/**
* The homepage expects widgets having IDs 1, 2, 3, and 4 to exist, as it uses these
* as "sample widgets".
*/
protected function createHomepageWidgets()
{
for ($id = 1; $id <= 4; $id++) {
$w = getWidget();
DB\query("UPDATE widgets SET id = ? WHERE id = ?", array($id, $w->id));
}
}
function testDeterminingWhetherWidgetHasEndedOrNot()
{
$w = getWidget();
$w->ending = new DateTime('-1 day');
assertTrue($w->hasEnded());
$w->ending = new DateTime((new DateTime('now'))->format('Y-m-d'));
assertFalse($w->hasEnded());
$w->ending = new DateTime('+1 day');
assertFalse($w->hasEnded());
}
function testEndingWidget()
{
$w = getWidget($this->user);
$this->updateEndingDate($w, new DateTime('+7 days'));
assertFalse($w->hasEnded());
$this->get('/dashboard/');
$this->clickLink("//a[contains(text(), 'End') and contains(@href, '{$w->id}')]");
$this->submitForm($this->getForm('end-widget-' . $w->id));
$wNow = Widget::getByID($w->id);
assertTrue($wNow->hasEnded());
}
/**
* The X-Frame-Options HTTP header (with a value of "DENY") should be included by default
* on all pages. Only the chipin widgets themselves should exclude this option, as they will
* be embedded in iframes on other websites.
*/
function testInclusionOfFrameOptionsHeader()
{
foreach (array('/about/', '/account/signup', '/widget-wiz/step-one') as $uri) {
$r = $this->get($uri);
$hs = $r->getValuesForHeader('X-Frame-Options');
$value = strtolower(head($hs));
assertTrue($value == 'deny' || $value == 'sameorigin');
}
$w = getWidget();
$r = $this->get("/widgets/by-id/{$w->id}");
assertEmpty($r->getValuesForHeader('X-Frame-Options'));
}
function getPage($page_id)
{
$result = mysql_query("select * from cms_pages where id='{$page_id}' ");
$numrows = mysql_num_rows($result);
if ($numrows) {
$page_title = mysql_result($result, $i, 'title');
$page_html = mysql_result($result, $i, 'html');
$page_type = mysql_result($result, $i, 'type');
$widget_id = mysql_result($result, $i, 'widget_id');
$widget_arr = getContents($page_html, '##wid_start##', '##wid_end##');
$final_html = $page_html;
foreach ($widget_arr as $widget_content) {
$widget_id = getContents($widget_content, '##wid_id_start##', '##wid_id_end##')[0];
$widget_condition = getContents($widget_content, '##wid_con_start##', '##wid_con_end##')[0];
$template_html = getWidget($widget_id, $page_id, $widget_condition);
$final_html = str_replace('##wid_start##', '', str_replace('##wid_end##', '', replaceContents($final_html, '##wid_start##', '##wid_end##', $template_html)));
}
return $final_html;
}
}
?>
</div>
<!-- 트리형 메뉴 -->
<div class="panel panel-default">
<div class="panel-heading">
<h4 class="panel-title"><?php
echo _LANG('s2001', 'xlayout');
?>
</h4>
</div>
<div class="panel-body">
<div class="rb-tree">
<?php
if ($_FHM['is_child']) {
getWidget('default/mk-menu-tree', array('smenu' => '-1', 'link' => 'link', 'menuopen' => $d['layout']['sub_tree'] ? 1 : 0));
}
?>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<?php
include $g['dir_layout'] . '/_includes/footer.php';
?>
<?php
<div class="site-wrapper">
<div class="site-wrapper-inner">
<div class="cover-container">
<div class="masthead clearfix">
<div class="inner">
<h3 class="masthead-brand"><?php
echo $d['layout']['site_brand'];
?>
</h3>
<ul class="nav masthead-nav">
<li class="active"><a href="#">Home</a></li>
<?php
getWidget('default/mk-menu-default', array('smenu' => '0', 'limit' => '2', 'dropdown' => '1', 'dispfmenu' => '1', 'link' => 'bookmark'));
?>
</ul>
</div>
</div>
<div class="inner cover">
<h1 class="cover-heading">Cover your page.</h1>
<p class="lead">Cover is a one-page template for building simple and beautiful home pages. Download, edit the text, and add your own fullscreen background photo to make it your own.</p>
<p class="lead">
<a href="#" class="btn btn-lg btn-default">Learn more</a>
</p>
</div>
<div class="mastfoot">
<div class="inner">
/?r=<?php
echo $r;
?>
&layoutPage=blog">blog</a>
</li>
<li>
<a href="<?php
echo $g['s'];
?>
/?r=<?php
echo $r;
?>
&layoutPage=contact">contact</a>
</li>
<?php
getWidget('default/mk-menu-default', array('smenu' => '0', 'limit' => '2', 'link' => 'link'));
?>
</ul>
</div>
<!-- /.navbar-collapse -->
</div>
<!-- /.container -->
</nav>
<div class="container">
<?php
include __KIMS_CONTENT__;
?>
<?php
$usuario_core->validateUser();
require 'Logic/widget.php';
require 'Logic/afiliado.php';
if (isset($_GET["id"])) {
$widget = getWidget($_GET["id"]);
$usuario_id = $usuario->id;
$afiliado = getAfiliadoByIdUsuario($usuario_id);
$afiliado_id = $afiliado->id;
$configuracion = $widget->configuracion;
$smarty->assign("configuracion", (object) $configuracion);
$afiliado_id_encriptado = urlencode(Encrypter::encrypt($afiliado_id, 'afiliado'));
$smarty->assign("code", $afiliado_id_encriptado);
$enlace = $base_url . '?a=' . $afiliado_id_encriptado;
$smarty->assign("enlace", $enlace);
if ($widget->tipo == 'banner') {
$rgb = Core_Util_General::hex2rgb($configuracion['backgroundBody']);
$images = getAllHotelImages($configuracion['hotelId']);
$smarty->assign('image', array_pop($images));
$hotel_h = getHotelById($configuracion['hotelId']);
$smarty->assign("hotel_h", $hotel_h);
$destino = getDestino($hotel->destinoId);
$smarty->assign("destino", $destino);
$smarty->assign("rgb", implode(",", $rgb));
$enlace = 'http://' . $hotel_h->dominioCampania . '?a=' . $afiliado_id_encriptado;
$smarty->assign("enlace", $enlace);
$widget_html = $smarty->fetch('admin/widget/banner.tpl');
} else {
$destinos = getAfiliadoDestinos($afiliado_id);
$smarty->assign("destinos", $destinos);
<a href="#" class="btn btn-default btn-block navbar-btn rb-modal-login" role="button" data-toggle="modal" data-target="#modal_window"><i class="fa fa-sign-in fa-lg"></i> <?php
echo _LANG('s2005', 'xlayout');
?>
</a>
</div>
<?php
}
?>
<ul class="nav navbar-nav navbar-form">
<li><a href="<?php
echo RW(0);
?>
" class="rb-sidebar-close"><i class="fa fa-home fa-lg"></i> Home</a></li>
<?php
getWidget('default/mk-menu-default', array('smenu' => '0', 'limit' => '2', 'dropdown' => '1', 'dispfmenu' => '1', 'mobile' => '1'));
?>
</ul>
<?php
if ($my['admin']) {
?>
<a href="<?php
echo $g['s'];
?>
/?r=<?php
echo $r;
?>
&m=admin&module=dashboard&front=mobile.shortcut" class="btn btn-default btn-block navbar-btn rb-sidebar-close">
<i class="fa fa-user fa-lg"></i> <?php
echo _LANG('s2006', 'xlayout');
</div>
<div class="col-md-3 col-md-pull-9" role="navigation" id="content-sub">
<div class="rb-sidebar hidden-print">
<nav class="panel panel-default rb-menu">
<div class="panel-heading">
<h3 class="panel-title"><a href="<?php
echo RW('c=' . $_FHM['id']);
?>
"><?php
echo $_FHM['name'];
?>
</a></h3>
</div>
<?php
if ($_FHM['is_child']) {
getWidget('default/mk-menu-collapse', array('smenu' => '-1', 'limit' => '2', 'collid' => 'rb-sidemenu-collapse', 'dispfmenu' => '1', 'collapse' => $d['layout']['sub_colla'] ? 1 : 0));
}
?>
</nav>
</div>
</div>
</div>
</div>
<?php
include $g['dir_layout'] . '/_includes/footer.php';
?>
<?php
include $g['dir_layout'] . '/_includes/_import.foot.php';
?>
?>
</ul>
</nav>
</div>
</section>
<!-- Widgets -->
<?php
getWidget('b-dash/overview', array('title' => 'Event Overview', 'widgetbox' => 'event-overview'));
getWidget('b-dash/speakers', array('title' => 'Speakers & Moderators', 'widgetbox' => 'speakers-and-moderators'));
getWidget('b-dash/timeline', array('title' => 'Event Program', 'widgetbox' => 'event-program'));
getWidget('b-dash/gallery', array('limit' => '5', 'title' => 'Previous Events', 'widgetbox' => 'previous-events'));
?>
<!-- animate.css : https://github.com/daneden/animate.css -->
<link rel="stylesheet" href="<?php
echo $g['s'];
?>
/_core/opensrc/animate.css/3.1.1/animate.min.css">
<script>
$('.rb-cover h1').addClass('animated fadeInLeft');
$('.rb-section-speakers .page-header h1').addClass('animated fadeInDown');
</script>
<div id="mjointbox">
<div class="title">
이 위젯(<span class="b"><?php
echo getFolderName($g['path_widget'] . $swidget);
?>
</span>)을 추가하시겠습니까?
</div>
<div class="preview"><?php
getWidget($swidget, array('widget_id' => $swidget));
?>
</div>
<div class="btnbox">
<?php
if ($isWcode == 'Y') {
?>
<input type="button" value="위젯코드" class="btnblue" onclick="widgetCode();" />
<?php
} else {
?>
<input type="submit" value="위젯추가" class="btnblue" onclick="getWidgetCode();" />
<?php
}
?>
</div>
/**
* In the case that there's some sort of communication problem with attempting to check
* the given Bitcoin-address balance (via Blockchain.info), we want to make sure that
* does not lead to an exception reaching the top level.
*/
function testActionForCheckingWidgetProgressViaJavascriptElegantlyHandlesNetworkError()
{
$w = getWidget();
$w->bitcoinAddress = '1AkZUyVHtVsU6ZmAu1iSDhYiXbqFgKqzbt';
$w->save();
try {
$this->get(Routes\checkWidgetProgress($w));
} catch (UnexpectedHttpResponseCode $_) {
/* We'll accept that. */
}
}
//TODO : it would be more reliable if we put in the settings table the widgets to load and where
// if we put a json dict in the database with for each element in the list:
// * the place where we want to place the widget (sidebar, footer)
// * the file to load
// * the order in which is have to load
// After that we need to check, before loading the tpl, if the widget function is returning a well formatted array
// * if yes => show it
// * if not => show an error in the widget place
$widget_path = dirname(__FILE__) . '/widgets';
$widget_files = json_decode($blog_settings->get('planet_widget_files'));
if (is_array($widget_files)) {
foreach ($widget_files as $file) {
if (is_dir($widget_path) && is_file($widget_path . '/' . $file->{'name'})) {
# Build an array of available widgets
require_once $widget_path . '/' . $file->{'name'};
$wgt = getWidget();
foreach ($wgt['styles'] as $sty) {
$styles[] = $sty;
}
foreach ($wgt['scripts'] as $spt) {
$scripts[] = $spt;
}
if ($file->{'position'} == "sidebar") {
$core->tpl->setVar("sidebar-widget", array('title' => $wgt['title'], 'html' => $wgt['html'], 'id' => $wgt['id']));
$core->tpl->render('sidebar.widget');
}
if ($file->{"position"} == "footer") {
$core->tpl->setVar("footer-widget", array('title' => $wgt['title'], 'html' => $wgt['html'], 'id' => $wgt['id']));
$core->tpl->render('footer.widget');
}
}
/**
* Here we aim to assert we're not vulnerable to "CSRF" attacks. We do this simply by
* asserting a "raw" POST request will not be accepted for widget editing, as this should
* indicate the server is requiring some sort of "nonce" or "token" for accepting any
* form submission. More on CSRF here:
* https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
*/
function testResilienceToCrossSiteRequestForgeryAttack()
{
$w = getWidget($this->user);
$this->get("/widget-wiz/step-one?w={$w->id}");
try {
$this->post("/widget-wiz/step-one", array('title' => 'Hijacked', 'goal' => '1000', 'currency' => 'USD', 'ending' => "12/15/2020", 'bitcoinAddress' => '1E3FqrQTZSvTUdw7qZ4NnZppqiqnqqNcUN'));
} catch (UnexpectedHttpResponseCode $_) {
/* That will do... */
}
try {
$this->post("/widget-wiz/step-two", array('about' => 'Show me the money!', 'color' => Widgets\defaultColor(), 'size' => (string) Widgets\defaultSize()));
} catch (UnexpectedHttpResponseCode $_) {
/* That's good... */
}
$widgetNow = Widget::getByID($w->id);
assertNotEqual('Hijacked', $widgetNow->title);
assertNotEqual('1E3FqrQTZSvTUdw7qZ4NnZppqiqnqqNcUN', $widgetNow->bitcoinAddress);
assertNotEqual('Show me the money!', $widgetNow->about);
}
