function init()
{
$this->_helper->Init->init();
if (!$this->user->isLogged()) {
Functions::redirect('//' . Settings::get('root_domain') . '/login/');
}
}
function viewAction()
{
$code = strtolower($this->_getParam('type'));
if (!in_array($code, array('ro', 'spec'))) {
Functions::redirect('/');
}
$code2 = ucfirst($code);
$class_name = "Type_Billing_Bill_{$code2}_Account";
$account_id = $this->_getParam('id');
$account = new $class_name($account_id);
$bill_field = "billing_bill_{$code}_id";
$bill_id = $account->{$bill_field};
$form_code = $account->is_legal_person ? 'org' : 'personal';
$url = "/{$code}account/{$bill_id}/{$form_code}account/edit/{$account_id}";
Functions::redirect($url);
}
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_GET['id'], $_GET['version']));
if (!CSRF::is_valid(1, METHOD_GET)) {
Error::halt(400, 'bad request', 'Missing required security token.');
}
MySQLQueries::edit_recipe_head($_GET['id'], $_GET['version']);
Functions::redirect(Links::render("view-recipe", array($_GET['id'])));
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_POST['name']));
MySQLQueries::add_group($_POST['name']);
Functions::redirect(Links::render("groups"));
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_GET['id']));
if (!CSRF::is_valid(METHOD_GET)) {
Error::halt(400, 'bad request', 'Missing required security token.');
}
MySQLQueries::delete_recipes(array($_GET['id']));
Functions::redirect(Links::render("recipes"));
require_once __DIR__ . "/classes/Requires.php";
////
// Parse uri and return the request array
////
$request = Functions::parse_uri_to_request();
////
// No request passed, require index page
////
if (empty($request) || !isset($request[0])) {
require_once __DIR__ . "/index.php";
} else {
////
// Check to make sure not calling controller.php or /controller directly
////
if ($request[0] === "controller.php" || $request[0] === "controller") {
Functions::redirect("/");
die;
}
////
// Build page
////
$page = $request[0] . ".php";
////
// Set the rest of the request elements as query string parameters
////
for ($i = 1; $i < count($request); $i++) {
$_GET['param' . $i] = $request[$i];
}
////
// Include the page
////
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_POST['id'], $_POST['name']));
MySQLQueries::edit_group($_POST['id'], $_POST['name']);
Functions::redirect("/groups");
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
$data = array("default_ssh_username" => $_POST['default_ssh_username'], "default_ssh_port" => $_POST['default_ssh_port'], "default_interpreter" => $_POST['default_interpreter'], "timezone_offset" => $_POST['timezone_offset'], "timezone_daylight_savings" => $_POST['timezone_daylight_savings']);
$result = MySQLQueries::edit_settings(json_encode((object) $data));
Functions::redirect("/settings/saved");
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_POST['label'], $_POST['address'], $_POST['ssh_username'], $_POST['ssh_port']));
MySQLQueries::add_server($_POST['label'], $_POST['group'], $_POST['tags'], $_POST['address'], $_POST['ssh_username'], $_POST['ssh_port']);
Functions::redirect(Links::render("servers"));
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_POST['id'], $_POST['name'], $_POST['interpreter'], $_POST['content']));
MySQLQueries::edit_recipe($_POST['id'], $_POST['name'], $_POST['interpreter'], $_POST['notes'], $_POST['content']);
Functions::redirect("/view-recipe/" . $_POST['id']);
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_POST['label'], $_POST['address'], $_POST['ssh_username'], $_POST['ssh_port']));
MySQLQueries::add_server($_POST['label'], $_POST['group'], $_POST['tags'], $_POST['address'], $_POST['ssh_username'], $_POST['ssh_port']);
Functions::redirect("/servers");
private function lookUpInCache($uri)
{
$cachedparams = null;
if (!empty(self::$conf->cache) && !empty(self::$conf->cache->usecache) && (string) self::$conf->cache->usecache == 1) {
$tp = Functions::getTablesPrefix(self::$conf);
$db = DB::getInstance();
// let's have a look into the cache, we'll look for all possibiltes (meaning trainling slash)
$tempuri = explode('?', $uri);
$tempuri[0] = Functions::prepareLinkForCache($tempuri[0], self::$conf);
$xuri = $tempuri[0];
$tempuri[0] = preg_match('~/$~', $tempuri[0]) ? substr($tempuri[0], 0, strlen($tempuri[0]) - 1) : $tempuri[0] . '/';
// add or remove trailing slash
if (!empty(self::$conf->cache->cacheparams) && self::$conf->cache->cacheparams == 1) {
$tempurix = implode('?', $tempuri);
$xuri = $uri;
} else {
$tempurix = $tempuri[0];
}
$q = $db->query('SELECT * FROM ' . $tp . 'cache WHERE url=' . $db->escape($xuri) . ' OR url=' . $db->escape($tempurix));
$row = $db->fetch($q);
if ($row) {
if (strcmp($row['url'], $xuri) !== 0) {
// we've got our $tempuri, not $url -> let's redirect
Functions::redirect(Functions::prepareforRedirect($row['url'] . (empty($tempuri[1]) ? '' : '?' . $tempuri[1]), self::$conf));
} else {
$cachedparams = Functions::cache2params($row['params']);
}
} else {
$vf = '';
if (isset(self::$conf->cache->cool2params->oldlinksvalidfor)) {
$vf = ' AND DATEDIFF(NOW(),' . $tp . 'oldlinks.tstamp)<' . (string) self::$conf->cache->cool2params->oldlinksvalidfor;
}
$q = $db->query('SELECT ' . $tp . 'cache.url AS oldlink FROM ' . $tp . 'oldlinks LEFT JOIN ' . $tp . 'cache ON ' . $tp . 'oldlinks.link_id=' . $tp . 'cache.id WHERE (' . $tp . 'oldlinks.url=' . $db->escape($xuri) . ' OR ' . $tp . 'oldlinks.url=' . $db->escape($tempurix) . ')' . $vf);
$row = $db->fetch($q);
if ($row) {
Functions::redirect(Functions::prepareforRedirect($row['oldlink'] . (empty($tempuri[1]) ? '' : '?' . $tempuri[1]), self::$conf), 301);
} elseif (empty(self::$conf->cache->cool2params->translateifnotfound) || self::$conf->cache->cool2params->translateifnotfound != 1) {
Functions::pageNotFound(self::$conf);
}
}
}
// end cache
return $cachedparams;
}
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_GET['id']));
MySQLQueries::delete_recipes(array($_GET['id']));
Functions::redirect("/recipes");
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
Functions::check_required_parameters(array($_GET['id']));
if (!CSRF::is_valid(1, METHOD_GET)) {
Error::halt(400, 'bad request', 'Missing required security token.');
}
MongoConnection::connect();
MongoConnection::grid_fs();
MongoConnection::grid_fs_delete(array($_GET['id']));
MongoConnection::close();
Functions::redirect(Links::render("files"));
<?php
/*
# Copyright 2012 NodeSocket, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/
require_once dirname(__DIR__) . "/classes/Requires.php";
$data = array("instance_key" => $_POST['instance_key'], "default_ssh_username" => $_POST['default_ssh_username'], "default_ssh_port" => $_POST['default_ssh_port'], "default_interpreter" => $_POST['default_interpreter'], "timezone_offset" => $_POST['timezone_offset'], "timezone_daylight_savings" => $_POST['timezone_daylight_savings']);
MySQLQueries::edit_settings(json_encode((object) $data));
Functions::redirect(Links::render("settings", array("saved")));
// require and instantiate the class and/or method associated with it
$class_map = array('default' => array('Home'), 'login' => array('Login'), 'reset' => array('Login', 'reset_password'), 'logout' => array('Login', 'logout'), 'publish' => array('Publish', 'request_handler'), 'edit' => array('Publish', 'request_handler'), 'templates' => array('Templates'), 'communicate' => array('Communicate'), 'modules' => array('Modules'), 'members' => array('Members'), 'myaccount' => array('MyAccount'), 'admin' => array('Admin'), 'sites' => array('Sites'));
if (!file_exists(PATH_CP . 'cp.sites.php')) {
unset($class_map['sites']);
}
/** ------------------------------------
/** Determine Which Class to Use
/** ------------------------------------*/
// No admin session exists? Show login screen
if ($SESS->userdata('admin_sess') == 0 and $IN->GBL('C', 'GET') != 'reset') {
$C = $class_map['login']['0'];
$M = '';
} else {
if ($PREFS->ini('secure_forms') == 'y' && sizeof($_POST) > 0) {
if (!isset($_POST['XID'])) {
$FNS->redirect(BASE);
}
$query = $DB->query("SELECT COUNT(*) AS count FROM exp_security_hashes \n \t\t\t\t\t\t\t WHERE hash = '" . $DB->escape_str($_POST['XID']) . "' \n \t\t\t\t\t\t\t AND ip_address = '" . $IN->IP . "' \n \t\t\t\t\t\t\t AND date > UNIX_TIMESTAMP()-14400");
if ($query->row['count'] == 0) {
$FNS->redirect(BASE);
} else {
$DB->query("DELETE FROM exp_security_hashes \n\t\t\t\t\t\t\t\t\tWHERE date < UNIX_TIMESTAMP()-14400\n\t\t\t\t\t\t\t\t\tAND ip_address = '" . $IN->IP . "'");
unset($_POST['XID']);
}
}
// If the query string is not in the $class_map array, show default page
if (!in_array($IN->GBL('C'), array_keys($class_map))) {
$C = $class_map['default']['0'];
$M = !isset($class_map['default']['1']) ? '' : $class_map['default']['1'];
} else {
$C = $class_map[$IN->GBL('C')]['0'];
