public function isSpam($type, $author, $email, $site, $ip, $content, $post_id, &$status) { if ($type != 'trackback') { return; } try { $default_parse = array('scheme' => '', 'host' => '', 'path' => '', 'query' => ''); $S = array_merge($default_parse, parse_url($site)); if ($S['scheme'] != 'http' || !$S['host'] || !$S['path']) { throw new Exception('Invalid URL'); } # Check incomink link page $post = $this->core->blog->getPosts(array('post_id' => $post_id)); $post_url = $post->getURL(); $P = array_merge($default_parse, parse_url($post_url)); if ($post_url == $site) { throw new Exception('Same source and destination'); } $o = netHttp::initClient($site, $path); $o->setTimeout(3); $o->get($path); # Trackback source does not return 200 status code if ($o->getStatus() != 200) { throw new Exception('Invalid Status Code'); } $tb_page = $o->getContent(); # Do we find a link to post in trackback source? if ($S['host'] == $P['host']) { $pattern = $P['path'] . ($P['query'] ? '?' . $P['query'] : ''); } else { $pattern = $post_url; } $pattern = preg_quote($pattern, '/'); if (!preg_match('/' . $pattern . '/', $tb_page)) { throw new Exception('Unfair'); } } catch (Exception $e) { throw new Exception('Trackback not allowed for this URL.'); } }
public function download($url, $zip_file) { $this->zip_file = $zip_file; // Check and add default protocol if necessary if (!preg_match('%^http[s]?:\\/\\/%', $url)) { $url = 'http://' . $url; } // Download package if ($client = netHttp::initClient($url, $path)) { try { $client->setUserAgent('DotClear.org CKEditorBrowser/0.1'); $client->useGzip(false); $client->setPersistReferers(false); $client->setOutput($this->zip_file); $client->get($path); unset($client); } catch (Exception $e) { unset($client); throw new Exception(__('An error occurred while downloading the file.')); } } else { throw new Exception(__('An error occurred while downloading the file.')); } }
/** * Downloads new version to destination $sDest. * * @param string $sDest * @throws Exception */ public function download($sDest) { $sUrl = $this->getFileURL(); if (!$sUrl) { throw new Exception(__('c_a_update_no_file_to_download')); } if (!is_writable(dirname($sDest))) { throw new Exception(__('c_a_update_root_directory_not_writable')); } try { $oClient = netHttp::initClient($sUrl, $sPath); $oClient->setTimeout(4); $oClient->setUserAgent($_SERVER['HTTP_USER_AGENT']); $oClient->useGzip(false); $oClient->setPersistReferers(false); $oClient->setOutput($sDest); $oClient->get($sPath); if ($oClient->getStatus() != 200) { @unlink($sDest); throw new Exception(); } } catch (Exception $e) { throw new Exception(__('c_a_update_error_occurred_while_downloading')); } }
} catch (Exception $e) { $core->error->add($e->getMessage()); } } # Download a language pack if ($is_writable && !empty($_POST['pkg_url'])) { try { if (empty($_POST['your_pwd']) || !$core->auth->checkPassword(crypt::hmac(DC_MASTER_KEY, $_POST['your_pwd']))) { throw new Exception(__('Password verification failed')); } $url = html::escapeHTML($_POST['pkg_url']); $dest = DC_L10N_ROOT . '/' . basename($url); if (!preg_match('#^http://[^.]+\\.dotclear\\.net/.*\\.zip$#', $url)) { throw new Exception(__('Invalid language file URL.')); } $client = netHttp::initClient($url, $path); $client->setUserAgent('Dotclear - http://www.dotclear.org/'); $client->useGzip(false); $client->setPersistReferers(false); $client->setOutput($dest); $client->get($path); try { $ret_code = dc_lang_install($dest); } catch (Exception $e) { @unlink($dest); throw $e; } @unlink($dest); http::redirect('langs.php?added=' . $ret_code); } catch (Exception $e) { $core->error->add($e->getMessage());
/** * Retourne les informations d'un dépôt de themes donné. * * @param array $repository_url * @return array */ protected function getRepositoryInfos($repository_url) { try { $repository_url = str_replace('%VERSION%', util::getVersion(), $repository_url); $path = ''; $client = netHttp::initClient($repository_url, $path); if ($client !== false) { $client->setTimeout(4); $client->setUserAgent($_SERVER['HTTP_USER_AGENT']); $client->get($path); return $this->readRepositoryInfos($client->getContent()); } } catch (Exception $e) { return false; } }
private static function initHttp($url, &$path) { $client = netHttp::initClient($url, $path); $client->setTimeout(5); $client->setUserAgent('Dotclear - http://www.dotclear.org/'); $client->useGzip(false); $client->setPersistReferers(false); return $client; }
$m_title = $M[1]; } if ($movie) { $m_object = '<object type="application/x-shockwave-flash" data="' . $movie . '" width="425" height="350">' . "\n" . ' <param name="movie" value="' . $movie . '" />' . "\n" . ' <param name="wmode" value="transparent" />' . "\n" . '</object>'; } } break; case 'jamendo': if (preg_match('#^http://(www.)?jamendo.com/[a-z]{2}/(playlist|album|track)/([0-9]+)#', $media_page, $m)) { $type = $m[2]; $id = $m[3]; $req = 'name'; if ($type == 'track') { $req .= '+stream'; } $http = netHttp::initClient('http://api.jamendo.com/get2/' . $req . '/' . $type . '/plain/?streamencoding=mp31&id=' . $id, $media_path); $http->setTimeout(5); $http->setUserAgent($_SERVER['HTTP_USER_AGENT']); $http->get($media_path); if ($http->getStatus() != 200) { throw new Exception(__('Invalid page URL')); } if ($type != 'track') { $m_title = $http->getContent(); $m_object = '<object width="200" height="300" type="application/x-shockwave-flash"' . "\n" . 'data="http://widgets.jamendo.com/fr/' . $type . '/?playertype=2008&' . $type . '_id=' . $id . '">' . "\n" . '</object>'; $m_url = $media_page; } else { $t = explode("\t", $http->getContent()); $m_title = $t[0]; $url = $t[1]; $m_object = dcMedia::mp3player($url, $core->blog->getQmarkURL() . 'pf=player_mp3.swf');
/** Downloads new version to destination $dest. */ public function download($dest) { $url = $this->getFileURL(); if (!$url) { throw new Exception(__('No file to download')); } if (!is_writable(dirname($dest))) { throw new Exception(__('Root directory is not writable.')); } try { $client = netHttp::initClient($url, $path); $client->setTimeout(4); $client->setUserAgent($_SERVER['HTTP_USER_AGENT']); $client->useGzip(false); $client->setPersistReferers(false); $client->setOutput($dest); $client->get($path); if ($client->getStatus() != 200) { @unlink($dest); throw new Exception(); } } catch (Exception $e) { throw new Exception(__('An error occurred while downloading archive.')); } }
to allow admins to update other settings. Otherwise dcCore::getBlogCursor() throws an exception. */ echo form::field('blog_id', 30, 32, html::escapeHTML($blog_id), '', '', false, 'hidden="hidden"'); echo form::field('blog_url', 50, 255, html::escapeHTML($blog_url), '', '', false, 'hidden="hidden"'); } echo '<p><label for="blog_name" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('Blog name:') . '</label>' . form::field('blog_name', 30, 255, html::escapeHTML($blog_name)) . '</p>'; if ($core->auth->isSuperAdmin()) { echo '<p><label for="blog_url" class="required"><abbr title="' . __('Required field') . '">*</abbr> ' . __('Blog URL:') . '</label>' . form::field('blog_url', 50, 255, html::escapeHTML($blog_url)) . '</p>' . '<p><label for="url_scan">' . __('URL scan method:') . '</label>' . form::combo('url_scan', $url_scan_combo, $blog_settings->system->url_scan) . '</p>'; try { # Test URL of blog by testing it's ATOM feed $file = $blog_url . $core->url->getURLFor('feed', 'atom'); $path = ''; $status = '404'; $content = ''; $client = netHttp::initClient($file, $path); if ($client !== false) { $client->setTimeout(4); $client->setUserAgent($_SERVER['HTTP_USER_AGENT']); $client->get($path); $status = $client->getStatus(); $content = $client->getContent(); } if ($status != '200') { // Might be 404 (URL not found), 670 (blog not online), ... echo '<p class="form-note warn">' . sprintf(__('The URL of blog or the URL scan method might not be well set (<code>%s</code> return a <strong>%s</strong> status).'), $file, $status) . '</p>'; } else { if (substr($content, 0, 6) != '<?xml ') { // Not well formed XML feed echo '<p class="form-note warn">' . sprintf(__('The URL of blog or the URL scan method might not be well set (<code>%s</code> does not return an ATOM feed).'), $file) . '</p>'; }