function userCheck() { $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); if (isset($_COOKIE['tokenID'])) { $token = normalizeString($_COOKIE['tokenID']); $query = "select count(*) 'takenAval' from tokens where token='" . $token . "'"; $res = $conn->query($query); $result = $res->fetch_assoc(); if ($res->num_rows === 1 and $result['takenAval']) { return true; } } else { return false; } return false; }
function editWikiSubmit($p) { if (!isset($p['wiki_name'])) { return false; } $session = SessionHandler::getInstance(); $text = trim($p['text']); $name = normalizeString($p['wiki_name'], array("\t")); $wiki = Wiki::getByName($name); // abort if we are trying to save a exact copy as the last one if ($wiki->text == $text) { return false; } if ($wiki->id) { $rev = new Revision(); $rev->type = WIKI; $rev->owner = $wiki->id; $rev->value = $wiki->text; $rev->time_created = $wiki->time_edited; $rev->created_by = $wiki->edited_by; $rev->event = EVENT_TEXT_CHANGED; $rev->id = $rev->store(); $wiki->text = $p['text']; $wiki->edited_by = $session->id; $wiki->time_edited = sql_datetime(time()); $wiki->revision++; $wiki->store(); redir('u/wiki/show/' . $wiki->name); } $wiki->name = $name; $wiki->text = $p['text']; $wiki->edited_by = $session->id; $wiki->time_edited = sql_datetime(time()); $wiki->store(); redir('u/wiki/show/' . $wiki->name); }
function gamePlay($POST_Word) { /* ゲーム状況 */ if ($_SESSION['isGame'][0] === TRUE) { return "あなたは既にこのゲームに勝利しています。"; } if ($_SESSION['isGame'][0] === FALSE) { return "あなたは既にこのゲームに負けています。"; } /* 経過時間確認 */ if (time() >= $_SESSION['Timer'][0] and !isset($_SESSION['isGame'][0])) { gameLose(); return "時間切れです。あなたの負けです。"; } /* 日本語判定 */ if ($POST_Word == "") { return "入力文字列が空です。"; } if (preg_match("/[a-zA-Z0-9]/iu", $POST_Word)) { return "日本語ではありません。"; } $POST_Word = normalizeString($POST_Word); // 文字列の正規化 /* 単語かどうか */ $uuid = uniqid(); $postTempFile = makeTempFile("post_{$uuid}", $POST_Word); $postMeCabResult = parseMeCab($postTempFile); if (isset($postMeCabResult[2])) { return "{$POST_Word}は分解可能です。単語を入力してください。"; } /* 名詞かどうか */ $postWord = parseMeCabResult($postMeCabResult[0]); if (preg_match("/^(名詞)+\$/u", $postWord[1]) == 0 or empty($postWord[9])) { return "{$POST_Word}は名詞ではありません。"; } /* 既に使った単語か */ for ($i = 0; $i < count($_SESSION['postWordHistory']) - 1; $i++) { if (preg_match("/^({$POST_Word})+\$/iu", $_SESSION['postWordHistory'][$i]) == 1) { gameLose(); return "{$POST_Word}は既に使った単語です。あなたの負けです。"; } } for ($i = 0; $i < count($_SESSION['contentWordHistory']); $i++) { if (preg_match("/^({$POST_Word})+\$/iu", $_SESSION['contentWordHistory'][$i]) == 1) { gameLose(); return "{$POST_Word}は既に使った単語です。あなたの負けです。"; } } /* ん, で終わらないか */ $postLastChar = getLastChar($postWord[9]); if (preg_match("/(ん)+\$/iu", $postLastChar) == 1) { gameLose(); return "ん, で終わっています。あなたの負けです。"; } /* 促音, 拗音対策 */ if (preg_match("/(ぁ|ぃ|ぅ|ぇ|ぉ|っ|ゃ|ゅ|ょ)+\$/iu", $postLastChar) == 1) { return "最後の読みが促音や拗音の単語は使えません。別の単語を入力してください。"; } /* しりとりになっているか */ if (!empty($_SESSION['contentWordHistory'])) { $postBeginChar = getBeginChar($postWord[9]); $arCount = count($_SESSION['contentWordHistory']) - 1; $recentContentWord = $_SESSION['contentWordHistory'][$arCount]; $recentContentLastChar = getLastChar($_SESSION['realtimeDic'][$recentContentWord]['yomi']); if (preg_match("/^({$recentContentLastChar})+\$/iu", $postBeginChar) == 0) { gameLose(); return "{$POST_Word}はしりとりになっていません。あなたの負けです。"; } } $twResult = twSearchAPI($postLastChar); // 戻り値はオブジェクト $lastCharWordList = Sammlung($twResult); // 単語蒐集 $twResult = twSearchAPI($postWord[0]); $postKeywordWordList = Sammlung($twResult); $wordList = array_merge($lastCharWordList, $postKeywordWordList); $_SESSION['realtimeDic'] = array_merge($_SESSION['realtimeDic'], $wordList); $nextWord = searchNextWord($postLastChar); if (empty($nextWord)) { // CPUの負け $nextWord = "返す言葉が見つかりません。あなたの勝ちです。"; gameWin(); } else { $_SESSION['contentWordHistory'][] = $nextWord; } return $nextWord; }
<?php date_default_timezone_set('America/Los_Angeles'); $date = date('Y-m-d-His'); $filename = $_FILES['file']['name']; $file = normalizeString($filename); $destination = '../files/' . $date . '_' . $file; move_uploaded_file($_FILES['file']['tmp_name'], $destination); print_r($date . '_' . $file); function normalizeString($str = '') { $str = strip_tags($str); $str = preg_replace('/[\\r\\n\\t ]+/', ' ', $str); $str = preg_replace('/[\\"\\*\\/\\:\\<\\>\\?\'\\|]+/', ' ', $str); $str = strtolower($str); $str = html_entity_decode($str, ENT_QUOTES, "utf-8"); $str = htmlentities($str, ENT_QUOTES, "utf-8"); $str = preg_replace("/(&)([a-z])([a-z]+;)/i", '$2', $str); $str = str_replace(' ', '-', $str); $str = rawurlencode($str); $str = str_replace('%', '-', $str); return $str; }
$temp = htmlspecialchars_decode($_POST['editorPDF']); ob_start(); $pdf = new FPDF(); $pdf->AddPage(); $pdf->SetFont('Arial', 'B', 10); $pdf->Multicell(190, 5, $temp, 'T'); $pdf->Output(); ob_end_flush(); } ?> <div class="edit"> <form action="plsql_output.php" method="post" target="output" id="myForm"> <textarea name="editor" id="editor" class="editor editor-style" autofocus> <?php if (isset($_GET['loadfile'])) { $fileName = normalizeString($_GET['loadfile']); $filen = "myfiles\\" . $fileName; if (file_exists($filen) == 1) { $myFile = fopen($filen, 'r') or die(" //No File Available ! Write New Code Here !"); while (!feof($myFile)) { echo fgetc($myFile); } fclose($myFile); } else { echo " //No File Available ! Write New Code Here !"; } } else { ?> select table_name from user_tables; <?php }
<?php include "include/functions.php"; include "DB.php"; if (isset($_POST['searchString'])) { $search = normalizeString($_POST['searchString']); $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); $send = null; $query = "select post_id,post_title,post_category from user_posts"; if ($res = $conn->query($query)) { $send = "<datalist id=\"searches\">"; while ($result = $res->fetch_assoc()) { $send .= "<option value=\"" . $result['post_title'] . "\" > Title:" . $result['post_title'] . " Category:" . $result['post_category'] . "</option>"; } $send .= "</datalist>"; } echo $send; }
if (!isset($_SESSION[$tsName])) { $_SESSION[$tsName] = $timeStamp; } $userName = $_SESSION["session_name"]; $userName = normalizeString($userName); $dirName = $_POST["newacqID"] . $_SESSION[$tsName]; $dirName = normalizeString($dirName); $folder = $baseDir . "xi/users/" . $userName . "/" . $dirName . "/"; } else { if (isset($_POST["newseqID"])) { $tsName = "seqUploadTimeStamp" . $tabId; if (!isset($_SESSION[$tsName])) { $_SESSION[$tsName] = $timeStamp; } $dirName = $_POST["newseqID"] . $_SESSION[$tsName]; $dirName = normalizeString($dirName); $folder = $baseDir . "xi/sequenceDB/" . $dirName . "/"; } } $options = array('upload_dir' => $folder, 'upload_url' => $folder); error_reporting(E_ALL | E_STRICT); require 'UploadHandler.php'; try { if ($_SESSION["canAddNewSearch"]) { $upload_handler = new UploadHandler($options); if (property_exists($upload_handler, "response") && array_key_exists("files", $upload_handler->response)) { $resp = $upload_handler->response; $upFiles = $resp["files"]; /* foreach ($upFiles as $upFile) { if (array_key_exists ("url", $upFile)) {
$db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); $query = "select count(*) 'total' from user_personal_information where user_id='" . normalizeString($_POST['userID']) . "'"; $a = normalizeString($_POST['userID']); if (strlen($a) > 0) { $res = $conn->query($query); $result = $res->fetch_assoc(); if ($result['total'] == 0) { //echo $query; echo "<span class=\" glyphicon glyphicon-ok-circle\" style=\"font-size:20px;\"> </span>"; } else { echo "<span class=\" glyphicon glyphicon-remove-circle\" style=\"font-size:20px;\"> </span>"; } } else { echo "<span class=\" glyphicon glyphicon-remove-circle\" style=\"font-size:20px;\"> </span>"; } } if (isset($_POST['email'])) { $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); $query = "select count(*) 'total' from user_personal_information where u_mail='" . normalizeString($_POST['email']) . "'"; $res = $conn->query($query); $result = $res->fetch_assoc(); if ($result['total'] == 0 and filter_var(normalizeString($_POST['email']), FILTER_VALIDATE_EMAIL)) { echo "<span class=\" glyphicon glyphicon-ok-circle\" style=\"font-size:20px;\"> </span>"; } else { echo "<span class=\" glyphicon glyphicon-remove-circle\" style=\"font-size:20px;\"> </span>"; } }
}); }); </script> </head> <body> <?php include_once 'DB.php'; include 'auth.php'; $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); $check = userCheck(); $user = $_COOKIE['user']; if ($check) { $query = "select user_id from tokens where token='" . normalizeString($_COOKIE['tokenID']) . "'"; $res = $conn->query($query); $result = $res->fetch_assoc(); if ($res->num_rows === 1 and isset($result['user_id'])) { $user = $result['user_id']; ?> <div class="main-body"> <div class="col-lg-12 col-md-12 col-sm-12"> <?php include 'include/nav-header.php'; ?> <div class="col-lg-3 col-md-3 sidebar"> <ul class="nav nav-pills nav-stacked"> <li><a href="dashboard.php">Dashboard</a></li> <li class="active"><a href="posts.php">Post</a></li> <li><a href="files.php">My Files</a></li>
if ($nbConf > 0) { echo "\n\t<item> \n\t\t<title>[Islam-Agenda] {$nbConf} {$labelTitle}</title>\n\t\t<guid>http://www.islam-agenda.fr/?0</guid>\n\t\t<link>http://www.islam-agenda.fr/?0</link>\n\t</item> "; } $buffer = ""; // pour inverser l'ordre, (bug google calendar apparemment) foreach ($note as $value) { $id = $value->getElementsByTagName("id"); $id = $id->item(0); $id = $id->nodeValue; $id = explode("/", $id); $id = $id[count($id) - 1]; // id is after the last slash $title = $value->getElementsByTagName("title"); $title = $title->item(0); $title = $title->nodeValue; $titleNormalize = normalizeString($title); $title = htmlspecialchars($title, ENT_QUOTES, 'UTF-8'); $backN = array("\n", "\r"); $backR = "<br/>"; $content = $value->getElementsByTagName("content"); $content = $content->item(0); $content = $content->nodeValue; $content = str_replace($backN, $backR, $content); $content = htmlspecialchars($content, ENT_QUOTES, 'UTF-8'); $startTime = $value->getElementsByTagName("when"); $startTime = $startTime->item(0); $startTime = $startTime->getAttributeNode("startTime"); $startTime = $startTime->value; $updatedTime = $value->getElementsByTagName("updated"); $updatedTime = $updatedTime->item(0); $updatedTime = $updatedTime->nodeValue;
<?php function normalizeString($str = '') { $str = strip_tags($str); $str = preg_replace('/[\\r\\n\\t ]+/', ' ', $str); $str = preg_replace('/[\\"\\*\\/\\:\\<\\>\\?\'\\|]+/', ' ', $str); $str = strtolower($str); $str = html_entity_decode($str, ENT_QUOTES, "utf-8"); $str = htmlentities($str, ENT_QUOTES, "utf-8"); $str = preg_replace("/(&)([a-z])([a-z]+;)/i", '$2', $str); $str = str_replace(' ', '-', $str); $str = rawurlencode($str); $str = str_replace('%', '-', $str); return $str; } $Data = json_encode(["msg" => $_POST["msg"], "email" => $_POST["email"]]); $IPAddress = $_SERVER['REMOTE_ADDR']; $Timestamp = time(); $FileHash = md5($Data); $FileName = $Timestamp . "_____" . $_POST["email"] . "_____" . $IPAddress . "_____" . $FileHash . ".json"; $FileName = normalizeString($FileName); echo $FileName; file_put_contents("Feedback\\" . $FileName, $Data); header("Location: /"); die; exit;
$ignore = false; } elseif (!$ignore && strpos($line, '@noloc') === FALSE) { // not ignored and doesn't contain "@noloc" if (preg_match('/L\\[([\'"])(.+?)\\1\\]\\s*=\\s*([\'"])(.+?)\\3/i', $line, $parts)) { // L["somestr"] = "otherstr" $str = normalizeString($parts[2], $parts[1]); $value = normalizeString($parts[4], $parts[3]); if (isset($seen[$str])) { unset($strings[$seen[$str]][$str]); } $strings[$file][$str] = $value; $seen[$str] = $file; } elseif (preg_match_all('/L\\[([\'"])(.+?)\\1\\]/', $line, $matches, PREG_SET_ORDER)) { // L["somestr"] L["otherstr"] foreach ($matches as $match) { $str = normalizeString($match[2], $match[1]); if (!isset($seen[$str])) { $strings[$file][$str] = true; $seen[$str] = $file; } } } } } } $strings = array_filter($strings); printf("Found %d string(s) in %s file(s).\n", count($seen), count($strings)); function buildStrings($strings, $withComments = true) { $lines = array(); foreach ($strings as $file => $strs) {
break; case 'image': ?> <div class="element1 image" id="element_<?php echo rawurlencode($repertoire_courant . "/" . $element['nom.extension']), "&orderby=nom&order=", $order; ?> " title="<?php echo $element['nom.extension']; ?> "> <div class="element1_1"><img alt="image" src="themes/original/images/48/<?php echo strtolower($element['extension']); ?> .png" /></div> <div class="element1_2"><span><?php echo shortenString(normalizeString($element['nom.extension']), 35); ?> </span></div> <div class="element1_3"><span><?php echo $t_extensions[strtolower($element['extension'])]; ?> </span></div> <div class="element1_4"><span><?php echo formatSize($element['taille']); ?> </span></div> </div> <?php break; } }
<?php include "include/functions.php"; include_once "DB.php"; if (isset($_POST['post_title']) and isset($_POST['post_content']) and isset($_POST['post_category']) and isset($_POST['post_token'])) { $category = normalizeString($_POST['post_category']); $content = normalizeString($_POST['post_content']); $title = normalizeString($_POST['post_title']); $token = normalizeString($_POST['post_token']); $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); $query = "insert into user_posts(post_title,post_content,post_category,post_time,post_owner) values('{$title}','{$content}','{$category}',now(),(select user_id from tokens where token='" . $token . "'))"; if ($conn->query($query)) { echo $content; } else { echo "error"; } }
function removeDuplicateTitle($RootNode, $TagName, $Title) { $Title = normalizeString($Title); $Tags = $RootNode->getElementsByTagName($TagName); $i = 0; while ($Tag = $Tags->item($i)) { if (fuzzyCompare(normalizeString($Tag->nodeValue), $Title)) { $parentNode = $Tag->parentNode; $parentNode->removeChild($Tag); } else { $i++; } } return $RootNode; }
} } $msg1 = null; if (isset($_GET['p']) and $_GET['p'] == 'new' and isset($_GET['error'])) { ?> <script> $(document).ready(function(e) { $('.Left').hide(); $('.Right').hide(); $('.AskButtonsArea').show('fast'); $('button#SignUp').click(); }); </script> <?php $type = normalizeString($_GET['error']); if ($type == "alreadyExist") { $msg1 = " Already Exist."; } else { if ($type == "password") { $msg1 = " Password and Re-enter Password Should Match."; } else { if ($type == "captcha") { $msg1 = " Enterd Captcha is not valid."; } else { if ($type == "unavailable") { $msg1 = " Sorry, Database is down."; } else { $msg1 = " Recored ! we will fix it soon"; } }
<br/><br/></div></div></div> <?php } } } ?> </div> <div class="col-lg-12 col-md-12 col-sm-12"> <h3>Related </h3> <hr/> <?php $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); $q = normalizeString($_GET['CCSearch']); $query = "select * from user_posts where post_title like '%{$q}%'"; $res = $conn->query($query); if ($conn->errno) { echo $conn->errno; } else { if ($conn->error) { $conn->error; } else { while ($result = $res->fetch_assoc()) { ?> <br/><div class='col-lg-12 col-md-12 col-sm-12 '><div class='col-lg-6 col-md-6 col-sm-8 thumbnail post-border '><div class='col-lg-2 col-md-2 col-sm-2'> <img src='images/user_profile.jpg' style='width:50px;'/> </div><div class='col-lg-4 col-md-4 col-sm-4 text-left'> <?php echo $result['post_owner']; ?> <br/> <?php echo $result['post_time'];
$left = intval($aMatch[2]); } /* Calculate the metatile's top-left corner coordinates. * Include the $metaBuffer around the metatile to account for various * rendering issues happening around the edge of a map */ $metaLeft = floor($left / ($tileWidth * $metaWidth)) * $tileWidth * $metaWidth; $metaTop = floor($top / ($tileHeight * $metaHeight)) * $tileHeight * $metaHeight; $szMetaTileId = "t" . $metaTop . "l" . $metaLeft; $metaLeft -= $metaBuffer; $metaTop -= $metaBuffer; /* caching is done by scale value, then groups and layers and finally metatile * and tile id. Create a new directory if necessary */ $szGroupDir = $groups != "" ? normalizeString($groups) : "def"; $szLayerDir = $layers != "" ? normalizeString($layers) : "def"; $szCacheDir = $szMapCacheDir . "/" . $scale . "/" . $szGroupDir . "/" . $szLayerDir . "/" . $szMetaTileId; if (!@is_dir($szCacheDir)) { makeDirs($szCacheDir); } /* resolve cache hit - clear the os stat cache if necessary */ $szTileId = "t" . $top . "l" . $left; $szCacheFile = $szCacheDir . "/" . $szTileId . $szImageExtension; clearstatcache(); $szMetaDir = $szCacheDir . "/meta"; if (!@is_Dir($szMetaDir)) { makeDirs($szMetaDir); } /* simple locking in case there are several requests for the same meta tile at the same time - only draw it once to help with performance */ $szLockFile = $szMetaDir . "/lock_" . $metaTop . "_" . $metaLeft;
<title>Saving File ... ! Code on Cloud </title> <script> </script> <?php include "include/functions.php"; ?> </head> <body class="main-body text-center"> <div class="col-lg-12 col-md-10"> <div> <?php if (isset($_POST['fileType']) and isset($_POST['fileValue']) and isset($_POST['fileName'])) { $ext = normalizeString($_POST['fileExt']); $type = normalizeString($_POST['fileType']); $name = normalizeString($_POST['fileName']); $value = htmlspecialchars_decode($_POST['fileValue']); //$targetDir = getcwd(); //echo $targetDir; if ($type == $ext) { $fileName = $name . "." . $ext; $myfile = fopen("{$fileName}", 'w') or die("Unable to save file!"); $msg = htmlspecialchars_decode($value); if (fwrite($myfile, $msg)) { fclose($myfile); sleep(1); if (rename($fileName, "myfiles\\" . $fileName)) { echo "<h1>File Saved !</h1>"; if ($type == "php" or $type == "PHP") { echo "<input class='form-control' id='link' value='localhost/CC/PHP_Compiler.php?loadfile=" . $fileName . "' /> "; } else {
/** * @desc Returns the Item to Twitt * @since 04.11.2009 * @author Faruk Yagbasan <*****@*****.**> * @licence GPL * @return Array() * @acces private */ public function returnItems() { $items = $this->feed->get_items(); for ($i = 0; $i < count($items); $i++) { $content = strip_tags($items[$i]->get_content()); $search = explode(" ", $items[$i]->get_title()); $result[$i]["content"] = cutString(normalizeString($content)); $result[$i]["search"] = trim("#" . $search[rand(0, 5)]); $result[$i]["title"] = cutString(normalizeString($items[$i]->get_title())); $result[$i]["url"] = $this->tinyurl->get($items[$i]->get_link()); $result[$i]["status"] = $result[$i]["content"] . " " . $result[$i]["search"]; strlen($result[$i]["status"]) <= 140 && strlen($result[$i]["status"]) > 130 ? $result[$i]["status"] = $result[$i]["content"] . " " . $result[$i]["search"] : $this->logger->error('Couldnt add item to result Message Was To Big '); } return $result; }
</head> <body class="main-body"> <!-- Bootstrap div Start --> <div class="col-lg-12 col-md-12 col-sm-12"> <div> <?php include 'include/nav-header.php'; include "include/functions.php"; include "DB.php"; ?> <!-- Search START --> <?php // Change password $email = isset($_POST['email']) ? hash('md5', normalizeString($_POST['email'])) : null; $reg = isset($_POST['reg']) ? normalizeString($_POST['reg']) : null; $pwd = isset($_POST['pwd']) ? hash('md5', normalizeString($_POST['pwd'])) : null; $count = 0; if (isset($email) and isset($pwd) and isset($reg)) { $db = Database::getInstance(); $conn = $db->getConnection(); $conn->select_db('cc'); if ($conn->errno) { echo $conn->errno; } else { if ($conn->error) { echo $conn->error; } else { $query = "select count(*) 'rows' from user_login_information where user_mail='" . $email . "' and user_reg='" . $reg . "'"; //echo $query."<br/>"; $res = $conn->query($query); if ($res) {
$allGood = false; } } } } } $filesExist = true; $uploadTSKey = $_POST["type"] . "UploadTimeStamp" . $_POST["tabID"]; if ($allGood) { // test if files are actually present, and these variables are available outside this bracket scope // http://php.net/manual/en/language.variables.scope.php#105925 $filenames = $_POST["filenames"]; $saneName = normalizeString($_POST["name"]); // sanitise user-supplied acq/seq name, same as in clmsupload.php $tstampname = $saneName . $_SESSION[$uploadTSKey]; $normUsername = normalizeString($username); $baseDir = $_SESSION["baseDir"]; $folder = $_POST["type"] == "acq" ? "xi/users/" . $normUsername . "/" . $tstampname : "xi/sequenceDB/" . $tstampname; foreach ($filenames as $index => $val) { if (!file_exists($baseDir . $folder . "/" . $val)) { $filesExist = false; } } } //if (false) { // for error testing if ($allGood && $filesExist) { //open connection $dbconn = pg_connect($connectionString) or die('Could not connect: ' . pg_last_error()); // little bobby tables - https://xkcd.com/327/ try { pg_query("BEGIN") or die("Could not start transaction\n");