public function posted()
{
if (isset($_POST) && isset($_POST['formaction']) && $_POST['formaction'] == $this->name) {
// check csrf token
if (isset($_POST['token']) && $_POST['token'] != '' && $_POST['token'] == $this->csrf_token) {
// generate new token
$this->csrf_token = md5(uniqid('csrf', true));
PerchSession::set('csrf_token', $this->csrf_token);
$this->display_only(false);
if (isset($_POST['_perch_ajax']) && $_POST['_perch_ajax'] == '1') {
$this->submitted_via_ajax = true;
}
return true;
}
}
return false;
}
if ($current_index === false) {
$expand_list[] = $actionID;
}
}
if (isset($_GET['cl']) && $_GET['cl'] != '') {
// close
$actionID = (int) $_GET['cl'];
$current_index = array_search($actionID, $expand_list);
if ($current_index !== false) {
unset($expand_list[$current_index]);
// find any expanded children
$child_ids = $Pages->find_child_page_ids($actionID);
$expand_list = array_diff($expand_list, $child_ids);
}
}
PerchSession::set('content_expand_list', $expand_list);
$pages = $Pages->get_page_tree_collapsed($expand_list);
} else {
switch ($filter) {
case 'new':
$pages = $Pages->get_page_tree_filtered('new');
break;
case 'template':
$pages = $Pages->get_page_tree_filtered('template', $template_to_filter);
break;
default:
$pages = $Pages->get_page_tree();
if (PERCH_RUNWAY && PerchUtil::count($pages) == 0) {
$Pages->create_defaults($CurrentUser);
$pages = $Pages->get_page_tree_collapsed(array(0));
}
$Asset->update(array('resourceTitle' => $_POST['miu_image_upload_title']));
}
$Asset->reindex();
if (PerchUtil::count($ids)) {
if (!PerchSession::is_set('resourceIDs')) {
$logged_ids = array();
PerchSession::set('resourceIDs', $logged_ids);
} else {
$logged_ids = PerchSession::get('resourceIDs');
}
foreach ($ids as $assetID) {
if (!in_array($assetID, $logged_ids)) {
$logged_ids[] = $assetID;
}
}
PerchSession::set('resourceIDs', $logged_ids);
}
if ($is_image) {
$result = $Assets->get_resize_profile($Asset->id(), $width, $height, $crop ? '1' : '0', false, $density);
if ($result) {
echo $result['web_path'];
} else {
echo $Asset->web_path();
}
exit;
} else {
echo $Asset->web_path();
exit;
}
}
}
public function recover()
{
if (PerchSession::is_set('userID')) {
$sql = 'SELECT u.*, r.* FROM ' . $this->table . ' u, ' . PERCH_DB_PREFIX . 'user_roles r
WHERE u.roleID=r.roleID AND u.userEnabled=1 AND u.userID=' . $this->db->pdb((int) PerchSession::get('userID')) . ' AND u.userHash=' . $this->db->pdb(PerchSession::get('userHash')) . '
LIMIT 1';
$result = $this->db->get_row($sql);
if (is_array($result)) {
$this->set_details($result);
$data = array();
$data['userHash'] = md5(uniqid());
$this->update($data);
$this->result['userHash'] = $data['userHash'];
$this->set_details($result);
PerchSession::set('userHash', $data['userHash']);
$this->logged_in = true;
$this->_load_privileges();
return true;
}
}
$this->logged_in = false;
$this->privileges = array();
return false;
}
$req['userEmail'] = "Required";
$req['userUsername'] = "******";
$req['userPassword'] = "******";
$req['loginpath'] = "Required";
$req['db_server'] = "Required";
$req['db_database'] = "Required";
$req['db_username'] = "******";
#$req['db_password'] = "******";
$Form->set_required($req);
$validation = array();
$validation['userPassword'] = array("password", "Your passwords must match");
$Form->set_validation($validation);
if ($Form->posted() && $Form->validate()) {
$postvars = array('userGivenName', 'userFamilyName', 'userEmail', 'userUsername', 'userPassword');
$user = $Form->receive($postvars);
PerchSession::set('user', $user);
$postvars = array('loginpath', 'db_server', 'db_database', 'db_username', 'db_password', 'licenseKey', 'tz');
$conf = $Form->receive($postvars);
if (!isset($conf['db_password'])) {
$conf['db_password'] = '';
}
$conf['loginpath'] = rtrim($conf['loginpath'], '/');
$config_file = file_get_contents('config.sample.php');
$config_file = preg_replace_callback('/\\$(\\w+)/', "substitute_vars", $config_file);
$config_file_path = PerchUtil::file_path(realpath('../config') . '/config.php');
if (is_writable($config_file_path)) {
file_put_contents($config_file_path, $config_file);
$test_contents = file_get_contents($config_file_path);
if ($test_contents == $config_file) {
PerchUtil::redirect('index.php?install=1&auto=1');
}
If this is the first chunk, check the file name is unique.
If it's not unique, generate a unique one.
Then store the file name in the session for future chunks to reference.
*/
if ($chunk === 0) {
if (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) {
$ext = strrpos($fileName, '.');
$fileName_a = substr($fileName, 0, $ext);
$fileName_b = strtolower(substr($fileName, $ext));
$count = 1;
while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '-' . $count . $fileName_b)) {
$count++;
}
$fileName = $fileName_a . '-' . $count . $fileName_b;
}
PerchSession::set($originalFileName, $fileName);
} else {
$fileName = PerchSession::get($originalFileName);
}
// add a _uploading_ prefix while we're uploading. We'll remove it later.
$fileName = '_uploading_' . $fileName;
// Look for the content type header
if (isset($_SERVER["HTTP_CONTENT_TYPE"])) {
$contentType = $_SERVER["HTTP_CONTENT_TYPE"];
}
if (isset($_SERVER["CONTENT_TYPE"])) {
$contentType = $_SERVER["CONTENT_TYPE"];
}
// Handle non multipart uploads older WebKit versions didn't support multipart in HTML5
if (strpos($contentType, "multipart") !== false) {
if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {
