예제 #1
0
        $company->setId($id);
        if (!empty($company->info['member_id'])) {
            $member->setId($company->info['member_id']);
        }
        $push_data['company'] = $company->info;
        $push_data['member'] = $member->info;
        if (!empty($company->info)) {
            $pdb->Execute("REPLACE INTO {$tb_prefix}spacecaches (cache_spacename,company_id,data1,data2,expiration) VALUE ('" . $company->info['cache_spacename'] . "','" . $id . "','" . @serialize($push_data) . "',''," . ($time_stamp + $space_cache_cycle) . ")");
        }
    }
}
if (isset($company->info['status']) && $company->info['status'] === 0) {
    header_sent(L('company_checking'));
    exit;
} elseif (empty($company->info) || !$company->info) {
    header_sent(L('data_not_exists'));
    exit;
}
if (!empty($company->info['created'])) {
    $time_tmp = $time_stamp - $company->info['created'];
    $company->info['year_sep'] = $time_tmp = ceil($time_tmp / (3600 * 24 * 365));
}
if (empty($company->info['email'])) {
    $company->info['email'] = $_PB_CACHE['setting']['service_email'];
}
if (empty($company->info['picture'])) {
    $company->info['logo'] = $absolute_uri . pb_get_attachmenturl('', '', 'big');
} else {
    $company->info['logo'] = $absolute_uri . $attachment_url . $company->info['picture'];
}
$pdb->setFetchMode(ADODB_FETCH_BOTH);
예제 #2
0
    $msg .= "<br />" . L("db_conn_error_no", 'msg', $pdb->ErrorNo());
    if (!file_exists(DATA_PATH . "install.lock")) {
        $msg .= "<br /><a href='install/install.php'>" . L("please_reinstall_program", "msg") . "</a>";
    }
    header_sent($msg);
    exit;
}
if ($dbcharset && mysql_get_server_info() > '4.1') {
    $pdb->Execute("SET NAMES '{$dbcharset}'");
}
if (!file_exists(CACHE_PATH . "cache_setting.php")) {
    require_once LIB_PATH . "cache.class.php";
    $cache = new Caches();
    if ($cache->cacheAll()) {
        $msg .= "<a href='index.php'>" . L("cached_and_refresh") . "</a>";
        header_sent($msg);
        exit;
    }
}
$cachelost = (include CACHE_PATH . 'cache_setting.php') ? '' : 'settings';
$phpb2b_auth_key = md5($_PB_CACHE['setting']['auth_key'] . pb_getenv('HTTP_USER_AGENT'));
$php_self = pb_getenv('PHP_SELF');
$base_script = basename($php_self);
list($basefilename) = explode('.', $base_script);
if ($headercharset) {
    @header('Content-Type: text/html; charset=' . $charset);
}
//timezone
$time_offset = isset($_PB_CACHE['setting']['time_offset']) ? $_PB_CACHE['setting']['time_offset'] : 0;
$date_format = isset($_PB_CACHE['setting']['date_format']) ? $_PB_CACHE['setting']['date_format'] : "Y-m-d";
$time_now = array('time' => gmdate("{$date_format} H:i", $time_stamp + 3600 * $time_offset), 'offset' => $time_offset >= 0 ? $time_offset == 0 ? '' : '+' . $time_offset : $time_offset);
예제 #3
0
function pb_attack_filter($StrFiltKey, $StrFiltValue, $ArrFiltReq)
{
    if (is_array($StrFiltValue)) {
        $StrFiltValue = @implode(",", $StrFiltValue);
    }
    if (preg_match("/" . $ArrFiltReq . "/is", $StrFiltValue) == 1) {
        echo $StrFiltValue;
        header_sent("Warning : Illegal operation!");
        exit;
    }
}
예제 #4
0
 public function init()
 {
     global $subdomain_support, $rewrite_able, $pdb, $time_stamp, $tb_prefix, $absolute_uri, $attachment_url, $G, $viewhelper;
     //espcial done for multi arrTemplate
     $this->loadModel("space");
     $sections = 'space';
     $this->view->configLoad('default.conf', $sections);
     if (isset($_GET['userid'])) {
         $this->userid = trim(htmlspecialchars($_GET['userid']));
     }
     if ($subdomain_support && $rewrite_able) {
         $hosts = explode($subdomain_support, pb_getenv('HTTP_HOST'));
         if ($hosts[0] != "www") {
             //				$this->userid = trim($hosts[0]);
         }
     }
     $G['membergroup'] = cache_read("membergroup");
     using("member", "company");
     $member = new Members();
     $company = new Companies();
     $space_name = '';
     if (empty($theme_name)) {
         $theme_name = "default";
         $style_name = isset($G['setting']['theme']) && !empty($G['setting']['theme']) ? $G['setting']['theme'] : "default";
         $ADODB_CACHE_DIR = DATA_PATH . 'dbcache';
     }
     $this->view->assign("theme_img_path", "templates/" . $theme_name . "/");
     $this->view->assign('ThemeName', $theme_name);
     $cache_data = $push_data = array();
     if (!empty($this->userid)) {
         $userid = $this->userid;
         $member->setInfoBySpaceName($this->userid);
         if (!empty($member->info['id'])) {
             $this->member_id = $member->info['id'];
             $company->setInfoByMemberId($member->info['id']);
         } else {
             $company->setInfoBySpaceName($this->userid);
         }
         $push_data['company'] = $company->info;
         $this->company_id = $company->info['id'];
         $push_data['member'] = $member->info;
     } elseif (!empty($_GET['id'])) {
         $id = intval($_GET['id']);
         $company->id = $this->company_id = $id;
         $company->setInfoById($id);
         if (!empty($company->info['member_id'])) {
             $member->id = $this->member_id = $company->info['member_id'];
         }
         $push_data['company'] = $company->info;
         $push_data['member'] = $member->info;
     }
     if (isset($company->info['status']) && $company->info['status'] === 0) {
         header_sent(L('company_checking'));
         exit;
     } elseif (empty($company->info) || !$company->info) {
         header_sent(L('data_not_exists'));
         exit;
     }
     $cache_data = $pdb->GetRow("SELECT data2 AS style FROM {$tb_prefix}spacecaches WHERE company_id='" . $company->info['id'] . "'");
     if (isset($cache_data['style'])) {
         $skin_extra_style = $cache_data['style'];
     }
     if (!empty($company->info['created'])) {
         $time_tmp = $time_stamp - $company->info['created'];
         $company->info['year_sep'] = $time_tmp = ceil($time_tmp / (3600 * 24 * 365));
     }
     if (empty($company->info['email'])) {
         $company->info['email'] = $G['setting']['service_email'];
     }
     if (empty($company->info['picture'])) {
         $company->info['logo'] = $absolute_uri . pb_get_attachmenturl('', '', 'big');
     } else {
         $company->info['logo'] = $absolute_uri . $attachment_url . $company->info['picture'];
     }
     $company->info = pb_lang_split_recursive($company->info);
     $company->info['description'] = nl2br(strip_tags($company->info['description']));
     $is_set_default_skins = false;
     $member_templet_id = $member->info['templet_id'];
     if (isset($_GET['force_templet_id'])) {
         $member_templet_id = intval($_GET['force_templet_id']);
     }
     if (!empty($member_templet_id)) {
         $skin_path_info = $pdb->GetRow("SELECT name,directory FROM {$tb_prefix}templets WHERE type='user' AND status='1' AND id='" . $member_templet_id . "'");
     }
     if (empty($skin_path_info)) {
         $skin_path_info = $pdb->GetRow("SELECT name,directory FROM {$tb_prefix}templets WHERE type='user' AND is_default='1'");
         if (empty($skin_path_info)) {
             $is_set_default_skins = true;
         }
     } elseif (!is_dir(PHPB2B_ROOT . $skin_path_info)) {
         $is_set_default_skins = true;
     }
     if ($is_set_default_skins) {
         $skin_path_info = array();
         $skin_path_info[] = "default";
         $skin_path_info[] = "templates/skins/default/";
     }
     list($skin_path, $skin_dir) = $skin_path_info;
     if (strpos($skin_dir, "templates") === false) {
         $skin_dir = "templates/" . $skin_dir;
         //for 4.3 upgrade from 4.3 below,begin 2012.10
     }
     $this->skin_path = $skin_path;
     $this->skin_dir = $skin_dir;
     uaAssign(array("SkinName" => $skin_path, "ThemeName" => $skin_path, "SkinPath" => $skin_dir, "COMPANY" => $company->info, "MEMBER" => $member->info));
     $this->view->setTemplateDir(PHPB2B_ROOT . "templates" . DS . "skins" . DS);
     $this->view->setCompileDir(DATA_PATH . "templates_c" . DS . $this->lang . DS . "skin" . DS . $skin_path . DS);
     if (isset($member->info['id'])) {
         $this->setLinks($member->info['id']);
     }
     $this->setMenu($company->info['cache_spacename'], $this->spaceModules);
     $product_types = $pdb->GetArray("SELECT *,id as typeid,name as typename FROM {$tb_prefix}producttypes WHERE company_id=" . $company->info['id']);
     //set and get db cache
     setvar("ProductTypes", $product_types);
     $group_info = array();
     $group_info['year'] = $time_tmp;
     if (!empty($member->info['membergroup_id']['name'])) {
         $group_info['name'] = $G['membergroup'][$member->info['membergroup_id']]['name'];
     } else {
         $group_info['name'] = L("undefined_image", "tpl");
     }
     if (!empty($member->info['membergroup_id']['avatar'])) {
         $group_info['image'] = $absolute_uri . STATICURL . "images/group/" . $G['membergroup'][$member->info['membergroup_id']]['avatar'];
     } else {
         $group_info['image'] = $absolute_uri . STATICURL . "images/group/formal.gif";
     }
     setvar("GROUP", $group_info);
     //for old version
     if (isset($member->info['membergroup_id']['name'])) {
         setvar("GroupName", $G['membergroup'][$member->info['membergroup_id']]['name']);
     }
     if (isset($member->info['membergroup_id']['avatar'])) {
         setvar("GroupImage", $absolute_uri . STATICURL . "images/group/" . $G['membergroup'][$member->info['membergroup_id']]['avatar']);
     }
     setvar("Menus", $this->getMenu());
     setvar("Links", $this->getLinks());
     $space_url = $this->rewrite($company->info['cache_spacename'], $company->info['id']);
     setvar("space_url", $space_url);
     setvar("SpaceUrl", $absolute_uri . $skin_dir);
     $space_extra_style = '';
     setvar("SpaceExtraStyle", $space_extra_style);
     if (!empty($skin_extra_style)) {
         $space_extra_style = $absolute_uri . $skin_dir . "styles/" . $skin_extra_style . "/";
         setvar("SpaceExtraStyle", $space_extra_style);
     }
     setvar("BASEMAP", $absolute_uri . $skin_dir);
     $pdb->Execute("UPDATE {$tb_prefix}companies SET clicked=clicked+1 WHERE id='" . $company->info['id'] . "'");
     if (!empty($arrTemplate)) {
         $this->view->assign($arrTemplate);
     }
     if (!empty($_GET['module'])) {
         $this->module = trim($_GET['module']);
     }
     $this->view->assign("cur", "space_" . $this->module);
 }
예제 #5
0
function pb_submit_check($var)
{
    $referer = pb_getenv('HTTP_REFERER');
    if (is_file(DATA_PATH . 'antispam' . DS . 'index.php')) {
        require DATA_PATH . 'antispam' . DS . 'index.php';
    }
    if (!empty($_POST[$var]) && $_SERVER['REQUEST_METHOD'] == 'POST') {
        if ((empty($referer) || preg_replace("/https?:\\/\\/([^\\:\\/]+).*/i", "\\1", $referer) == preg_replace("/([^\\:]+).*/", "\\1", pb_getenv('HTTP_HOST'))) && $_POST['formhash'] == formhash()) {
            return true;
        }
    }
    header_sent(L("invalid_submit"));
    exit;
}
예제 #6
0
파일: index.php 프로젝트: reboxhost/phpb2b
<?php

/**
 *      [PHPB2B] Copyright (C) 2007-2099, Ualink Inc. All Rights Reserved.
 *      The contents of this file are subject to the License; you may not use this file except in compliance with the License. 
 *
 *      @version $Revision: 2075 $
 */
define('ANTI_FORCE', true);
define('ANTI_LEVEL', 3);
//higher,will be more secure,default 3.
if (ANTI_FORCE) {
    $GLOBALS['log']->lwrite($_SERVER['HTTP_USER_AGENT']);
    $ip_addr = pb_get_client_ip("long");
    if (strpos($referer, pb_getenv('HTTP_HOST')) === false || empty($ip_addr)) {
        header_sent(L("invalid_submit"));
        exit;
    }
    $client_agent = $_SERVER['HTTP_USER_AGENT'];
    if (preg_match('/windows 2000/', $client_agent)) {
        header("Location:" . URL);
        exit;
    }
    $temp = explode('(', $client_agent);
    $Part = $temp[0];
    $ext_info = $temp[1];
    $ext_info = explode(')', $ext_info);
    $temp = explode(';', trim($ext_info[0]));
    $r_info = array();
    if (!empty($ext_info[1])) {
        $r_info = trim($ext_info[1]);