public function GetSqliteFile() { if (Config::GetInstance()->sdrive) { return Config::GetInstance()->sdrive['sdrive_account_datastore_path'] . WRITEDB; } return ''; }
function __construct($cfg_section) { parent::__construct($cfg_section); $sqlite_folder = Config::GetInstance()->GetStorageFolder(2); $db = Config::GetInstance()->GetConfig('settings', 'data_settings', $cfg_section); if (!$db) { writeErrorLog('Failed to get configuration data in ' . __CLASS__ . ' for section: ', $cfg_section); $this->errors[] = array('err' => _T('Failed to open database.')); return; } // database names longer than 248 chars won't work // (it seems sqlite has no problem with table names in excess of 450 chars) if (strlen($db->database) > 200) { $dbname = substr($db->database, 0, 200) . md5($db->database); } else { $dbname = $db->database; } try { try { $this->db = new PDO('sqlite:' . $sqlite_folder . $dbname); } catch (PDOException $e) { if (file_exists($sqlite_folder) || !mkdir($sqlite_folder, 0755, true)) { throw $e; } $this->db = new PDO('sqlite:' . $sqlite_folder . $dbname); } } catch (PDOException $e) { // Something happened and couldn't connect to SQLLite writeErrorLog('Problems connecting to SQLite ' . $sqlite_folder . $dbname . ': [' . $e->getCode() . ']', $e->getMessage()); $this->errors[] = array('err' => _T('Failed to open database [%s] %s', array($e->getCode(), $e->getMessage()))); } }
/** * CoffeeCup Software's Web Form Builder. * * Create product definitions from form fields that the SCC cart accepts. * * * @version $Revision: 2456 $ * @author Cees de Gruijter * @category FB * @copyright Copyright (c) 2011 CoffeeCup Software, Inc. (http://www.coffeecup.com/) */ function makeprices($checkoutctr) { $pricer = new FieldPricer(); $pricer->setDecimals(Config::GetInstance()->GetConfig('settings', 'payment_settings', 'decimals')); // first get the fixed form price $descr = Config::GetInstance()->GetConfig('settings', 'payment_settings', 'invoicelabel'); $price = Config::GetInstance()->GetConfig('settings', 'payment_settings', 'fixedprice'); if ($price > 0) { $prd = new Prod(); $prd->productid = 'formid_' . $checkoutctr->GetFormName(); // name and description should be the same unless the descr really adds info $prd->name = empty($descr) ? $prd->productid : $descr; $prd->shortdescription = ''; $prd->yourprice = $price; $prd->quantity = 1; $pricer->addProduct($prd); } $payrules = Config::GetInstance()->GetConfig('payment_rules'); $rules = Config::GetInstance()->GetConfig('rules'); foreach ($checkoutctr->getFormPost() as $name => $value) { if (isset($payrules->{$name}) && isset($rules->{$name})) { // create method name like: "field_type"_"payment_type" $fieldtype = $rules->{$name}->fieldtype . '_' . $payrules->{$name}->type; if (method_exists('FieldPricer', $fieldtype)) { $pricer->{$fieldtype}(Config::GetInstance()->GetOriginalPostKey($name), $value, $payrules->{$name}); } else { writeErrorLog('Missing pricer method:', $fieldtype); } } } return $pricer->getProducts(); }
private function _Connect() { // connect to the database if ($this->db === false) { if (Config::GetInstance()->sdrive) { $this->db = new DataAccessSQLite('save_sqlite'); // attach the transaction database if the form uses payments if (Config::GetInstance()->UsePayments()) { $dbfile = TransactionLogger::GetInstance()->GetSqliteFile(); if (empty($dbfile) || !file_exists($dbfile)) { writeErrorLog('Tried to attach transaction log, but file is not defined or doesn\'t exist:', $dbfile); } else { $this->transacts = $this->db->AttachTransActions($dbfile); } } } else { $this->db = new DataAccessMySQL('save_database'); } } }
/** * default action of this controller: proxy media data */ public function index_action() { $url = Request::get('url'); $media_proxy = new MediaProxy(); $config = Config::GetInstance(); $modified_since = NULL; if (!Seminar_Session::is_current_session_authenticated() || $config->getValue('LOAD_EXTERNAL_MEDIA') != 'proxy') { throw new AccessDeniedException(); } if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { $modified_since = strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']); } ini_set('default_socket_timeout', 5); $this->render_nothing(); //stop output buffering started in Trails_Dispatcher::dispatch() while (ob_get_level()) { ob_end_clean(); } try { $media_proxy->readURL($url, $modified_since); } catch (MediaProxyException $ex) { header($ex->getMessage()); } }
/** * CoffeeCup Software's Web Form Builder. * * Functions to merge posted data into the HTML form definition. * * * @version $Revision: 2456 $ * @author Cees de Gruijter * @category FB * @copyright Copyright (c) 2011 CoffeeCup Software, Inc. (http://www.coffeecup.com/) */ function MergeFormPost($post = false) { if (!$post) { $post =& $_POST; } $dom = new DOMDocument('1.0', 'UTF-8'); if (!$dom->loadHTML(FormPage::GetInstance()->source)) { writeErrorLog('Failed to parse HTML form.'); return; } $errors = FormPage::GetInstance()->GetErrors(true); $processed_names = array(); $display_max_error = Config::GetInstance()->GetConfig('special', 'maxnumerrors'); if ($display_max_error === false) { $display_max_error = 1000; } // some ridiculously large number // get all input nodes with a name $xpath = new DOMXpath($dom); foreach ($xpath->query('//input[@name]') as $e) { $tagname = $e->getAttribute('name'); $tagname_stripped = str_replace('[]', '', $tagname); // checkboxes have a names like "check1[]", but only "check1" is present in $post if (isset($post[$tagname]) || isset($post[$tagname_stripped])) { switch ($e->getAttribute('type')) { case 'radio': if ($e->getAttribute('value') == $post[$tagname]) { $e->setAttributeNode(new DOMAttr('checked', 'checked')); } break; case 'checkbox': if (isset($post[$tagname_stripped]) && is_array($post[$tagname_stripped]) && in_array($e->getAttribute('value'), $post[$tagname_stripped])) { $e->setAttributeNode(new DOMAttr('checked', 'checked')); } break; case 'file': break; default: $e->setAttributeNode(new DOMAttr('value', $post[$tagname])); } } if (!empty($tagname_stripped) && !in_array($tagname_stripped, $processed_names)) { if ($display_max_error > 0) { InserErrorLabel($dom, $e, $errors); --$display_max_error; } $processed_names[] = $tagname_stripped; } } // get all select nodes with a name foreach ($xpath->query('//select[@name]') as $e) { // findout if the name is defined as an array[] or as a scalar $name = $e->getAttribute('name'); $is_array = false; if (($p = strpos($name, '[]')) !== false) { $name = substr($name, 0, -2); $is_array = true; } if (isset($post[$name])) { foreach ($e->getElementsByTagName('option') as $child) { // set or unset the selected attribute if ($is_array) { if (in_array($child->getAttribute('value'), $post[$name]) && !$child->hasAttribute('selected')) { $child->setAttributeNode(new DOMAttr('selected', 'selected')); } else { if ($child->hasAttribute('selected')) { $child->removeAttribute('selected'); } } } else { if ($child->getAttribute('value') == $post[$name] && !$child->hasAttribute('selected')) { $child->setAttributeNode(new DOMAttr('selected', 'selected')); } else { if ($child->hasAttribute('selected')) { $child->removeAttribute('selected'); } } } } } if (!empty($name) && !in_array($name, $processed_names)) { InserErrorLabel($dom, $e, $errors); $processed_names[] = $name; } } // get all textarea nodes with a name foreach ($xpath->query('//textarea[@name]') as $e) { $name = $e->getAttribute('name'); if (isset($post[$name])) { $e->appendChild($dom->createTextNode($post[$name])); } if (!in_array($name, $processed_names)) { InserErrorLabel($dom, $e, $errors); $processed_names[] = $name; } } // reCaptcha error should also be placed underneath the field if (isset($errors['reCaptcha'])) { $node = $dom->createElement('label', $errors['reCaptcha']); $node->setAttributeNode(new DOMAttr('for', 'fb-captcha_control')); $node->setAttributeNode(new DOMAttr('class', 'error')); $dom->getElementById('fb-captcha_control')->appendChild($node); $processed_names[] = 'reCaptcha'; } // add errors from fields that we haven't processed yet to the error div MakeErrorNode($dom, $errors, $processed_names); return $dom->saveHTML(); }
// on S-Drive the cart scripts are taken directly from the resources $buildnum = Config::GetInstance()->GetConfig('resource_version'); if (!$buildnum) { writeErrorLog('Parameter missing or empty in form.cfg.dat', 'resource_version'); } $cartpath = CC_HOSTING_RESOURCES . DIRECTORY_SEPARATOR . 'FB' . DIRECTORY_SEPARATOR . $buildnum . DIRECTORY_SEPARATOR . 'fb'; set_include_path(get_include_path() . PATH_SEPARATOR . $cartpath); // add this constant to the file names to include instead of adding it to the include path // as a type of name spacing define('CARTREVISION', 'cartapp'); } else { // A version number is added to the folder name for forward compatibility. FB increments this // number if changes are NOT backward compatible. FB must also create the corrresponding // folder (leaving the old folder for forms made and uploaded with a previous version). define('CARTREVISION', 'cartapp_v1'); Config::GetInstance()->LoadConfig(); } // catch warnings with our own error handler to ignore them as appropriate set_error_handler('myErrorHandler', E_WARNING); /*** end of global config ***/ /*********** utility functions ************/ // define our auto-loader for classes function __autoload($class_name) { global $scriptpath; include $scriptpath . '/fbapp/php/' . strtolower($class_name) . '.cls.php'; } // shows warning more user-friendly function myErrorHandler($errno, $errstr, $errfile, $errline) { // some fopen() may fail because the files are optional
/** * Adding Stud.IP formatted code to the current page of the pdf. * Remember to call addPage first. * @param string $content Stud.IP formatted code */ public function addContent($content) { preg_match_all("#\\[comment(=.*)?\\](.*)\\[/comment\\]#msU", $content, $matches); if (count($matches[0])) { $endnote .= "<br><br>" . _("Kommentare") . "<hr>"; for ($i = 0; $i < count($matches[0]); $i++) { $endnote .= $i + 1 . ") " . htmlReady(substr($matches[1][$i], 1)) . ": " . htmlReady($matches[2][$i]) . "<br>"; } } $content = preg_replace("#\\[comment(=.*)?\\](.*)\\[/comment\\]#emsU", '$this->addEndnote("//1", "//2")', $content); $content = formatReady($content, true, true, true, null); $content = str_replace("<table", "<table border=\"1\"", $content); // Since TCPDF cannot handle missing images at all, the content needs // to be cleaned from those (see tickets #2957, #3329 and #3688) $content = preg_replace_callback('/<img[^>]+src="(.*?)"[^>]*>/', function ($match) { $url = $match[1]; // Detect possible html entities in url and remove them if (strpos($url, '&') !== false) { $url = html_entity_decode($url); } // Handle optional media proxy if (Config::GetInstance()->LOAD_EXTERNAL_MEDIA) { $parsed = parse_url($url); // Detect media proxy if (strpos($parsed['path'], 'media_proxy') !== false && strpos($parsed['query'], 'url=') !== false) { // Remove media proxy parse_str($parsed['query'], $parameters); $url = $parameters['url']; } } // Fetch headers from url, handle possible redirects do { $headers = get_headers($url, true); list(, $status) = explode(' ', $headers[0]); $url = $header['Location'] ?: $header['location'] ?: $url; } while (in_array($status, array(300, 301, 302, 303, 305, 307))); $status = $status ?: 404; // Replace image with link on error (and not internal), otherwise return sainitized // url return (!is_internal_url($url) || $status == 404) && $status >= 400 ? sprintf('[<a href="%s">%s</a>]', $url, basename($url)) : str_replace($match[1], $url, $match[0]); }, $content); $this->writeHTML($content . $endnote); }
public function required($name, $rules) { if (!isset($rules->required) || !$rules->required) { return true; } $error = false; if ($rules->fieldtype == 'fileupload') { $name = Config::GetInstance()->GetOriginalPostKey($name); $error = !isset($_FILES[$name]) || $_FILES[$name]['size'] == 0 || $_FILES[$name]['error'] == UPLOAD_ERR_NO_FILE; } else { $tmp = isset($this->input[$name]) ? $this->input[$name] : ''; if (is_array($tmp)) { $error = empty($tmp); } else { $error = empty($tmp) && strlen($tmp) == 0; } } if ($error) { $this->_errormsg($name, $rules, _T('"%s" is a required field and cannot be empty.', empty($rules->label) ? $name : $rules->label)); } return !$error; }
/** * Upgrade the application code to the latest version. * @throws Exception * @param bool $verify_updatable Whether or not to verify if installation is updatable, defaults to false * @return array Backup file information */ public function runUpdate($file_path, $verify_updatable = false) { $app_dir = preg_replace("/\\/_lib\\/controller/", '', $file_path); // do we have the disk space we need? $disk_util = new AppUpgraderDiskUtil($app_dir); $disk_space_megs = $disk_util->getAvailableDiskSpace(); // do we have the perms to do what we need? $disk_util->validateUpdatePermissions($app_dir); // do we need to update? $update_client = new AppUpgraderClient(); $update_info = $update_client->getLatestVersionInfo(); require dirname(__FILE__) . '/../../install/version.php'; $version = Config::GetInstance()->getvalue('THINKUP_VERSION'); if ($update_info['version'] < $version) { throw new Exception("You are running the latest version of ThinkUp."); } if ($verify_updatable == true) { return array('latest_version' => $update_info['version']); } // download zip... $update_zip_data = $update_client->getLatestVersionZip($update_info['url']); $update_zip = $disk_util->writeZip($update_zip_data); $zip = new ZipArchive(); $open_result = $zip->open($update_zip); if ($open_result !== true) { unlink($update_zip); throw new Exception("Unable to extract " . $update_zip . ". ZipArchive::open failed with error code " . $open_result); } $num_files = $zip->numFiles; if ($num_files < 1) { unlink($update_zip); throw new Exception("Unable to extract " . $update_zip . ". ZipArchive->numFiles is " . $num_files); } $backup_file_info = array(); $backup_file_info = $disk_util->backupInstall(); $disk_util->deleteOldInstall(); $data_path = FileDataManager::getDataPath(); if ($zip->extractTo($data_path) !== true) { throw new Exception("Unable to extract new files into {$app_dir}: " . $zip->getStatusString()); } else { $new_version_dir = $data_path . 'thinkup'; $disk_util->recurseCopy($new_version_dir, $app_dir); // delete install files $disk_util->deleteDir($new_version_dir); unlink($update_zip); } //replace config file copy($backup_file_info['config'], "{$app_dir}/config.inc.php"); return $backup_file_info; }
private function _GooglePay() { Config::GetInstance()->InitSession(); $payment = new CheckoutController(); $msg = $payment->DoGoogleCheckout(); if (!empty($msg)) { FormPage::GetInstance()->SetErrors(array(array('field' => 'Form', 'err' => $msg))); } }
function _SubstituteAddress($name) { $matches = array(); $r = preg_match_all('\'\\[([^\\]]+)\\]\'', $name, $matches, PREG_PATTERN_ORDER); if ($r === false) { writeErrorLog('Error in regex parsing:', $name); } if (!$r) { return trim($name); } foreach ($matches[1] as $match) { // check if this is an email field and get its value if it is $match = strtolower($match); if ((Config::GetInstance()->GetConfig('rules', $match, 'fieldtype') == 'email' || Config::GetInstance()->GetConfig('rules', $match, 'contactList')) && isset(FormPage::GetInstance()->post[$match])) { $name = str_ireplace('[' . $match . ']', FormPage::GetInstance()->post[$match], $name); } } return trim($name); }
/** * @return bool|string */ function auth_doregister() { global $_language_path; $this->error_msg = ""; // check for direct link to register2.php if (!$_SESSION['_language'] || $_SESSION['_language'] == "") { $_SESSION['_language'] = get_accepted_languages(); } $_language_path = init_i18n($_SESSION['_language']); $this->auth["uname"] = Request::username('username'); // This provides access for "crcregister.ihtml" $validator = new email_validation_class(); // Klasse zum Ueberpruefen der Eingaben $validator->timeout = 10; // Wie lange warten wir auf eine Antwort des Mailservers? if (!Seminar_Session::check_ticket(Request::option('login_ticket'))) { return false; } $username = trim(Request::get('username')); $Vorname = trim(Request::get('Vorname')); $Nachname = trim(Request::get('Nachname')); // accept only registered domains if set $cfg = Config::GetInstance(); $email_restriction = $cfg->getValue('EMAIL_DOMAIN_RESTRICTION'); if ($email_restriction) { $Email = trim(Request::get('Email')) . '@' . trim(Request::get('emaildomain')); } else { $Email = trim(Request::get('Email')); } if (!$validator->ValidateUsername($username)) { $this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist zu kurz!") . "<br>"; return false; } // username syntaktisch falsch oder zu kurz // auf doppelte Vergabe wird weiter unten getestet. if (!$validator->ValidatePassword(Request::quoted('password'))) { $this->error_msg = $this->error_msg . _("Das Passwort ist zu kurz!") . "<br>"; return false; } if (!$validator->ValidateName($Vorname)) { $this->error_msg = $this->error_msg . _("Der Vorname fehlt oder ist unsinnig!") . "<br>"; return false; } // Vorname nicht korrekt oder fehlend if (!$validator->ValidateName($Nachname)) { $this->error_msg = $this->error_msg . _("Der Nachname fehlt oder ist unsinnig!") . "<br>"; return false; // Nachname nicht korrekt oder fehlend } if (!$validator->ValidateEmailAddress($Email)) { $this->error_msg = $this->error_msg . _("Die E-Mail-Adresse fehlt oder ist falsch geschrieben!") . "<br>"; return false; } // E-Mail syntaktisch nicht korrekt oder fehlend $REMOTE_ADDR = $_SERVER["REMOTE_ADDR"]; $Zeit = date("H:i:s, d.m.Y", time()); if (!$validator->ValidateEmailHost($Email)) { // Mailserver nicht erreichbar, ablehnen $this->error_msg = $this->error_msg . _("Der Mailserver ist nicht erreichbar, bitte überprüfen Sie, ob Sie E-Mails mit der angegebenen Adresse verschicken und empfangen können!") . "<br>"; return false; } else { // Server ereichbar if (!$validator->ValidateEmailBox($Email)) { // aber user unbekannt. Mail an abuse! StudipMail::sendAbuseMessage("Register", "Emailbox unbekannt\n\nUser: {$username}\nEmail: {$Email}\n\nIP: {$REMOTE_ADDR}\nZeit: {$Zeit}\n"); $this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse ist nicht erreichbar, bitte überprüfen Sie Ihre Angaben!") . "<br>"; return false; } else { // Alles paletti, jetzt kommen die Checks gegen die Datenbank... } } $check_uname = StudipAuthAbstract::CheckUsername($username); if ($check_uname['found']) { // error_log("username schon vorhanden", 0); $this->error_msg = $this->error_msg . _("Der gewählte Benutzername ist bereits vorhanden!") . "<br>"; return false; // username schon vorhanden } if (count(User::findBySQL("Email LIKE " . DbManager::get()->quote($Email)))) { $this->error_msg = $this->error_msg . _("Die angegebene E-Mail-Adresse wird bereits von einem anderen Benutzer verwendet. Sie müssen eine andere E-Mail-Adresse angeben!") . "<br>"; return false; // Email schon vorhanden } // alle Checks ok, Benutzer registrieren... $hasher = UserManagement::getPwdHasher(); $new_user = new User(); $new_user->username = $username; $new_user->perms = 'user'; $new_user->password = $hasher->HashPassword(Request::get('password')); $new_user->vorname = $Vorname; $new_user->nachname = $Nachname; $new_user->email = $Email; $new_user->geschlecht = Request::int('geschlecht'); $new_user->title_front = trim(Request::get('title_front', Request::get('title_front_chooser'))); $new_user->title_rear = trim(Request::get('title_rear', Request::get('title_rear_chooser'))); $new_user->auth_plugin = 'standard'; $new_user->store(); if ($new_user->user_id) { self::sendValidationMail($new_user); $this->auth["perm"] = $new_user->perms; return $new_user->user_id; } }
/** * Remove old files from the media cache. */ public function garbageCollect() { $db = DBManager::get(); $config = Config::GetInstance(); $limit = (int) $config->getValue('MEDIA_CACHE_MAX_FILES'); $result = $db->query("SELECT id FROM media_cache ORDER BY expires DESC LIMIT {$limit}, 1000"); if ($ids = $result->fetchAll(PDO::FETCH_COLUMN)) { $this->removeCacheEntries($ids); } }
private function _makePublicUrl($fieldname, $filename) { // ensure the publicly visible folder exists if (!file_exists(Config::GetInstance()->getStorageFolder(4))) { mkdir(Config::GetInstance()->getStorageFolder(4)); } // use the rules to find out where the file is if (Config::GetInstance()->GetRulePropertyByName($fieldname, 'files') == true) { if (!copy(Config::GetInstance()->getStorageFolder(1) . $filename, Config::GetInstance()->getStorageFolder(4) . $filename)) { writeErrorLog('MailChimp plugin couldn\'t copy the uploaded file to a public folder', $filename); $this->setError(_T('Failed to copy the uploaded file %s to a publicly visible folder.', $filename)); return; } } else { // look for it in the uploads table if (isset($_FILES[$fieldname]) && file_exists($_FILES[$fieldname]['tmp_name'])) { $filename = SaveUploadAsFile(Config::GetInstance()->getStorageFolder(4), $_FILES[$fieldname]); if ($filename == false) { writeErrorLog('MailChimp plugin couldn\'t move the uploaded file to a public folder', $filename); $this->setError(_T('Failed to move the uploaded file %s to a publicly visible folder.', $filename)); return; } } } $servername = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']; $path = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : $_SERVER['PHP_SELF']; $path = substr($path, 0, strrpos($path, '/')); // encode the folders, not the '/'! $tmp = explode('/', $path); for ($i = 0; $i < count($tmp); ++$i) { $tmp[$i] = rawurlencode($tmp[$i]); } $path = implode('/', $tmp); // windows servers may set [HTTPS] => off, linux server usually don't set [HTTPS] at all if (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') { $protocol = 'https'; } else { $protocol = 'http'; } $url = $protocol . '://' . $servername; // only add the serverport when it differs from the default if (strpos($servername, ':') === false && ($_SERVER['SERVER_PORT'] != '80' || $protocol != 'http')) { $url .= ':' . $_SERVER['SERVER_PORT']; } return $url . $path . '/' . FormPage::GetInstance()->GetFormName() . CC_FB_STORAGE_FOLDER . CC_FB_PUBLIC_DIRECTORY . $filename; }
} } } // add skip links SkipLinks::addIndex(Navigation::getItem('/course/files/all')->getTitle(), 'main_content', 100); SkipLinks::addIndex(Navigation::getItem('/course/files/tree')->getTitle(), 'main_content', 100); $folder_tree = TreeAbstract::GetInstance('StudipDocumentTree', array('range_id' => $SessSemName[1])); $question = $msg = ''; if($zip_file_id === false){ $msg = 'error§' . sprintf(_("Der Zip Download ist fehlgeschlagen. Bitte beachten Sie das Limit von maximal %s Dateien und die maximale Größe der zu zippenden Dateien von %s MB."), (int)Config::GetInstance()->getValue('ZIP_DOWNLOAD_MAX_FILES'), (int)Config::GetInstance()->getValue('ZIP_DOWNLOAD_MAX_SIZE') ) . '§'; } //obskuren id+_?_ string zerpflücken if (strpos($open, "_") !== false){ list($open_id, $open_cmd) = explode('_', $open); } //Wenn nicht Rechte und Operation uebermittelt: Ist das mein Dokument und ist der Ordner beschreibbar? if (!$rechte && $open_cmd) { $query = "SELECT user_id, range_id FROM dokumente WHERE dokument_id = ?"; $statement = DBManager::get()->prepare($query); $statement->execute(array($open_id)); $result = $statement->fetch();
public function __construct() { $config = Config::GetInstance(); $config->setConfiguration(); }
public static function DoGarbageCollect() { $db = DBManager::get(); if (!Config::GetInstance()->getValue('NEWS_DISABLE_GARBAGE_COLLECT')) { $result = $db->query("SELECT news.news_id FROM news where (date+expire)<UNIX_TIMESTAMP()\n UNION DISTINCT\n SELECT news_range.news_id FROM news_range LEFT JOIN news USING (news_id) WHERE ISNULL(news.news_id)\n UNION DISTINCT\n SELECT news.news_id FROM news LEFT JOIN news_range USING (news_id) WHERE range_id IS NULL")->fetchAll(PDO::FETCH_COLUMN, 0); if (count($result) > 0) { $query = "DELETE FROM news WHERE news_id IN (?)"; $statement = DBManager::get()->prepare($query); $statement->execute(array($result)); $killed = $statement->rowCount(); $query = "DELETE FROM news_range WHERE news_id IN (?)"; $statement = DBManager::get()->prepare($query); $statement->execute(array($result)); object_kill_visits(null, $result); object_kill_views($result); StudipComment::DeleteCommentsByObject($result); } return $killed; } }
private function _PaymentFieldSubstitutions(&$needles, &$replacements) { $pr = Config::GetInstance()->GetConfig('payment_rules'); foreach ($pr as $name => $rule) { $needles[] = '[' . $name . _T('_invoicetext]'); if (isset($rule->use_invoice) && $rule->use_invoice && !empty($rule->invoice_label)) { $replacements[] = $rule->invoice_label; } else { $replacements[] = $name; } if ($this->cart) { $needles[] = '[' . $name . _T('_price]'); if ($price = $this->cart->getSubtotalPriceProduct($name)) { $replacements[] = $this->cursym . formatMoney($price, $this->divider); } else { $replacements[] = ''; } } } }
/** * * checks if the 'protected' flag of a file is set and if * the course access is closed * * @param string MD5 id of the file * @return bool */ function check_protected_download($document_id) { $ok = true; if (Config::GetInstance()->getValue('ENABLE_PROTECTED_DOWNLOAD_RESTRICTION')) { $doc = new StudipDocument($document_id); if ($doc->getValue('protected')) { $ok = false; $range_id = $doc->getValue('seminar_id'); if (get_object_type($range_id) == 'sem') { $seminar = Seminar::GetInstance($range_id); $timed_admission = $seminar->getAdmissionTimeFrame(); if ($seminar->isPasswordProtected() || $seminar->isAdmissionLocked() || ($timed_admission['end_time'] > 0 && $timed_admission['end_time'] < time())) { $ok = true; } else if (StudygroupModel::isStudygroup($range_id)) { $studygroup = Seminar::GetInstance($range_id); if ($studygroup->admission_prelim == 1) { $ok = true; } } } } } return $ok; }
protected function _CheckFields() { parent::_CheckFields(); // check for int/decimal changes $rules = Config::GetInstance()->GetConfig('rules'); foreach ($rules as $name => $format) { // table_description is filled before creating missing fields, but in that case // the field has been created with the right format if ($format->fieldtype == 'number' && isset($this->table_description[$name])) { if ($format->decimals == 0 && strpos($this->table_description[$name]['Type'], 'int') === false) { $sql = 'ALTER TABLE ' . $this->_EscapeName($this->table) . ' CHANGE ' . $this->_EscapeName($name) . ' ' . $this->_EscapeName($name) . ' int(11)'; } elseif ($this->table_description[$name]['Type'] != 'decimal(' . 11 + $format->decimals . ',' . $format->decimals . ')') { $sql = 'ALTER TABLE ' . $this->_EscapeName($this->table) . ' CHANGE ' . $this->_EscapeName($name) . ' ' . $this->_EscapeName($name) . ' decimal(' . (11 + $format->decimals) . ',' . $format->decimals . ');'; } else { continue; } $this->_Exec($sql); } } return true; }
public function searchRoomsToRequest($search_exp, $properties = false) { $permitted_rooms = null; if (getGlobalPerms($GLOBALS['user']->id) != 'admin' && !Config::GetInstance()->getValue('RESOURCES_ALLOW_ROOM_REQUESTS_ALL_ROOMS')) { $my_rooms = new ResourcesUserRoomsList($GLOBALS['user']->id, false, false, true); $global_resources = DBManager::get()->query("SELECT resource_id FROM resources_objects WHERE owner_id='global'")->fetchAll(PDO::FETCH_COLUMN); $permitted_rooms = array_unique(array_merge(array_keys($my_rooms->getRooms()), $global_resources)); } return $this->searchRooms($search_exp, $properties, 0, 0, true, $permitted_rooms); }
private function _CheckSubmitLimitReset() { $upgrade_date = Config::GetInstance()->getSubmitLimitUpgradeDate(); if ($upgrade_date && $upgrade_date != $this->GetSetting(FB_SETTING_SUBMITLIMIT)) { // store the new date so that we know if it changed or not $this->SetSetting(array(FB_SETTING_SUBMITLIMIT => $upgrade_date)); // clear the flags for the month that the date is set $qry = 'UPDATE ' . $this->_EscapeName($this->table) . ' SET _flags_ = _flags_&' . ~FLAG_OVERSUBMITLIMIT . ' WHERE strftime(\'%Y-%m\', _submitted_) = \'' . substr($upgrade_date, 0, 7) . '\';'; $count = $this->db->exec($qry); } if ($count === false) { writeErrorLog(__METHOD__, $this->db->errorInfo()); return 0; } return $count; }
function RestorePostFromSession($clearSession = true) { $this->post = Config::GetInstance()->GetSessionVariable('post'); if ($clearSession) { Config::GetInstance()->UnsetSessionVariable('post'); } if ($this->post) { // also restore the uploads table, possibly needed for sending emails $this->uploads = Config::GetInstance()->GetSessionVariable('uploads'); } else { header('Location: ' . getUrl('')); exit; } }
/** * Stud.IP markup for images, audio, video and flash-films */ protected static function markupMedia($markup, $matches) { $tag = $matches[1]; $params = explode(":", $matches[2]); $url = $matches[3]; $whitespace = $matches[4]; foreach ($params as $key => $param) { if ($param) { if (is_numeric($param)) { $width = $param; } elseif (in_array($param, words("left center right"))) { $position = $param; } elseif ($key === 0 && $param[0] === "=") { $title = substr($param, 1); } elseif ($key < count($params) - 1) { $virtual_url = $param . ":" . $params[$key + 1]; if (isURL($virtual_url)) { $link = $virtual_url; } } } } $format_strings = array('img' => '<img src="%s" style="%s" title="%s" alt="%s">', 'audio' => '<audio src="%s" style="%s" title="%s" alt="%s" controls></audio>', 'video' => '<video src="%s" style="%s" title="%s" alt="%s" controls></video>'); $url = TransformInternalLinks($url); $pu = @parse_url($url); if (($pu['scheme'] == 'http' || $pu['scheme'] == 'https') && ($pu['host'] == $_SERVER['HTTP_HOST'] || $pu['host'] . ':' . $pu['port'] == $_SERVER['HTTP_HOST']) && strpos($pu['path'], $GLOBALS['CANONICAL_RELATIVE_PATH_STUDIP']) === 0) { $intern = true; $checkpath = urldecode(substr($pu['path'], strlen($GLOBALS['CANONICAL_RELATIVE_PATH_STUDIP']))); if (strpos($checkpath, '../') === false) { list($pu['first_target']) = explode('/', $checkpath); } else { $pu['first_target'] = false; } } $LOAD_EXTERNAL_MEDIA = Config::GetInstance()->getValue('LOAD_EXTERNAL_MEDIA'); if ($intern && !in_array($pu['first_target'], array('sendfile.php', 'download', 'assets', 'pictures')) && !($pu['first_target'] === 'dispatch.php' && strpos($pu['path'], 'dispatch.php/document/download') !== false)) { return $matches[0]; } elseif ((!$LOAD_EXTERNAL_MEDIA || $LOAD_EXTERNAL_MEDIA === 'deny') && !$intern) { return $matches[0]; } //Mediaproxy? if (!$intern && $LOAD_EXTERNAL_MEDIA === "proxy" && Seminar_Session::is_current_session_authenticated()) { $media_url = $GLOBALS['ABSOLUTE_URI_STUDIP'] . 'dispatch.php/media_proxy?url=' . urlencode(decodeHTML(idna_link($url))); } else { $media_url = idna_link($url); } if ($tag === "flash") { $width = $width ? $width : 200; $height = round($width * 0.75); $flash_config = $width > 200 ? $GLOBALS['FLASHPLAYER_DEFAULT_CONFIG_MAX'] : $GLOBALS['FLASHPLAYER_DEFAULT_CONFIG_MIN']; $media = '<object type="application/x-shockwave-flash" id="FlashPlayer" data="' . Assets::url() . 'flash/player_flv.swf" width="' . $width . '" height="' . $height . '"> <param name="movie" value="' . Assets::url() . 'flash/player_flv.swf"> <param name="allowFullScreen" value="true"> <param name="FlashVars" value="flv=' . urlencode(decodeHTML($media_url)) . '&startimage=' . $link . $flash_config . '"> <embed src="' . Assets::url() . 'flash/player_flv.swf" movie="$media_url" type="application/x-shockwave-flash" FlashVars="flv=' . urlencode(decodeHTML($media_url)) . '&startimage=' . $link . $flash_config . '"> </object>'; } else { $media = sprintf($format_strings[$tag], $media_url, isset($width) ? "width: " . $width . "px;" : "", $title, $title); } if ($tag === 'audio') { $random_id = 'audio-' . substr(md5(uniqid('audio', true)), -8); $media = str_replace('<audio ', '<audio id="' . $random_id . '" onerror="STUDIP.Audio.handle(this);" ', $media); } if ($link && $tag === "img") { $media = sprintf('<a href="%s"%s>%s</a>', $link, !isLinkIntern($link) ? ' target="_blank"' : "", $media); } if ($position) { $media = '<div style="text-align: ' . $position . '">' . $media . '</div>'; } $media .= $whitespace; return $media; }
die; } include 'lib/seminar_open.php'; // initialise Stud.IP-Session include 'lib/msg.inc.php'; PageLayout::setTitle($UNI_NAME_CLEAN . " - " . _("Veranstaltungshierachie bearbeiten")); Navigation::activateItem('/admin/locations/sem_tree'); // Start of Output ob_start(); $view = DbView::getView('sem_tree'); $the_tree = new StudipSemTreeViewAdmin(Request::option('start_item_id')); $search_obj = new StudipSemSearch(); $_open_items =& $the_tree->open_items; $_open_ranges =& $the_tree->open_ranges; $_possible_open_items = array(); if (!Config::GetInstance()->getValue('SEM_TREE_ALLOW_BRANCH_ASSIGN')) { if (is_array($_open_items)) { foreach ($_open_items as $item_id => $value) { if (!$the_tree->tree->getNumKids($item_id)) { $_possible_open_items[$item_id] = $value; } } } } else { $_possible_open_items = $_open_items; } // allow add only for items where user has admin permission if (is_array($_possible_open_items)) { foreach ($_possible_open_items as $item_id => $value) { if (!$the_tree->isItemAdmin($item_id)) { unset($_possible_open_items[$item_id]);
private function _orderLikeInForm($a, $b) { static $keys = false; if (!$keys) { // get keys from the rules and convert to lower case $keys = array(); foreach (Config::GetInstance()->GetConfig('rules') as $key => $value) { $keys[] = strtolower($key); } } $r = 0; if ($a != $b) { foreach ($keys as $key) { if ($key == $a) { $r = -1; // a appears before b break; } if ($key == $b) { $r = 1; // b appears before a break; } } } return $r; }
/** * @return bool * @throws AccessDeniedException */ function is_authenticated() { $cfg = Config::GetInstance(); //check if the user got kicked meanwhile, or if user is locked out if ($this->auth['uid'] && !in_array($this->auth['uid'], array('form', 'nobody'))) { $user = $GLOBALS['user']->id == $this->auth['uid'] ? $GLOBALS['user'] : User::find($this->auth['uid']); if (!$user->username || $user->locked) { $this->unauth(); } } elseif ($cfg->getValue('MAINTENANCE_MODE_ENABLE') && Request::username('loginname')) { $user = User::findByUsername(Request::username('loginname')); } if ($cfg->getValue('MAINTENANCE_MODE_ENABLE') && $user->perms != 'root') { $this->unauth(); throw new AccessDeniedException(_("Das System befindet sich im Wartungsmodus. Zur Zeit ist kein Zugriff möglich.")); } return @$this->auth['uid'] ?: false; }
protected function _UpdateRow() { $fields = ''; $rules = Config::GetInstance()->GetConfig('rules'); $data = array(); // deal with the data in the post map foreach ($this->post as $key => $value) { $fields .= $this->_EscapeName($key) . '=?,'; // check rules for special formatting needs if (isset($rules->{$key}) && $rules->{$key}->fieldtype == 'date' && !empty($value)) { $data[] = date('Y-m-d', $value); } else { if ($key == '_submitted_') { $data[] = $this->_applyTimeZone($value); } else { $data[] = $value; } } } // add any file fields that aren't included yet foreach (FormPage::GetInstance()->uploads as $upload) { if (!isset($this->post[$upload['fieldname']])) { $fields .= $this->_EscapeName($upload['fieldname']) . '=?,'; $data[] = $upload['storedname']; } } $sql = 'UPDATE ' . $this->_EscapeName($this->table) . ' SET' . rtrim($fields, ',') . ' WHERE _rowid_=' . $this->lastrowid; $sth = $this->db->prepare($sql); if ($sth === false) { writeErrorLog('Failed compile query:', $sql); return false; } else { if (!$sth->execute($data)) { writeErrorLog('Failed to update data in from table:', $sth->errorInfo()); return false; } } return true; }
private function _getToCheckoutButton() { if (!$this->getConfigS('2CO', 'enabled')) { return ''; } include CARTREVISION . '/php/checkout2co.cls.php'; $checkout = new Checkout2CO($this); $checkout->setReturnUrl(urldecode(Config::GetInstance()->GetSessionVariable(CC_FB_URLEMBEDDED)) . '?action=checkedout'); // $checkout->setCancelUrl( getFullUrl( false, false ) . '?action=cancel' ); $html = '<form target="_top" style="display:inline;" action="' . $this->getConfigS('2CO', 'URL') . '" method="POST">' . $checkout->getCheckoutFields() . '<input type="submit" id="fb_2checkout" name="_xclick" value="Proceed to 2Checkout" /></form>'; return $html; }