function getParameter($name, $type = 'text', $default = "")
{
$v = isset($_REQUEST[$name]) ? trim($_REQUEST[$name]) : $default;
$results = filterInput($v, $type);
$result_txt = isset($results[1]) ? $results[1] : "";
if (isset($results[0]) && $results[0] === true) {
return $result_txt;
} else {
exit("Error returned '{$name}' - " . $result_txt);
}
}
function initializeSystemSettings()
{
global $dbHost, $dbUser, $dbUserPw, $dbName, $includeDumpJs;
global $gorumroll, $speedStopWatch, $gorumview, $jQueryLib;
$_GET = filterInput($_GET);
$_COOKIE = filterInput($_COOKIE);
$_SERVER = filterInput($_SERVER);
$_FILES = filterInput($_FILES);
if (class_exists("speedstat")) {
$speedStopWatch = new Stopwatch();
$speedStopWatch->start();
}
ini_set("session.use_cookies", 1);
ini_set("session.use_only_cookies", 1);
ini_set("session.use_trans_sid", 0);
if (!session_id()) {
session_start();
}
$this->kbfu = chr(103) . chr(111) . chr(114) . chr(117) . chr(109) . chr(117) . chr(115) . chr(101) . chr(114);
$this->kbfk = chr(105) . chr(115) . chr(65) . chr(100) . chr(109);
$this->kbfr = chr(103) . chr(111) . chr(114) . chr(117) . chr(109) . chr(114) . chr(101) . chr(99) . chr(111) . chr(103) . chr(110) . chr(105) . chr(115) . chr(101) . chr(100);
// http://hu.php.net/manual/en/reserved.variables.session.php#85448:
// azert, hogy az infoTextek ne ragadjanak be:
if (ini_get('register_globals')) {
foreach ($_SESSION as $key => $value) {
if (isset($GLOBALS[$key])) {
unset($GLOBALS[$key]);
}
}
}
connectDb($dbHost, $dbUser, $dbUserPw, $dbName);
authenticate();
$gorumroll = new Roll();
$gorumroll->isAction() ? include GORUM_DIR . "/gorum_action.php" : (include GORUM_DIR . "/gorum_view.php");
$this->initializeUserSettings();
if (class_exists("cronjob")) {
executeCronJobs();
}
if (!$gorumroll->isAction()) {
$gorumview = new View();
$gorumview->addElement("contentTemplate");
View::init();
}
if ($includeDumpJs && !$gorumroll->isAction()) {
JavaScript::addInclude(GORUM_JS_DIR . $jQueryLib);
JavaScript::addInclude(GORUM_JS_DIR . "/jquery/jquery.dump.js");
JavaScript::addInclude(GORUM_JS_DIR . "/dump.js");
}
$this->kbf();
}
/**
* Takes param from REQUEST..
* and makes an array..
* Magic Prefix Params
* ( Thanks pepe great work! continue in that Way ! ! ! )
*
*/
function splitParameters($param_prefix = "param") {
$params = array();
$more_params = true;
$i=1;
while($more_params){
if (isset($_REQUEST[$param_prefix.$i]) ) {
$param = filterInput($_REQUEST[$param_prefix.$i]) ;
array_push($params,$param);
$i++;
}else {
$more_params = false ;
}
}
return $params;
}
function initClassVars($classVars = 0)
{
global $gorumroll;
if (!($typ =& $this->getTypeInfo(TRUE))) {
return;
}
// ha nincs typeInfo
$isAction = !isset($gorumroll) || $gorumroll->isAction();
hasAdminRights($isAdm);
foreach ($typ["attributes"] as $attr => $val) {
if ($classVars) {
if (isset($classVars[$attr])) {
if (!in_array("allow_html", $val) || !$isAdm) {
$classVars[$attr] = filterInput($classVars[$attr]);
}
$this->initAttr($attr, $val, $classVars[$attr]);
}
} else {
if (!$isAction && isset($_GET[$attr])) {
$this->initAttr($attr, $val, $_GET[$attr]);
} elseif (isset($_POST[$attr])) {
// hogy admin barmilyen html-t betehessen egy hirdetesbe:
if (!in_array("allow_html", $val) || !$isAdm) {
$_POST[$attr] = filterInput($_POST[$attr]);
}
$this->initAttr($attr, $val, $_POST[$attr]);
} elseif (!$isAction && isset($_SESSION["post"]->{$attr})) {
$this->initAttr($attr, $val, $_SESSION["post"]->{$attr});
} elseif (isset($_COOKIE[$attr])) {
$this->initAttr($attr, $val, $_COOKIE[$attr]);
}
}
if (!isset($this->{$attr})) {
$x = NULL;
$this->initAttr($attr, $val, $x);
}
}
}
<?php
defined('_NOAH') or die('Restricted access');
$configFileName = "config.php";
include_once GORUM_DIR . '/filter.php';
$_GET = filterInput($_GET);
$_COOKIE = filterInput($_COOKIE);
$_SERVER = filterInput($_SERVER);
$_FILES = filterInput($_FILES);
$_POST = filterInput($_POST);
if (isset($_POST["hostName"])) {
$hostName = $_POST["hostName"];
}
if (isset($_POST["dbUser"])) {
$dbUser = $_POST["dbUser"];
}
if (isset($_POST["dbUserPw"])) {
$dbUserPw = $_POST["dbUserPw"];
}
if (isset($_POST["dbPort"])) {
$dbPort = $_POST["dbPort"];
}
if (isset($_POST["dbSocket"])) {
$dbSocket = $_POST["dbSocket"];
}
if (isset($_POST["dbName"])) {
$dbName = $_POST["dbName"];
}
if (isset($_POST["dbPrefix"])) {
$dbPrefix = $_POST["dbPrefix"];
}
/**
* Custom exception handler with backtrace
*
* @param exception $exception Thrown exception
*
* @return void
*/
function exceptionHandler($exception)
{
global $dPconfig;
$time = date("Y-m-d H:i:s");
// User information
$user_id = null;
$user_view = "";
if (class_exists("CAppUI", false) && CAppUI::$user) {
$user = CAppUI::$user;
if ($user->_id) {
$user_id = $user->_id;
$user_view = $user->_view;
}
}
// Server IP
$server_ip = isset($_SERVER["SERVER_ADDR"]) ? $_SERVER["SERVER_ADDR"] : null;
$file = mbRelativePath($exception->getFile());
$line = $exception->getLine();
$type = "exception";
$text = $exception->getMessage();
// Stacktrace
$contexts = $exception->getTrace();
foreach ($contexts as &$ctx) {
unset($ctx['args']);
}
// Might noy be ready at the time error is thrown
$session = isset($_SESSION) ? $_SESSION : array();
unset($session['AppUI']);
unset($session['dPcompteRendu']['templateManager']);
$_all_params = array("GET" => $_GET, "POST" => $_POST, "SESSION" => $session);
filterInput($_all_params);
// CApp might not be ready yet as of early error handling
$request_uid = null;
if (class_exists("CApp", false)) {
$request_uid = CApp::getRequestUID();
CApp::$performance[CError::$_categories["exception"]]++;
}
$build_output = ini_get("display_errors");
$save_to_file = false;
$data = array("stacktrace" => $contexts, "param_GET" => $_all_params["GET"], "param_POST" => $_all_params["POST"], "session_data" => $_all_params["SESSION"]);
if (@$dPconfig["error_logs_in_db"] && class_exists("CErrorLog")) {
try {
CErrorLog::insert($user_id, $server_ip, $time, $request_uid, $type, $text, $file, $line, $data);
} catch (Exception $e) {
$build_output = true;
$save_to_file = true;
}
} else {
$build_output = true;
$save_to_file = true;
}
if ($build_output) {
$hash = md5(serialize($contexts));
$html_class = "big-warning";
$log = "\n\n<div class='{$html_class}' title='{$hash}'>";
if ($user_id) {
$log .= "\n<strong>User: </strong>{$user_view} ({$user_id})";
}
$file = CError::openInIDE($file, $line);
$log .= <<<HTML
<strong>Time: </strong>{$time}
<strong>Type: </strong>{$type}
<strong>Text: </strong>{$text}
<strong>File: </strong>{$file}
<strong>Line: </strong>{$line}
HTML;
foreach ($_all_params as $_type => $_params) {
$log .= print_infos($_all_params[$_type], $_type);
}
foreach ($contexts as $context) {
$function = isset($context["class"]) ? $context["class"] . ":" : "";
$function .= $context["function"] . "()";
$log .= "\n<strong>Function: </strong> {$function}";
if (isset($context["file"])) {
$log .= "\n<strong>File: </strong>" . CError::openInIDE($context["file"], isset($context["line"]) ? $context["line"] : null);
}
if (isset($context["line"])) {
$log .= "\n<strong>Line: </strong>" . $context["line"];
}
$log .= "<br />";
}
$log .= "</div>";
if ($save_to_file) {
file_put_contents(LOG_PATH, $log, FILE_APPEND);
}
if (ini_get("display_errors")) {
echo $log;
}
}
}
case "editSettings":
$arrWhitelist = array('dispatch' => array('type' => 'string', 'maxlength' => 100, 'required' => true));
if ($_POST) {
$_CLEAN_POST = filterInput($_POST, $arrWhitelist);
}
break;
case "editLanguage":
$arrWhitelist = array('frm_active' => array('type' => 'word', 'maxlength' => 5), 'frm_name' => array('type' => 'string', 'maxlength' => 100, 'required' => true), 'frm_apiname' => array('type' => 'word', 'maxlength' => 150), 'dispatch' => array('type' => 'string', 'maxlength' => 100, 'required' => true));
if ($_POST) {
$_CLEAN_POST = filterInput($_POST, $arrWhitelist);
}
break;
case "editAlias":
$arrWhitelist = array('frm_active' => array('type' => 'word', 'maxlength' => 5), 'frm_alias' => array('type' => 'word', 'maxlength' => 250, 'required' => true), 'frm_language' => array('type' => 'int', 'maxlength' => 150), 'frm_element' => array('type' => 'int', 'maxlength' => 150), 'dispatch' => array('type' => 'string', 'maxlength' => 100, 'required' => true));
if ($_POST) {
$_CLEAN_POST = filterInput($_POST, $arrWhitelist);
}
break;
case "editFeed":
$arrWhitelist = array('frm_active' => array('type' => 'word', 'maxlength' => 5), 'frm_name' => array('type' => 'string', 'maxlength' => 250, 'required' => true), 'frm_feed' => array('type' => 'string', 'maxlength' => 250, 'required' => true), 'frm_basepath' => array('type' => 'text', 'maxlength' => 250, 'required' => false), 'frm_refresh' => array('type' => 'int', 'maxlength' => 16, 'required' => true), 'dispatch' => array('type' => 'string', 'maxlength' => 100, 'required' => true));
if ($_POST) {
$_CLEAN_POST = filterInput($_POST, $arrWhitelist);
}
break;
case "addStructure":
$arrWhitelist = array('frm_structure' => array('type' => 'string'), 'dispatch' => array('type' => 'string', 'maxlength' => 100, 'required' => true));
if ($_POST) {
$_CLEAN_POST = filterInput($_POST, $arrWhitelist);
}
break;
}
function config($option)
{
global $mosConfig_absolute_path, $_CONFIG, $config_file;
if (@$_REQUEST['action'] == 'save') {
if (empty($_POST) || !wp_verify_nonce($_POST['csrf'], 'save')) {
print 'Sorry, your nonce did not verify.';
exit;
}
$msg = LM_MSG_BACK_1;
$databases_incl_list = "";
if (is_array($_REQUEST['databases_incl'])) {
foreach ($_REQUEST['databases_incl'] as $database) {
$databases_incl_list .= $database . ",";
}
}
foreach ($_REQUEST as $key => $value) {
if ($key == "cron_exclude") {
$_REQUEST[$key] = filterInput($value, 0);
} else {
$_REQUEST[$key] = filterInput($value);
}
}
foreach ($_REQUEST as $key => $value) {
update_site_option("xcloner_" . $key, $value, '', 'yes');
}
foreach ($_CONFIG as $key => $value) {
update_site_option("xcloner_" . $key, $_REQUEST[$key], '', 'yes');
}
//Additional radio options
#update_site_option ("xcloner_mem", $_REQUEST["mem"], '', 'yes');
#update_site_option ("xcloner_sql_mem", $_REQUEST["sql_mem"], '', 'yes');
#if ($fp = @fopen($config_file, 'w'))
if (1) {
$cfg = '<?' . 'php' . "\n";
$cfg .= '$_CONFIG[\'license_code\']="' . $_REQUEST[license_code] . '";' . "\n";
$cfg .= '$_CONFIG[\'backup_path\']="' . $_REQUEST[backup_path] . '";' . "\n";
$cfg .= '$_CONFIG[\'clonerPath\']="' . $_REQUEST[clonerPath] . '";' . "\n";
$cfg .= '$_CONFIG[\'jcpass\']=\'' . $jcpass . '\';' . "\n";
$cfg .= '$_CONFIG[\'mysql_host\']="' . $_REQUEST[mysql_host] . '";' . "\n";
$cfg .= '$_CONFIG[\'mysql_user\']=\'' . $_REQUEST[mysql_user] . '\';' . "\n";
$cfg .= '$_CONFIG[\'mysql_pass\']=\'' . $_REQUEST[mysql_pass] . '\';' . "\n";
$cfg .= '$_CONFIG[\'mysql_database\']="' . $_REQUEST[mysql_database] . '";' . "\n";
$cfg .= '$_CONFIG[\'select_folders\']="' . $_REQUEST[select_folders] . '";' . "\n";
$cfg .= '$_CONFIG[\'select_lang\']="' . $_REQUEST[select_lang] . '";' . "\n";
$cfg .= '$_CONFIG[\'secure_ftp\']="' . $_REQUEST[secure_ftp] . '";' . "\n";
$cfg .= '$_CONFIG[\'backup_compress\']="' . $_REQUEST[backup_compress] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_logemail\']="' . $_REQUEST[cron_logemail] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_exclude\']="' . $_REQUEST[cron_exclude] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_send\']="' . $_REQUEST[cron_send] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_btype\']="' . $_REQUEST[cron_btype] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_bname\']="' . $_REQUEST[cron_bname] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_ip\']="' . $_REQUEST[cron_ip] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_ftp_server\']="' . $_REQUEST[cron_ftp_server] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_ftp_user\']=\'' . $_REQUEST[cron_ftp_user] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_ftp_pass\']=\'' . $_REQUEST[cron_ftp_pass] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_ftp_path\']="' . $_REQUEST[cron_ftp_path] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_ftp_delb\']="' . $_REQUEST[cron_ftp_delb] . '";' . "\n";
$cfg .= '$_CONFIG[\'databases_incl_list\']="' . $databases_incl_list . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_sql_drop\']="' . $_REQUEST[cron_sql_drop] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_email_address\']="' . $_REQUEST[cron_email_address] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_file_delete\']="' . $_REQUEST[cron_file_delete] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_file_delete_act\']="' . $_REQUEST[cron_file_delete_act] . '";' . "\n";
$cfg .= '$_CONFIG[\'mem\']="' . $_REQUEST[mem] . '";' . "\n";
$cfg .= '$_CONFIG[\'backup_refresh\']="' . $_REQUEST[backup_refresh] . '";' . "\n";
$cfg .= '$_CONFIG[\'refresh_time\']="' . $_REQUEST[refresh_time] . '";' . "\n";
$cfg .= '$_CONFIG[\'refresh_mode\']="' . $_REQUEST[refresh_mode] . '";' . "\n";
$cfg .= '$_CONFIG[\'recordsPerSession\']="' . $_REQUEST[recordsPerSession] . '";' . "\n";
$cfg .= '$_CONFIG[\'excludeFilesSize\']="' . $_REQUEST[excludeFilesSize] . '";' . "\n";
$cfg .= '$_CONFIG[\'splitBackupSize\']="' . $_REQUEST[splitBackupSize] . '";' . "\n";
$cfg .= '$_CONFIG[\'backup_refresh_number\']="' . $_REQUEST[backup_refresh_number] . '";' . "\n";
$cfg .= '$_CONFIG[\'sql_mem\']="' . $_REQUEST[sql_mem] . '";' . "\n";
$cfg .= '$_CONFIG[\'enable_db_backup\']="' . $_REQUEST[enable_db_backup] . '";' . "\n";
$cfg .= '$_CONFIG[\'zippath\']="' . $_REQUEST[zippath] . '";' . "\n";
$cfg .= '$_CONFIG[\'tarpath\']="' . $_REQUEST[tarpath] . '";' . "\n";
$cfg .= '$_CONFIG[\'sqldump\']="' . $_REQUEST[sqldump] . '";' . "\n";
$cfg .= '$_CONFIG[\'system_dlink\']="' . $_REQUEST[system_dlink] . '";' . "\n";
$cfg .= '$_CONFIG[\'mosConfig_live_site\']="' . $_SERVER['HTTP_HOST'] . '";' . "\n";
$cfg .= '$_CONFIG[\'system_ftptransfer\']="' . $_REQUEST[system_ftptransfer] . '";' . "\n";
$cfg .= '$_CONFIG[\'system_mdatabases\']="' . $_REQUEST[system_mdatabases] . '";' . "\n";
$cfg .= '$_CONFIG[\'add_backups_dir\']="' . $_REQUEST[add_backups_dir] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_amazon_active\']="' . $_REQUEST[cron_amazon_active] . '";' . "\n";
$cfg .= '$_CONFIG[\'cron_amazon_awsAccessKey\']=\'' . $_REQUEST[cron_amazon_awsAccessKey] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_amazon_awsSecretKey\']=\'' . $_REQUEST[cron_amazon_awsSecretKey] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_amazon_bucket\']=\'' . $_REQUEST[cron_amazon_bucket] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_amazon_dirname\']=\'' . $_REQUEST[cron_amazon_dirname] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_amazon_ssl\']=\'' . $_REQUEST[cron_amazon_ssl] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_dropbox_active\']=\'' . $_REQUEST[cron_dropbox_active] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_dropbox_Key\']=\'' . $_REQUEST[cron_dropbox_Key] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_dropbox_Secret\']=\'' . $_REQUEST[cron_dropbox_Secret] . '\';' . "\n";
$cfg .= '$_CONFIG[\'cron_dropbox_dirname\']=\'' . $_REQUEST[cron_dropbox_dirname] . '\';' . "\n";
$cfg .= '$_CONFIG[\'debug\']="' . $_REQUEST[debug] . '";' . "\n";
$cfg .= '?' . '>';
$msg = LM_MSG_BACK_1;
if ($_REQUEST['cron_save_as'] != "") {
$fcron = $_CONFIG['multiple_config_dir'] . "/" . $_REQUEST['cron_save_as'] . ".php";
if ($fp = @fopen($fcron, "w")) {
fwrite($fp, $cfg);
fclose($fp);
} else {
$msg = "Unable to save " . $fcron . " file, please make sure the folder is writeable!";
}
}
mosRedirect('index2.php?option=' . $option . "&task=config", $msg);
}
mosRedirect('index2.php?option=' . $option . "&task=config", $msg);
}
$html = new HTML_cloner();
$html->Config($option);
}