function xhprof_shutdown() { global $xhprofMainConfig; $xhprof_data = xhprof_disable(); if (function_exists('fastcgi_finish_request')) { fastcgi_finish_request(); } try { require_once __DIR__ . '/../xhprof/classes/data.php'; $xhprof_data_obj = new \ay\xhprof\Data($xhprofMainConfig['pdo']); $xhprof_data_obj->save($xhprof_data); } catch (Exception $e) { // old php versions don't like Exceptions in shutdown functions // -> log them to have some usefull info in the php-log if (PHP_VERSION_ID < 504000) { if (function_exists('log_exception')) { log_exception($e); } else { error_log($e->__toString()); } } // re-throw to show the caller something went wrong throw $e; } }
function __ini_app(\Owl\Application $app) { $app->middleware(function ($request, $response) { $start = microtime(true); yield; $use_time = (microtime(true) - $start) * 1000; $response->withHeader('x-run-time', (int) $use_time); }); $router = new \Owl\Mvc\Router(['namespace' => '\\Controller']); $app->middleware(function ($request, $response) use($router) { $router->execute($request, $response); }); $app->setExceptionHandler(function ($exception, $request, $response) { if ($exception instanceof \Owl\Http\Exception) { $status = $exception->getCode(); } else { $status = 500; log_exception(get_logger('default'), $exception); } $response->withStatus($status); if (DEBUG) { foreach (__exception_headers($exception, 8) as $key => $value) { $response->withHeader($key, $value); } } if (!$request->isAjax()) { $view = new \Owl\Mvc\View(ROOT_DIR . '/View'); $response->write($view->render('_error', ['exception' => $exception])); } }); return $app; }
function validate_xsrf_token($token) { if ($_SESSION[CONST_XSRF_TOKEN_KEY] != $token) { log_exception(new Exception('Invalid XSRF token. Was: "' . $token . '". Wanted: "' . $_SESSION[CONST_XSRF_TOKEN_KEY] . '"')); message_error('XSRF token mismatch'); exit; } }
function validate_xsrf_token($token) { if ($token != $_SESSION[CONST_XSRF_TOKEN_KEY]) { log_exception(new Exception('Invalid XSRF token. Was: "' . $token . '". Wanted: "' . $_SESSION[CONST_XSRF_TOKEN_KEY] . '"')); logout(); exit; } }
function log_exception(LoggerInterface $logger, $exception, $level = 'error') { if ($previous = $exception->getPrevious()) { return log_exception($logger, $previous, $level); } $message = sprintf('%s(%d): %s', get_class($exception), $exception->getCode(), $exception->getMessage()); $logger->log($level, $message); $traces = explode("\n", $exception->getTraceAsString()); foreach ($traces as $line) { $logger->log($level, $line); } }
function download_file($file) { validate_id(array_get($file, 'id')); // do we read the file off AWS S3? if (CONFIG_AWS_S3_KEY_ID && CONFIG_AWS_S3_SECRET && CONFIG_AWS_S3_BUCKET) { try { // Instantiate the S3 client with your AWS credentials $client = S3Client::factory(array('key' => CONFIG_AWS_S3_KEY_ID, 'secret' => CONFIG_AWS_S3_SECRET)); $file_key = '/challenges/' . $file['id']; $client->registerStreamWrapper(); // Send a HEAD request to the object to get headers $command = $client->getCommand('HeadObject', array('Bucket' => CONFIG_AWS_S3_BUCKET, 'Key' => $file_key)); $filePath = 's3://' . CONFIG_AWS_S3_BUCKET . $file_key; } catch (Exception $e) { message_error('Caught exception uploading file to S3: ' . $e->getMessage()); } } else { $filePath = CONST_PATH_FILE_UPLOAD . $file['id']; if (!is_readable($filePath)) { log_exception(new Exception("Could not read the requested file: " . $filePath)); message_error("Could not read the requested file. An error report has been lodged."); } } $file_title = $file['title']; if (defined('CONFIG_APPEND_MD5_TO_DOWNLOADS') && CONFIG_APPEND_MD5_TO_DOWNLOADS && $file['md5']) { $pos = strpos($file['title'], '.'); if ($pos) { $file_title = substr($file['title'], 0, $pos) . '-' . $file['md5'] . substr($file['title'], $pos); } else { $file_title = $file_title . '-' . $file['md5']; } } // required for IE, otherwise Content-disposition is ignored if (ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } header('Pragma: public'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Cache-Control: private', false); // required for certain browsers header('Content-Type: application/force-download'); header('Content-Disposition: attachment; filename="' . $file_title . '";'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . $file['size']); // Stop output buffering if (ob_get_level()) { ob_end_flush(); } flush(); readfile($filePath); }
function validate_captcha() { try { $captcha = new \ReCaptcha\ReCaptcha(CONFIG_RECAPTCHA_PRIVATE_KEY, new \ReCaptcha\RequestMethod\CurlPost()); $response = $captcha->verify($_POST['g-recaptcha-response'], get_ip()); if (!$response->isSuccess()) { message_error("Captcha error: " . print_r($response->getErrorCodes(), true)); } } catch (Exception $e) { log_exception($e); message_error('Caught exception processing captcha. Please contact ' . (CONFIG_EMAIL_REPLYTO_EMAIL ? CONFIG_EMAIL_REPLYTO_EMAIL : CONFIG_EMAIL_FROM_EMAIL)); } }
function lang_get($message, $replace = array()) { global $lang; if (!array_get($lang, $message)) { log_exception(new Exception('Could not fetch translation for key: ' . $message)); return $message; } if (!empty($replace)) { $braced_replace = array(); array_walk($replace, function (&$value, $key) use(&$braced_replace) { $braced_replace['{' . $key . '}'] = $value; }); return str_replace(array_keys($braced_replace), array_values($braced_replace), $lang[$message]); } return $lang[$message]; }
<?php require '../include/mellivora.inc.php'; $user = db_select_one('users', array('id', 'enabled'), array('download_key' => $_GET['team_key'])); if (!is_valid_id($user['id'])) { log_exception(new Exception('Invalid team key used for download')); message_error(lang_get('invalid_team_key')); } if (!$user['enabled']) { message_error(lang_get('user_not_enabled')); } $file = db_query_fetch_one(' SELECT f.id, f.title, f.size, f.md5, c.available_from FROM files AS f LEFT JOIN challenges AS c ON c.id = f.challenge WHERE f.download_key = :download_key', array('download_key' => $_GET['file_key'])); if (!is_valid_id($file['id'])) { log_exception(new Exception('Invalid file key used for download')); message_error(lang_get('no_file_found')); } if (time() < $file['available_from'] && !user_is_staff()) { message_error(lang_get('file_not_available')); } download_file($file);
function delete_challenge_cascading($id) { if (!is_valid_id($id)) { message_error('Invalid ID.'); } try { db_begin_transaction(); db_delete('challenges', array('id' => $id)); db_delete('submissions', array('challenge' => $id)); db_delete('hints', array('challenge' => $id)); $files = db_select_all('files', array('id'), array('challenge' => $id)); foreach ($files as $file) { delete_file($file['id']); } db_end_transaction(); } catch (PDOException $e) { db_rollback_transaction(); log_exception($e); } }
function enforce_authentication($min_class = CONST_USER_CLASS_USER, $force_user_data_reload = false) { login_session_refresh($force_user_data_reload); if (!user_is_logged_in()) { logout(); } if ($_SESSION['class'] < $min_class) { log_exception(new Exception('Class less than required')); logout(); } if (user_is_staff() && $_SESSION['fingerprint'] != get_fingerprint()) { logout(); } enforce_2fa(); }
function validate_email($email) { if (!valid_email($email)) { log_exception(new Exception('Invalid Email')); message_error('That doesn\'t look like an email. Please go back and double check the form.'); } }
function validate_email($email) { if (!valid_email($email)) { log_exception(new Exception('Invalid Email')); message_error(lang_get('not_a_valid_email')); } }
function enforce_authentication($minClass = CONFIG_UC_USER) { login_session_refresh(); if (!user_is_logged_in()) { logout(); } if ($_SESSION['IID'] != $_SESSION['UIID'] && !verifySAGlobal()) { logout(); } if ($_SESSION['class'] < $minClass) { log_exception(new Exception('Class less than required')); logout(); } if (user_is_staff() && $_SESSION['fingerprint'] != get_fingerprint()) { logout(); } enforce_2fa(); }
$last = $pdo->query("SELECT MAX(`time`) AS `last`\n FROM {$board}_post\n WHERE resto = {$thread}\n GROUP BY resto")->fetchColumn(0); if ($last != '') { $pdo->query("UPDATE {$board}_thread SET `lastreply`='{$last}' WHERE `threadid`='{$thread}'"); } } } else { log_error("No threads could be downloaded."); } /* * Update "Last updated" server var */ o("Updating last update time: " . date("Y-m-d H:i:s")); $pdo->query("UPDATE `boards` SET `last_crawl`='" . $highestTime . "' WHERE `shortname`='{$board}'"); $lastTime = $highestTime; } catch (Throwable $e) { log_exception($e); o("Restarting script..."); $pdo = null; Config::closePDOConnectionRW(); sleep(5); if (PHP_OS != "WINNT") { // spawn a new process if (!pcntl_fork()) { pcntl_exec(PHP_BINARY, $argv); } die; } else { $args = implode(' ', $argv); exec("psexec -d -accepteula C:\\php\\php.exe {$args}"); die; }
/** * Error handler, passes flow over the exception logger with new ErrorException. */ function log_error($num, $str, $file, $line, $context = null) { log_exception(new ErrorException($str, 0, $num, $file, $line)); }
function sql_exception(PDOException $e) { log_exception($e); message_error('An SQL exception occurred. Please check the exceptions log.'); }
/** * Error handler, passes flow over the exception logger with new ErrorException. */ function log_error($num, $str, $file, $line, $context = null) { if (ERROR_REPORT < 2 && $num == 8) { return ''; } log_exception(new ErrorException($str, 0, $num, $file, $line)); }
$msg_type = "error"; $ret = false; $msg = ""; $data = array(); do { global $F; if (!isset($F)) { break; } if (qwp_ops_pre_check($msg) === false) { break; } $msg = qwp_validate_form(); if ($msg !== true) { break; } $msg = ""; if (qwp_custom_validate_form($msg) === false) { break; } _qwp_process_ops($msg, $data, $msg_type, $ret); } while (false); if (!$ret && !$msg) { $msg = L("Invalid parameters"); } try { qwp_custom_ops_logger($ret, $msg); } catch (Exception $e) { log_exception($e, 'ops logger error'); } qwp_echo_json_response($ret, $msg, $msg_type, $data);