/**
* XoopsCaptchaRecaptcha::verify()
*
* @param mixed|null $sessionName
*
* @return bool
*/
public function verify($sessionName = null)
{
$is_valid = false;
require_once __DIR__ . '/recaptcha/recaptchalib.php';
if (!empty(Request::getString('recaptcha_response_field', '', 'POST'))) {
$resp = recaptcha_check_answer($this->config['private_key'], $_SERVER['REMOTE_ADDR'], Request::getString('recaptcha_challenge_field', '', 'POST'), Request::getString('recaptcha_response_field', '', 'POST'));
if (!$resp->is_valid) {
$this->message[] = $resp->error;
} else {
$is_valid = true;
}
}
return $is_valid;
}
/**
* Validate and decode a JSON Web Token string from a header
*
* @param string $keyName name of the key to used to sign the token
* @param array|\Traversable $assertClaims traversable set of claims, claim => value, to assert
* @param string $headerName name of header that sources the token
*
* @return object|false payload as stdClass, or false if token was invalid
*/
public static function fromHeader($keyName, $assertClaims = array(), $headerName = 'Authorization')
{
$header = Request::getHeader($headerName, '');
if (empty($header)) {
return false;
}
$header = trim($header);
$space = strpos($header, ' ');
// expecting "Bearer base64-token-string"
if (false !== $space) {
$header = substr($header, $space);
}
$token = trim($header);
return static::fromString($keyName, $token, $assertClaims);
}
/**
* XoopsCaptchaRecaptcha2::verify()
*
* @param string|null $sessionName unused for recaptcha
*
* @return bool
*/
public function verify($sessionName = null)
{
$isValid = false;
$recaptchaResponse = Request::getString('g-recaptcha-response', '');
$recaptchaVerifyURL = 'https://www.google.com/recaptcha/api/siteverify?secret=' . $this->config['secret_key'] . '&response=' . $recaptchaResponse . '&remoteip=' . IPAddress::fromRequest()->asReadable();
$usedCurl = false;
if (function_exists('curl_init') && false !== ($curlHandle = curl_init())) {
curl_setopt($curlHandle, CURLOPT_URL, $recaptchaVerifyURL);
curl_setopt($curlHandle, CURLOPT_FAILONERROR, true);
curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curlHandle, CURLOPT_CONNECTTIMEOUT, 5);
$curlReturn = curl_exec($curlHandle);
if (false === $curlReturn) {
trigger_error(curl_error($curlHandle));
} else {
$usedCurl = true;
$recaptchaCheck = json_decode($curlReturn, true);
}
curl_close($curlHandle);
}
if (false === $usedCurl) {
$recaptchaCheck = file_get_contents($recaptchaVerifyURL);
$recaptchaCheck = json_decode($recaptchaCheck, true);
}
if (isset($recaptchaCheck['success']) && $recaptchaCheck['success'] === true) {
$isValid = true;
} else {
/** @var \XoopsCaptcha $captchaInstance */
$captchaInstance = \XoopsCaptcha::getInstance();
/** @var array $recaptchaCheck */
foreach ($recaptchaCheck['error-codes'] as $msg) {
$captchaInstance->message[] = $msg;
}
}
return $isValid;
}
echo sprintf('Session variable not set. Setting as: %s', $var) . '<br />';
$sessionHelper->set('fred', $var);
}
}
echo '<h2>Permission demo</h2>';
$permissionHelper = new Permission();
if ($permissionHelper) {
// this is the name and item we are going to work with
$permissionName = 'fred';
$permissionItemId = 1;
// if this is a post operation get the input and save it
if ('POST' === Request::getMethod()) {
echo $xoops->alert('success', 'Permission updated');
// save the data
$name = $permissionHelper->defaultFieldName($permissionName, $permissionItemId);
$groups = Request::getVar($name, array(), 'POST');
$permissionHelper->savePermissionForItem($permissionName, $permissionItemId, $groups);
}
// build a form for our permission
$form = new Xoops\Form\ThemeForm("Permission Form (for the permission named '{$permissionName}')", 'form', '', 'POST');
$groupElement = $permissionHelper->getGroupSelectFormForItem($permissionName, $permissionItemId, "Groups with '{$permissionName}' permission", null, true);
$form->addElement($groupElement);
$form->addElement(new Xoops\Form\Button('', 'submit', 'Save', 'submit'));
echo $form->render();
// check it the current user has the permission
if ($permissionHelper->checkPermission($permissionName, $permissionItemId)) {
echo "<p>You have the <strong>'{$permissionName}'</strong> permission for the 'codex' module.</p>";
} else {
echo "<p>You <em>DO NOT</em> have the <strong>'{$permissionName}'</strong> " . "permission for the 'codex' module.</p>";
}
}
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*
* @copyright (c) 2000-2016 XOOPS Project (www.xoops.org)
* @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html)
* @package profile
* @since 2.3.0
* @author Jan Pedersen
* @author Taiwen Jiang <*****@*****.**>
*/
include_once __DIR__ . '/admin_header.php';
xoops_cp_header();
$indexAdmin = new ModuleAdmin();
echo $indexAdmin->addNavigation(basename(__FILE__));
$op = \Xmf\Request::getCmd('op', 'edit');
$perm_desc = '';
switch ($op) {
case 'visibility':
//redirect_header("visibility.php", 0, _PROFILE_AM_PROF_VISIBLE);
header('Location: visibility.php');
break;
case 'edit':
$title_of_form = _PROFILE_AM_PROF_EDITABLE;
$perm_name = 'profile_edit';
$restriction = 'field_edit';
$anonymous = false;
break;
case 'search':
$title_of_form = _PROFILE_AM_PROF_SEARCH;
$perm_name = 'profile_search';
}
}
PublisherUtils::cpHeader();
publisher_editItem(true, $itemid);
break;
case "additem":
// Creating the item object
/* @var $itemObj PublisherItem */
if ($itemid != 0) {
$itemObj = $publisher->getItemHandler()->get($itemid);
} else {
$itemObj = $publisher->getItemHandler()->create();
}
$itemObj->setVarsFromRequest();
$old_status = $itemObj->getVar('status');
$new_status = \Xmf\Request::getInt('status', _PUBLISHER_STATUS_PUBLISHED);
//_PUBLISHER_STATUS_NOTSET;
$error_msg = '';
$redirect_msg = '';
switch ($new_status) {
case _PUBLISHER_STATUS_SUBMITTED:
if ($old_status == _PUBLISHER_STATUS_NOTSET) {
$error_msg = _AM_PUBLISHER_ITEMNOTUPDATED;
} else {
$error_msg = _AM_PUBLISHER_ITEMNOTCREATED;
}
$redirect_msg = _AM_PUBLISHER_ITEM_RECEIVED_NEED_APPROVAL;
break;
case _PUBLISHER_STATUS_PUBLISHED:
if ($old_status == _PUBLISHER_STATUS_NOTSET || $old_status == _PUBLISHER_STATUS_SUBMITTED) {
$redirect_msg = _AM_PUBLISHER_SUBMITTED_APPROVE_SUCCESS;
//$pkg->setDatalist(array('list 1','list 2','list 3'));
$testtray->addElement($pkg);
$ver = new Xoops\Form\Text('Version', 'version', 16, 50, '', 'version');
//$ver->setDescription('Description code');
//$ver->setPattern('^.{3,}$', 'You need at least 3 characters');
//$ver->setDatalist(array('list 1','list 2','list 3'));
$testtray->addElement($ver);
$form->addElement($testtray);
$button = new Xoops\Form\Button('', 'submit', XoopsLocale::A_SUBMIT, 'submit');
$form->addElement($button);
$form->display();
if ($method == 'POST') {
$secResult = $security->check();
if ($secResult) {
$composer = new ComposerUtility();
$composer_command = Request::getCmd('composer_command', '', 'POST');
$cmd = empty($commands[$composer_command]) ? array('cmd' => '', 'args' => null, 'name' => 'Dummy') : $commands[$composer_command];
$package = empty($_POST['package']) ? '' : $_POST['package'];
$version = empty($_POST['version']) ? '' : $_POST['version'];
$skipProcess = false;
switch ($cmd['args']) {
case 'pkg':
$args = trim($package);
if (empty($package)) {
echo $xoops->alert('warning', 'Package is required for this command', 'Warning');
$skipProcess = true;
}
break;
case 'pkgver':
$args = trim($package . ' ' . $version);
if (empty($package) || empty($version)) {