * @return string The corrected dirname
 * @author Florian Lippert <*****@*****.**>
 */
function makeCorrectDir($dir)
{
    if (substr($dir, -1, 1) != '/') {
        $dir .= '/';
    }
    if (substr($dir, 0, 1) != '/') {
        $dir = '/' . $dir;
    }
    $dir = makeSecurePath($dir);
    return $dir;
}
コード例 #3
0
/**
 * Function which returns a correct dirname, means to add slashes at the beginning and at the end if there weren't some
 *
 * @param string The dirname
 * @return string The corrected dirname
 * @author Florian Lippert <*****@*****.**>
 */
function makeCorrectDir($dir)
{
    assert('is_string($dir) && strlen($dir) > 0 /* $dir does not look like an actual folder name */');
    $dir = trim($dir);
    if (substr($dir, -1, 1) != '/') {
        $dir .= '/';
    }
    if (substr($dir, 0, 1) != '/') {
        $dir = '/' . $dir;
    }
    $dir = makeSecurePath($dir);
    return $dir;
}
コード例 #4
0
/**
 * Function which returns a correct filename, means to add a slash at the beginning if there wasn't one
 *
 * @param string filename the filename
 * @return string the corrected filename
 * @author Florian Lippert <*****@*****.**>
 * @author Michael Russ <*****@*****.**>
 * @author Martin Burchert <*****@*****.**>
 */
function makeCorrectFile($filename)
{
    if (!isset($filename) || trim($filename) == '') {
        $error = 'Given filename for function ' . __FUNCTION__ . ' is empty.' . "\n";
        $error .= 'This is very dangerous and should not happen.' . "\n";
        $error .= 'Please inform the Froxlor team about this issue so they can fix it.';
        die($error);
    }
    if (substr($filename, 0, 1) != '/') {
        $filename = '/' . $filename;
    }
    $filename = makeSecurePath($filename);
    return $filename;
}
コード例 #5
0
ファイル: cron_legacy.php プロジェクト: HobbyNToys/SysCP
 * END REDUNDANT CODE (CRONSCRIPT "HEADER")
 */
/**
 * Check if table exists, otherwise create it
 */
$tables = getTables($db);
if (!isset($tables[TABLE_PANEL_CRONSCRIPT]) || !is_array($tables[TABLE_PANEL_CRONSCRIPT])) {
    $db->query('CREATE TABLE `' . TABLE_PANEL_CRONSCRIPT . '` (  `id` int(11) unsigned NOT NULL auto_increment,  `file` varchar(255) NOT NULL default \'\',  PRIMARY KEY  (`id`) ) TYPE=MyISAM ; ');
}
/**
 * Backend Wrapper
 */
$query = 'SELECT * FROM `' . TABLE_PANEL_CRONSCRIPT . '` ';
$cronFileIncludeResult = $db->query($query);
while ($cronFileIncludeRow = $db->fetch_array($cronFileIncludeResult)) {
    $cronFileIncludeFullPath = makeSecurePath($pathtophpfiles . '/scripts/' . $cronFileIncludeRow['file']);
    if (fileowner($cronFileIncludeFullPath) == fileowner($pathtophpfiles . '/scripts/' . $filename) && filegroup($cronFileIncludeFullPath) == filegroup($pathtophpfiles . '/scripts/' . $filename)) {
        fwrite($debugHandler, 'Processing ...' . $cronFileIncludeFullPath . "\n");
        include_once $cronFileIncludeFullPath;
        fwrite($debugHandler, 'Processing done!' . "\n");
    } else {
        fwrite($debugHandler, 'WARNING! uid and/or gid of "' . $cronFileIncludeFullPath . '" and "' . $pathtophpfiles . '/scripts/' . $filename . '" don\'t match! Execution aborted!' . "\n");
        $keepLockFile = true;
    }
}
/**
 * STARTING CRONSCRIPT FOOTER
 */
include $pathtophpfiles . '/lib/cron_shutdown.php';
/**
 * END CRONSCRIPT FOOTER
コード例 #6
0
ファイル: admin_templates.php プロジェクト: fritz-net/Froxlor
    }
} elseif ($action == 'add') {
    if (Settings::Get('panel.sendalternativemail') == 1) {
        $available_templates[] = 'pop_success_alternative';
    }
    if (isset($_POST['prepare']) && $_POST['prepare'] == 'prepare') {
        //email templates
        $language = htmlentities(validate($_POST['language'], 'language', '/^[^\\r\\n\\0"\']+$/', 'nolanguageselect'));
        $template = validate($_POST['template'], 'template');
        $lng_bak = $lng;
        foreach ($langs['English'] as $key => $value) {
            include_once makeSecurePath($value['file']);
        }
        if ($language != 'English') {
            foreach ($langs[$language] as $key => $value) {
                include makeSecurePath($value['file']);
            }
        }
        $subject = $lng['mails'][$template]['subject'];
        $body = str_replace('\\n', "\n", $lng['mails'][$template]['mailbody']);
        $lng = $lng_bak;
        $template_add_data = (include_once dirname(__FILE__) . '/lib/formfields/admin/templates/formfield.template_add.php');
        $template_add_form = htmlform::genHTMLForm($template_add_data);
        $title = $template_add_data['template_add']['title'];
        $image = $template_add_data['template_add']['image'];
        eval("echo \"" . getTemplate("templates/templates_add_2") . "\";");
    } elseif (isset($_POST['send']) && $_POST['send'] == 'send') {
        //email templates
        $language = htmlentities(validate($_POST['language'], 'language', '/^[^\\r\\n\\0"\']+$/', 'nolanguageselect'));
        $template = validate($_POST['template'], 'template');
        $subject = validate($_POST['subject'], 'subject', '/^[^\\r\\n\\0]+$/', 'nosubjectcreate');
コード例 #7
0
ファイル: init.php プロジェクト: Git-Host/Froxlor
    } else {
        $language = $userinfo['def_language'];
    }
}
// include every english language file we can get
foreach ($langs['English'] as $key => $value) {
    include_once makeSecurePath($value['file']);
}
// now include the selected language if its not english
if ($language != 'English') {
    foreach ($langs[$language] as $key => $value) {
        include_once makeSecurePath($value['file']);
    }
}
// last but not least include language references file
include_once makeSecurePath('lng/lng_references.php');
// Initialize our new link - class
$linker = new linker('index.php', $s);
/**
 * global Theme-variable
 */
$theme = Settings::Get('panel.default_theme') !== null ? Settings::Get('panel.default_theme') : $_deftheme;
/**
 * overwrite with customer/admin theme if defined
 */
if (isset($userinfo['theme']) && $userinfo['theme'] != $theme) {
    $theme = $userinfo['theme'];
}
// Check if a different variant of the theme is used
$themevariant = "default";
if (preg_match("/([a-z0-9\\.\\-]+)_([a-z0-9\\.\\-]+)/i", $theme, $matches)) {