/** * The homepage expects widgets having IDs 1, 2, 3, and 4 to exist, as it uses these * as "sample widgets". */ protected function createHomepageWidgets() { for ($id = 1; $id <= 4; $id++) { $w = getWidget(); DB\query("UPDATE widgets SET id = ? WHERE id = ?", array($id, $w->id)); } }
function testDeterminingWhetherWidgetHasEndedOrNot() { $w = getWidget(); $w->ending = new DateTime('-1 day'); assertTrue($w->hasEnded()); $w->ending = new DateTime((new DateTime('now'))->format('Y-m-d')); assertFalse($w->hasEnded()); $w->ending = new DateTime('+1 day'); assertFalse($w->hasEnded()); }
function testEndingWidget() { $w = getWidget($this->user); $this->updateEndingDate($w, new DateTime('+7 days')); assertFalse($w->hasEnded()); $this->get('/dashboard/'); $this->clickLink("//a[contains(text(), 'End') and contains(@href, '{$w->id}')]"); $this->submitForm($this->getForm('end-widget-' . $w->id)); $wNow = Widget::getByID($w->id); assertTrue($wNow->hasEnded()); }
/** * The X-Frame-Options HTTP header (with a value of "DENY") should be included by default * on all pages. Only the chipin widgets themselves should exclude this option, as they will * be embedded in iframes on other websites. */ function testInclusionOfFrameOptionsHeader() { foreach (array('/about/', '/account/signup', '/widget-wiz/step-one') as $uri) { $r = $this->get($uri); $hs = $r->getValuesForHeader('X-Frame-Options'); $value = strtolower(head($hs)); assertTrue($value == 'deny' || $value == 'sameorigin'); } $w = getWidget(); $r = $this->get("/widgets/by-id/{$w->id}"); assertEmpty($r->getValuesForHeader('X-Frame-Options')); }
function getPage($page_id) { $result = mysql_query("select * from cms_pages where id='{$page_id}' "); $numrows = mysql_num_rows($result); if ($numrows) { $page_title = mysql_result($result, $i, 'title'); $page_html = mysql_result($result, $i, 'html'); $page_type = mysql_result($result, $i, 'type'); $widget_id = mysql_result($result, $i, 'widget_id'); $widget_arr = getContents($page_html, '##wid_start##', '##wid_end##'); $final_html = $page_html; foreach ($widget_arr as $widget_content) { $widget_id = getContents($widget_content, '##wid_id_start##', '##wid_id_end##')[0]; $widget_condition = getContents($widget_content, '##wid_con_start##', '##wid_con_end##')[0]; $template_html = getWidget($widget_id, $page_id, $widget_condition); $final_html = str_replace('##wid_start##', '', str_replace('##wid_end##', '', replaceContents($final_html, '##wid_start##', '##wid_end##', $template_html))); } return $final_html; } }
?> </div> <!-- 트리형 메뉴 --> <div class="panel panel-default"> <div class="panel-heading"> <h4 class="panel-title"><?php echo _LANG('s2001', 'xlayout'); ?> </h4> </div> <div class="panel-body"> <div class="rb-tree"> <?php if ($_FHM['is_child']) { getWidget('default/mk-menu-tree', array('smenu' => '-1', 'link' => 'link', 'menuopen' => $d['layout']['sub_tree'] ? 1 : 0)); } ?> </div> </div> </div> </div> </div> </div> </div> <?php include $g['dir_layout'] . '/_includes/footer.php'; ?> <?php
<div class="site-wrapper"> <div class="site-wrapper-inner"> <div class="cover-container"> <div class="masthead clearfix"> <div class="inner"> <h3 class="masthead-brand"><?php echo $d['layout']['site_brand']; ?> </h3> <ul class="nav masthead-nav"> <li class="active"><a href="#">Home</a></li> <?php getWidget('default/mk-menu-default', array('smenu' => '0', 'limit' => '2', 'dropdown' => '1', 'dispfmenu' => '1', 'link' => 'bookmark')); ?> </ul> </div> </div> <div class="inner cover"> <h1 class="cover-heading">Cover your page.</h1> <p class="lead">Cover is a one-page template for building simple and beautiful home pages. Download, edit the text, and add your own fullscreen background photo to make it your own.</p> <p class="lead"> <a href="#" class="btn btn-lg btn-default">Learn more</a> </p> </div> <div class="mastfoot"> <div class="inner">
/?r=<?php echo $r; ?> &layoutPage=blog">blog</a> </li> <li> <a href="<?php echo $g['s']; ?> /?r=<?php echo $r; ?> &layoutPage=contact">contact</a> </li> <?php getWidget('default/mk-menu-default', array('smenu' => '0', 'limit' => '2', 'link' => 'link')); ?> </ul> </div> <!-- /.navbar-collapse --> </div> <!-- /.container --> </nav> <div class="container"> <?php include __KIMS_CONTENT__; ?>
<?php $usuario_core->validateUser(); require 'Logic/widget.php'; require 'Logic/afiliado.php'; if (isset($_GET["id"])) { $widget = getWidget($_GET["id"]); $usuario_id = $usuario->id; $afiliado = getAfiliadoByIdUsuario($usuario_id); $afiliado_id = $afiliado->id; $configuracion = $widget->configuracion; $smarty->assign("configuracion", (object) $configuracion); $afiliado_id_encriptado = urlencode(Encrypter::encrypt($afiliado_id, 'afiliado')); $smarty->assign("code", $afiliado_id_encriptado); $enlace = $base_url . '?a=' . $afiliado_id_encriptado; $smarty->assign("enlace", $enlace); if ($widget->tipo == 'banner') { $rgb = Core_Util_General::hex2rgb($configuracion['backgroundBody']); $images = getAllHotelImages($configuracion['hotelId']); $smarty->assign('image', array_pop($images)); $hotel_h = getHotelById($configuracion['hotelId']); $smarty->assign("hotel_h", $hotel_h); $destino = getDestino($hotel->destinoId); $smarty->assign("destino", $destino); $smarty->assign("rgb", implode(",", $rgb)); $enlace = 'http://' . $hotel_h->dominioCampania . '?a=' . $afiliado_id_encriptado; $smarty->assign("enlace", $enlace); $widget_html = $smarty->fetch('admin/widget/banner.tpl'); } else { $destinos = getAfiliadoDestinos($afiliado_id); $smarty->assign("destinos", $destinos);
<a href="#" class="btn btn-default btn-block navbar-btn rb-modal-login" role="button" data-toggle="modal" data-target="#modal_window"><i class="fa fa-sign-in fa-lg"></i> <?php echo _LANG('s2005', 'xlayout'); ?> </a> </div> <?php } ?> <ul class="nav navbar-nav navbar-form"> <li><a href="<?php echo RW(0); ?> " class="rb-sidebar-close"><i class="fa fa-home fa-lg"></i> Home</a></li> <?php getWidget('default/mk-menu-default', array('smenu' => '0', 'limit' => '2', 'dropdown' => '1', 'dispfmenu' => '1', 'mobile' => '1')); ?> </ul> <?php if ($my['admin']) { ?> <a href="<?php echo $g['s']; ?> /?r=<?php echo $r; ?> &m=admin&module=dashboard&front=mobile.shortcut" class="btn btn-default btn-block navbar-btn rb-sidebar-close"> <i class="fa fa-user fa-lg"></i> <?php echo _LANG('s2006', 'xlayout');
</div> <div class="col-md-3 col-md-pull-9" role="navigation" id="content-sub"> <div class="rb-sidebar hidden-print"> <nav class="panel panel-default rb-menu"> <div class="panel-heading"> <h3 class="panel-title"><a href="<?php echo RW('c=' . $_FHM['id']); ?> "><?php echo $_FHM['name']; ?> </a></h3> </div> <?php if ($_FHM['is_child']) { getWidget('default/mk-menu-collapse', array('smenu' => '-1', 'limit' => '2', 'collid' => 'rb-sidemenu-collapse', 'dispfmenu' => '1', 'collapse' => $d['layout']['sub_colla'] ? 1 : 0)); } ?> </nav> </div> </div> </div> </div> <?php include $g['dir_layout'] . '/_includes/footer.php'; ?> <?php include $g['dir_layout'] . '/_includes/_import.foot.php'; ?>
?> </ul> </nav> </div> </section> <!-- Widgets --> <?php getWidget('b-dash/overview', array('title' => 'Event Overview', 'widgetbox' => 'event-overview')); getWidget('b-dash/speakers', array('title' => 'Speakers & Moderators', 'widgetbox' => 'speakers-and-moderators')); getWidget('b-dash/timeline', array('title' => 'Event Program', 'widgetbox' => 'event-program')); getWidget('b-dash/gallery', array('limit' => '5', 'title' => 'Previous Events', 'widgetbox' => 'previous-events')); ?> <!-- animate.css : https://github.com/daneden/animate.css --> <link rel="stylesheet" href="<?php echo $g['s']; ?> /_core/opensrc/animate.css/3.1.1/animate.min.css"> <script> $('.rb-cover h1').addClass('animated fadeInLeft'); $('.rb-section-speakers .page-header h1').addClass('animated fadeInDown'); </script>
<div id="mjointbox"> <div class="title"> 이 위젯(<span class="b"><?php echo getFolderName($g['path_widget'] . $swidget); ?> </span>)을 추가하시겠습니까? </div> <div class="preview"><?php getWidget($swidget, array('widget_id' => $swidget)); ?> </div> <div class="btnbox"> <?php if ($isWcode == 'Y') { ?> <input type="button" value="위젯코드" class="btnblue" onclick="widgetCode();" /> <?php } else { ?> <input type="submit" value="위젯추가" class="btnblue" onclick="getWidgetCode();" /> <?php } ?> </div>
/** * In the case that there's some sort of communication problem with attempting to check * the given Bitcoin-address balance (via Blockchain.info), we want to make sure that * does not lead to an exception reaching the top level. */ function testActionForCheckingWidgetProgressViaJavascriptElegantlyHandlesNetworkError() { $w = getWidget(); $w->bitcoinAddress = '1AkZUyVHtVsU6ZmAu1iSDhYiXbqFgKqzbt'; $w->save(); try { $this->get(Routes\checkWidgetProgress($w)); } catch (UnexpectedHttpResponseCode $_) { /* We'll accept that. */ } }
//TODO : it would be more reliable if we put in the settings table the widgets to load and where // if we put a json dict in the database with for each element in the list: // * the place where we want to place the widget (sidebar, footer) // * the file to load // * the order in which is have to load // After that we need to check, before loading the tpl, if the widget function is returning a well formatted array // * if yes => show it // * if not => show an error in the widget place $widget_path = dirname(__FILE__) . '/widgets'; $widget_files = json_decode($blog_settings->get('planet_widget_files')); if (is_array($widget_files)) { foreach ($widget_files as $file) { if (is_dir($widget_path) && is_file($widget_path . '/' . $file->{'name'})) { # Build an array of available widgets require_once $widget_path . '/' . $file->{'name'}; $wgt = getWidget(); foreach ($wgt['styles'] as $sty) { $styles[] = $sty; } foreach ($wgt['scripts'] as $spt) { $scripts[] = $spt; } if ($file->{'position'} == "sidebar") { $core->tpl->setVar("sidebar-widget", array('title' => $wgt['title'], 'html' => $wgt['html'], 'id' => $wgt['id'])); $core->tpl->render('sidebar.widget'); } if ($file->{"position"} == "footer") { $core->tpl->setVar("footer-widget", array('title' => $wgt['title'], 'html' => $wgt['html'], 'id' => $wgt['id'])); $core->tpl->render('footer.widget'); } }
/** * Here we aim to assert we're not vulnerable to "CSRF" attacks. We do this simply by * asserting a "raw" POST request will not be accepted for widget editing, as this should * indicate the server is requiring some sort of "nonce" or "token" for accepting any * form submission. More on CSRF here: * https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) */ function testResilienceToCrossSiteRequestForgeryAttack() { $w = getWidget($this->user); $this->get("/widget-wiz/step-one?w={$w->id}"); try { $this->post("/widget-wiz/step-one", array('title' => 'Hijacked', 'goal' => '1000', 'currency' => 'USD', 'ending' => "12/15/2020", 'bitcoinAddress' => '1E3FqrQTZSvTUdw7qZ4NnZppqiqnqqNcUN')); } catch (UnexpectedHttpResponseCode $_) { /* That will do... */ } try { $this->post("/widget-wiz/step-two", array('about' => 'Show me the money!', 'color' => Widgets\defaultColor(), 'size' => (string) Widgets\defaultSize())); } catch (UnexpectedHttpResponseCode $_) { /* That's good... */ } $widgetNow = Widget::getByID($w->id); assertNotEqual('Hijacked', $widgetNow->title); assertNotEqual('1E3FqrQTZSvTUdw7qZ4NnZppqiqnqqNcUN', $widgetNow->bitcoinAddress); assertNotEqual('Show me the money!', $widgetNow->about); }