예제 #1
0
define("MESSAGE_PAGE_NO_SERVER_RIGHTS", 748);
//CHECKS user has admin clearance
if (!$cms_user->hasAdminClearance(CLEARANCE_ADMINISTRATION_EDITVALIDATEALL)) {
    CMS_grandFather::raiseError('User has no administration rights');
    echo $cms_language->getMessage(MESSAGE_PAGE_NO_SERVER_RIGHTS);
    exit;
}
$date = sensitiveIO::request('date');
$errorFile = '';
$gzip = false;
$now = new CMS_date();
$now->setNow(true);
$requestedDate = new CMS_date();
$requestedDate->setFormat($cms_language->getDateFormat());
$requestedDate->setLocalizedDate($date);
if (!$requestedDate->hasError()) {
    if (CMS_date::compare($requestedDate, $now, '==')) {
        $errorFile = PATH_MAIN_FS . '/' . CMS_grandFather::ERROR_LOG;
    } else {
        $gzip = true;
        $requestedDate->moveDate('+1 day');
        $errorFile = PATH_LOGS_FS . '/' . CMS_grandFather::ERROR_LOG . '-' . $requestedDate->getLocalizedDate('Y-m-d') . '.gz';
    }
}
if ($errorFile && file_exists($errorFile)) {
    if (connection_status() == 0) {
        //close session then clean buffer
        session_write_close();
        ob_end_clean();
        //to prevent long file from getting cut off from max_execution_time
        @set_time_limit(0);
 /**
  * Return a variable value of a given name and check it for a given dataType
  *
  * @param string $varType : the variable type to get between var, request, session
  * @param string $name : the variable name to get
  * @param string $dataType : the type of value to check
  * @param mixed $varValue : the var value (optionnal to avoid global problems if vars are declared in previous PHP codes)
  * @return mixed : the variable value
  * @access public
  * @static
  */
 static function getVarContent($varType, $name, $dataType, $varValue = '')
 {
     if (!$name || !$dataType) {
         return false;
     }
     switch ($varType) {
         case 'request':
             if ($dataType == 'string') {
                 $dataType = 'safestring';
                 //Force safestring to avoid XSS
             }
             $varContent = isset($_REQUEST[$name]) ? $_REQUEST[$name] : null;
             break;
         case 'session':
             $varContent = isset($_SESSION[$name]) ? $_SESSION[$name] : null;
             break;
         case 'var':
             global ${$name};
             $varContent = isset(${$name}) && ${$name} !== null ? ${$name} : $varValue;
             break;
         case 'constant':
             $varContent = defined($name) ? constant($name) : null;
             break;
         case 'server':
             $varContent = isset($_SERVER[$name]) ? $_SERVER[$name] : null;
             break;
         default:
             CMS_grandFather::raiseError('Unknown var type to get : ' . $varType);
             return false;
             break;
     }
     //pr('Vartype : '.$varType.' - Name : '.$name.' - Datatype : '.$dataType.' - Content : '.$varContent);
     switch ($dataType) {
         case 'int':
             return (int) $varContent;
             break;
         case 'date':
         case 'datetime':
         case 'localisedDate':
             if ($varContent) {
                 global $cms_language;
                 $date = new CMS_date();
                 $date->setDebug(false);
                 $date->setFormat($cms_language->getDateFormat());
                 $date->setLocalizedDate($varContent);
                 if ($date->hasError()) {
                     return '';
                 }
                 switch ($dataType) {
                     case 'date':
                         return $date->getDBValue(true);
                         break;
                     case 'datetime':
                         return $date->getDBValue(false);
                         break;
                     case 'localisedDate':
                         return $date->getLocalizedDate();
                         break;
                 }
             } else {
                 return '';
             }
             break;
         case 'string':
         case 'unsafestring':
             return (string) $varContent;
             break;
         case 'safestring':
             //safestring return string without any XSS vector
             return SensitiveIO::sanitizeHTMLString((string) $varContent);
             break;
         case 'array':
             if (is_array($varContent)) {
                 return $varContent;
             } else {
                 return array();
                 //false
             }
             break;
         case 'bool':
         case 'boolean':
             if ($varContent === 'true') {
                 return true;
             } elseif ($varContent === 'false') {
                 return false;
             } else {
                 return (bool) $varContent;
             }
             break;
         case 'email':
             if (sensitiveIO::IsValidEmail($varContent)) {
                 return $varContent;
             }
             break;
         default:
             CMS_grandFather::raiseError('Unknown data type to get : ' . $dataType);
             return '';
             break;
     }
     return '';
 }