/** * Check the StopForumSpam API for a specific field (username, email or IP) * * @param string $field field to check * @param string $value value to validate * @return true if spammer was found with passed info */ public function checkForField($field, $value) { $spam = false; return $spam; // MODIFIED BY FREEFORM SOLUTIONS for compatibility with offline installs. SUGGESTED BY SKENOW HERE: http://www.freeformsolutions.ca/en/forum/using-formulize-no-internet-access#comment-4554 $url = $this->api_url . $field . '=' . urlencode($value); if (!ini_get('allow_url_fopen')) { $output = ''; $ch = curl_init(); if (!curl_setopt($ch, CURLOPT_URL, "{$url}")) { icms_core_Debug::message($this->api_url . $field . '=' . $value); echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n"; } curl_setopt($ch, CURLOPT_URL, "{$url}"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output .= curl_exec($ch); curl_close($ch); if (preg_match("#<appears>(.*)</appears>#i", $output, $out)) { $spam = $out[1]; } } else { $file = fopen($url, "r"); if (!$file) { icms_core_Debug::message($this->api_url . $field . '=' . $value); echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n"; } while (!feof($file)) { $line = fgets($file, 1024); if (preg_match("#<appears>(.*)</appears>#i", $line, $out)) { $spam = $out[1]; break; } } fclose($file); } return $spam == 'yes'; }
/** * Check the StopForumSpam API for a specific field (username, email or IP) * * @param string $field field to check * @param string $value value to validate * @return true if spammer was found with passed info */ public function checkForField($field, $value) { $spam = false; $url = $this->api_url . $field . '=' . urlencode($value); if (!ini_get('allow_url_fopen')) { $output = ''; $ch = curl_init(); if (!curl_setopt($ch, CURLOPT_URL, "{$url}")) { icms_core_Debug::message($this->api_url . $field . '=' . $value); echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n"; } curl_setopt($ch, CURLOPT_URL, "{$url}"); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output .= curl_exec($ch); curl_close($ch); if (preg_match("#<appears>(.*)</appears>#i", $output, $out)) { $spam = $out[1]; } } else { $file = fopen($url, "r"); if (!$file) { icms_core_Debug::message($this->api_url . $field . '=' . $value); echo "<script> alert('" . _US_SERVER_PROBLEM_OCCURRED . "'); window.history.go(-1); </script>\n"; } while (!feof($file)) { $line = fgets($file, 1024); if (preg_match("#<appears>(.*)</appears>#i", $line, $out)) { $spam = $out[1]; break; } } fclose($file); } return $spam == 'yes'; }
/** * insert a new object in the database * * @param object $obj reference to the object * @param bool $force whether to force the query execution despite security settings * @param bool $checkObject check if the object is dirty and clean the attributes * @return bool FALSE if failed, TRUE if already present and unchanged or successful */ public function insert(&$obj, $force = false, $checkObject = true, $debug = false) { if ($checkObject != false) { if (!is_object($obj)) { return false; } /** * @TODO: Change to if (!(class_exists($this->className) && $obj instanceof $this->className)) when going fully PHP5 */ if (!is_a($obj, $this->className)) { $obj->setErrors(get_class($obj) . ' Differs from ' . $this->className); return false; } if (!$obj->isDirty()) { $obj->setErrors("Not dirty"); //will usually not be outputted as errors are not displayed when the method returns true, but it can be helpful when troubleshooting code - Mith return true; } } if ($obj->seoEnabled) { // Auto create meta tags if empty $icms_metagen = new icms_ipf_Metagen($obj->title(), $obj->getVar('meta_keywords'), $obj->summary()); if (!$obj->getVar('meta_keywords') || !$obj->getVar('meta_description')) { if (!$obj->meta_keywords()) { $obj->setVar('meta_keywords', $icms_metagen->_keywords); } if (!$obj->meta_description()) { $obj->setVar('meta_description', $icms_metagen->_meta_description); } } // Auto create short_url if empty if (!$obj->short_url()) { $obj->setVar('short_url', $icms_metagen->generateSeoTitle($obj->title('n'), false)); } } $eventResult = $this->executeEvent('beforeSave', $obj); if (!$eventResult) { $obj->setErrors('An error occured during the BeforeSave event'); return false; } if ($obj->isNew()) { $eventResult = $this->executeEvent('beforeInsert', $obj); if (!$eventResult) { $obj->setErrors('An error occured during the BeforeInsert event'); return false; } } else { $eventResult = $this->executeEvent('beforeUpdate', $obj); if (!$eventResult) { $obj->setErrors('An error occured during the BeforeUpdate event'); return false; } } if (!$obj->cleanVars()) { $obj->setErrors('Variables were not cleaned properly.'); return false; } $fieldsToStoreInDB = array(); foreach ($obj->cleanVars as $k => $v) { if ($obj->vars[$k]['data_type'] == XOBJ_DTYPE_INT) { $cleanvars[$k] = (int) $v; } elseif (is_array($v)) { $cleanvars[$k] = $this->db->quoteString(implode(',', $v)); } else { $cleanvars[$k] = $this->db->quoteString($v); } if ($obj->vars[$k]['persistent']) { $fieldsToStoreInDB[$k] = $cleanvars[$k]; } } if ($obj->isNew()) { if (!is_array($this->keyName)) { if ($cleanvars[$this->keyName] < 1) { $cleanvars[$this->keyName] = $this->db->genId($this->table . '_' . $this->keyName . '_seq'); } } $sql = 'INSERT INTO ' . $this->table . ' (' . implode(',', array_keys($fieldsToStoreInDB)) . ') VALUES (' . implode(',', array_values($fieldsToStoreInDB)) . ')'; } else { $sql = 'UPDATE ' . $this->table . ' SET'; foreach ($fieldsToStoreInDB as $key => $value) { if (!is_array($this->keyName) && $key == $this->keyName || is_array($this->keyName) && in_array($key, $this->keyName)) { continue; } if (isset($notfirst)) { $sql .= ','; } $sql .= ' ' . $key . ' = ' . $value; $notfirst = true; } if (is_array($this->keyName)) { $whereclause = ''; for ($i = 0; $i < count($this->keyName); $i++) { if ($i > 0) { $whereclause .= ' AND '; } $whereclause .= $this->keyName[$i] . ' = ' . $obj->getVar($this->keyName[$i]); } } else { $whereclause = $this->keyName . ' = ' . $obj->getVar($this->keyName); } $sql .= ' WHERE ' . $whereclause; } if ($debug) { icms_core_Debug::message($sql); } if (false != $force) { $result = $this->db->queryF($sql); } else { $result = $this->db->query($sql); } if (!$result) { $obj->setErrors($this->db->error()); return false; } if ($obj->isNew() && !is_array($this->keyName)) { $obj->assignVar($this->keyName, $this->db->getInsertId()); } $eventResult = $this->executeEvent('afterSave', $obj); if (!$eventResult) { $obj->setErrors('An error occured during the AfterSave event'); return false; } if ($obj->isNew()) { $obj->unsetNew(); $eventResult = $this->executeEvent('afterInsert', $obj); if (!$eventResult) { $obj->setErrors('An error occured during the AfterInsert event'); return false; } } else { $eventResult = $this->executeEvent('afterUpdate', $obj); if (!$eventResult) { $obj->setErrors('n error occured during the AfterUpdate event'); return false; } } return true; }
/** * Output a line of debug * * @param string $msg text to be outputed as a debug line * @param bool $exit if TRUE the script will end * @deprecated use icms_core_Debug::message() instead */ function icms_debug($msg, $exit = false) { icms_core_Debug::setDeprecated('icms_core_Debug::message'); return icms_core_Debug::message($msg, $exit); }
/** * Removes data insterted since 2.0.18.1 * */ function apply_config() { $db = $GLOBALS['xoopsDB']; // remove configuration items $db->queryF("DELETE FROM `" . $db->prefix('config') . "` WHERE conf_name='cpanel'"); $db->queryF("DELETE FROM `" . $db->prefix('config') . "` WHERE conf_name='welcome_type'"); $db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_NO'"); $db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_MD_AM_WELCOMETYPE_EMAIL'"); $db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_MD_AM_WELCOMETYPE_PM'"); $db->queryF("DELETE FROM `" . $db->prefix('configoption') . "` WHERE confop_name='_MD_AM_WELCOMETYPE_BOTH'"); $db->queryF("UPDATE `" . $db->prefix('config') . "` SET conf_value = 'iTheme' WHERE conf_name = 'theme_set'"); // remove cache_model table $db->queryF("DROP TABLE " . $db->prefix("cache_model")); $sql = "ALTER TABLE `" . $db->prefix('block_module_link') . "` DROP PRIMARY KEY"; if (!$result = $db->queryF($sql)) { icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error()); return false; } $sql = "ALTER IGNORE TABLE `" . $db->prefix('block_module_link') . "` ADD KEY module_id (module_id)"; if (!$result = $db->queryF($sql)) { icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error()); return false; } $sql = "ALTER IGNORE TABLE `" . $db->prefix('block_module_link') . "` ADD KEY block_id (block_id)"; if (!$result = $db->queryF($sql)) { icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error()); return false; } $sql = "ALTER TABLE `" . $db->prefix('newblocks') . "` MODIFY content text NOT NULL"; if (!$result = $db->queryF($sql)) { icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . $db->error()); return false; } return true; }
/** * Authenticate using the OpenID protocol * * @param bool $debug Turn debug on or not * @return bool successful? */ public function authenticate($debug = FALSE) { // check to see if we already have an OpenID response in SESSION if (isset($_SESSION['openid_response'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_INSESSIONS); } $this->response = unserialize($_SESSION['openid_response']); } else { if ($debug) { icms_core_Debug::message(_CORE_OID_FETCHING); } // Complete the authentication process using the server's response. $consumer = getConsumer(); $return_to = getReturnTo(); //$this->response = $consumer->complete($_GET); $this->response = $consumer->complete($return_to); $_SESSION['openid_response'] = serialize($this->response); } if ($this->response->status == Auth_OpenID_CANCEL) { if ($debug) { icms_core_Debug::message(_CORE_OID_STATCANCEL); } // This means the authentication was cancelled. $this->setErrors('100', _CORE_OID_VERIFCANCEL); } elseif ($this->response->status == Auth_OpenID_FAILURE) { if ($debug) { icms_core_Debug::message(_CORE_OID_SERVERFAILED); } $this->setErrors('101', _CORE_OID_FAILED . $this->response->message); if ($debug) { icms_core_Debug::message(_CORE_OID_DUMPREQ); icms_core_Debug::vardump($_REQUEST); } return FALSE; } elseif ($this->response->status == Auth_OpenID_SUCCESS) { // This means the authentication succeeded. $this->displayid = $this->response->getDisplayIdentifier(); $this->openid = $this->response->identity_url; $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($this->response); $sreg = $sreg_resp->contents(); $_SESSION['openid_sreg'] = $sreg; if ($debug) { icms_core_Debug::message(_CORE_OID_SERVERSUCCESS); icms_core_Debug::message(_CORE_OID_DISPID . $this->displayid); icms_core_Debug::message(_CORE_OID_OPENID . $this->openid); icms_core_Debug::message(_CORE_OID_DUMPING); icms_core_Debug::vardump($sreg); } $esc_identity = htmlspecialchars($this->openid, ENT_QUOTES); $success = sprintf(_CORE_OID_SUCESSFULLYIDENTIFIED, $esc_identity, $this->displayid); if ($this->response->endpoint->canonicalID) { $success .= sprintf(_CORE_OID_CANONID, $this->response->endpoint->canonicalID); } /** * Now, where are we in the process, just back from OpenID server or trying to register or * trying to link to an existing account */ if (isset($_POST['openid_register'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_STEPIS . 'OPENID_STEP_REGISTER'); } $this->step = OPENID_STEP_REGISTER; } elseif (isset($_POST['openid_link'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_STEPIS . 'OPENID_STEP_LINK'); } $this->step = OPENID_STEP_LINK; } elseif (isset($_SESSION['openid_step'])) { if ($debug) { icms_core_Debug::message(_CORE_OID_STEPIS . $_SESSION['openid_step']); } $this->step = $_SESSION['openid_step']; } else { if ($debug) { icms_core_Debug::message(_CORE_OID_CHECKINGID); } // Do we already have a user with this openid $member_handler = icms::handler('icms_member'); $criteria = new icms_db_criteria_Compo(); $criteria->add(new icms_db_criteria_Item('openid', $this->openid)); $users =& $member_handler->getUsers($criteria); if ($users && count($users) > 0) { $this->step = OPENID_STEP_USER_FOUND; if ($debug) { icms_core_Debug::message(_CORE_OID_FOUNDSTEPIS . 'OPENID_STEP_USER_FOUND'); } return $users[0]; } else { /* * This openid was not found in the users table. Let's ask the user if he wants * to create a new user account on the site or else login with his already registered * account */ if ($debug) { icms_core_Debug::message(_CORE_OID_NOTFOUNDSTEPIS . 'OPENID_STEP_NO_USER_FOUND'); } $this->step = OPENID_STEP_NO_USER_FOUND; return FALSE; } } } }
private function sessionFingerprint($ip, $userAgent) { $securityLevel = (int) $this->securityLevel; $ipv6securityLevel = (int) $this->ipv6securityLevel; $fingerprint = $this->mainSaltKey; if (isset($ip) && icms_core_DataFilter::checkVar($ip, 'ip', 'ipv4')) { if ($securityLevel >= 1) { $fingerprint .= $userAgent; } if ($securityLevel >= 2) { $num_blocks = abs($securityLevel); if ($num_blocks > 4) { $num_blocks = 4; } $blocks = explode('.', $ip); for ($i = 0; $i < $num_blocks; $i++) { $fingerprint .= $blocks[$i] . '.'; } } } elseif (isset($ip) && icms_core_DataFilter::checkVar($ip, 'ip', 'ipv6')) { if ($securityLevel >= 1) { $fingerprint .= $userAgent; } if ($securityLevel >= 2) { $num_blocks = abs($securityLevel); if ($num_blocks > 4) { $num_blocks = 4; } $blocks = explode(':', $ip); for ($i = 0; $i < $num_blocks; $i++) { $fingerprint .= $blocks[$i] . ':'; } } } else { icms_core_Debug::message('ERROR (Session Fingerprint): Invalid IP format, IP must be a valid IPv4 or IPv6 format', false); $fingerprint = ''; return $fingerprint; } return hash('sha256', $fingerprint); }
$newDbVersion = 19; } if ($dbVersion < $newDbVersion) { $module_handler = icms::handler('icms_module'); $smartprofile_module = $module_handler->getByDirname('smartprofile'); $table = new icms_db_legacy_updater_Table('profile_category'); if ($smartprofile_module && $smartprofile_module->getVar('isactive') && !$table->exists()) { icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_category") . "` TO `" . icms::$xoopsDB->prefix("profile_category") . "`"); icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_field") . "` TO `" . icms::$xoopsDB->prefix("profile_field") . "`"); icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_visibility") . "` TO `" . icms::$xoopsDB->prefix("profile_visibility") . "`"); icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_profile") . "` TO `" . icms::$xoopsDB->prefix("profile_profile") . "`"); icms::$xoopsDB->queryF("RENAME TABLE `" . icms::$xoopsDB->prefix("smartprofile_regstep") . "` TO `" . icms::$xoopsDB->prefix("profile_regstep") . "`"); $command = array("ALTER TABLE `" . icms::$xoopsDB->prefix("profile_profile") . "` ADD `newemail` varchar(255) NOT NULL default '' AFTER `profile_id`", "ALTER TABLE `" . icms::$xoopsDB->prefix("profile_field") . "` ADD `exportable` int unsigned NOT NULL default 0 AFTER `step_id`", "UPDATE `" . icms::$xoopsDB->prefix('modules') . "` SET dirname='profile' WHERE dirname='smartprofile'"); foreach ($command as $sql) { if (!($result = icms::$xoopsDB->queryF($sql))) { icms_core_Debug::message('An error occurred while executing "' . $sql . '" - ' . icms::$xoopsDB->error()); return false; } } } $icmsDatabaseUpdater->updateModuleDBVersion($newDbVersion, 'system'); echo sprintf(_DATABASEUPDATER_UPDATE_OK, icms_conv_nr2local($newDbVersion)) . '<br />'; } if (!$abortUpdate) { $newDbVersion = 20; } if ($dbVersion < $newDbVersion) { // Adding configurations of search preferences $icmsDatabaseUpdater->insertConfig(ICMS_CONF_SEARCH, 'enable_deep_search', '_MD_AM_DODEEPSEARCH', '1', '_MD_AM_DODEEPSEARCHDSC', 'yesno', 'int', 2); $icmsDatabaseUpdater->insertConfig(ICMS_CONF_SEARCH, 'num_shallow_search', '_MD_AM_NUMINITSRCHRSLTS', '5', '_MD_AM_NUMINITSRCHRSLTSDSC', 'textbox', 'int', 4); $icmsDatabaseUpdater->updateModuleDBVersion($newDbVersion, 'system');