예제 #1
0
	/**
	 * Render and output the custom tag
	 */
	public function render() {
		$myts = icms_core_Textsanitizer::getInstance();
		if (!$this->content) {
			switch ($this->getVar('customtag_type')) {
				case ICMS_CUSTOMTAG_TYPE_XCODES:
					$ret = $this->getVar('customtag_content', 'N');
					$ret = $myts->displayTarea($ret, 1, 1, 1, 1, 1);
					break;
					
				case ICMS_CUSTOMTAG_TYPE_HTML:
					$ret = $this->getVar('customtag_content', 'N');
					$ret = $myts->displayTarea($ret, 1, 1, 1, 1, 0);
					break;

				case ICMS_CUSTOMTAG_TYPE_PHP:
					$ret = $this->renderWithPhp();
					break;
					
				default:
					break;
			}
			$this->content = $ret;
		}
		return $this->content;
	}
예제 #2
0
 function setting_manager($post = false)
 {
     $this->sanitizer =& icms_core_Textsanitizer::getInstance();
     if ($post) {
         $this->readPost();
     } else {
         $this->database = 'mysql';
         $this->dbhost = 'localhost';
         $this->db_pconnect = 0;
         $this->root_path = str_replace("\\", "/", getcwd());
         // "
         $this->root_path = str_replace("/install", "", $this->root_path);
         $filepath = !empty($_SERVER['REQUEST_URI']) ? dirname($_SERVER['REQUEST_URI']) : dirname($_SERVER['SCRIPT_NAME']);
         $filepath = str_replace("\\", "/", $filepath);
         // "
         $filepath = str_replace("/install", "", $filepath);
         if (substr($filepath, 0, 1) == "/") {
             $filepath = substr($filepath, 1);
         }
         if (substr($filepath, -1) == "/") {
             $filepath = substr($filepath, 0, -1);
         }
         $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://';
         $this->xoops_url = !empty($filepath) ? $protocol . $_SERVER['HTTP_HOST'] . "/" . $filepath : $protocol . $_SERVER['HTTP_HOST'];
         $this->prefix = $this->generatePrefix();
     }
 }
예제 #3
0
 public function getContent($format = 'S', $c_type = 'T')
 {
     switch ($format) {
         case 'S':
             if ($c_type == 'H') {
                 return str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
             } elseif ($c_type == 'P') {
                 ob_start();
                 echo eval($this->getVar('content', 'n'));
                 $content = ob_get_contents();
                 ob_end_clean();
                 return str_replace('{X_SITEURL}', ICMS_URL . '/', $content);
             } elseif ($c_type == 'S') {
                 $myts =& icms_core_Textsanitizer::getInstance();
                 $content = str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
                 return $myts->displayTarea($content, 1, 1);
             } else {
                 $content = str_replace('{X_SITEURL}', ICMS_URL . '/', $this->getVar('content', 'n'));
                 return icms_core_DataFilter::checkVar($content, 'text', 'output');
             }
             break;
         case 'E':
             return $this->getVar('content', 'e');
             break;
         default:
             return $this->getVar('content', 'n');
             break;
     }
 }
예제 #4
0
function b_waiting_tutorials()
{
    $block = array();
    // tutorials
    $myts =& icms_core_Textsanitizer::getInstance();
    $result = icms::$xoopsDB->query("select count(*) from " . icms::$xoopsDB->prefix("tutorials") . " WHERE status=0 or status=2 order by date");
    if ($result) {
        $block['adminlink'] = ICMS_URL . "/modules/tutorials/admin/index.php";
        list($block['pendingnum']) = icms::$xoopsDB->fetchRow($result);
        $block['lang_linkname'] = _PI_WAITING_WAITINGS;
    }
    return $block;
}
예제 #5
0
/**
 * The header
 *
 * Implements all functions that are executed within the header of the page
 * (meta tags, header expiration, etc)
 * It will all be echoed, so no return in this function
 *
 * @param bool  $closehead  close the <head> tag
 */
function xoops_header($closehead = true)
{
    global $icmsConfig, $xoopsTheme, $icmsConfigPlugins, $icmsConfigMetaFooter;
    $myts =& icms_core_Textsanitizer::getInstance();
    if (!headers_sent()) {
        header('Content-Type:text/html; charset=' . _CHARSET);
        header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
        header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
        header('Cache-Control: no-store, no-cache, max-age=1, s-maxage=1, must-revalidate, post-check=0, pre-check=0');
        header("Pragma: no-cache");
    }
    echo "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>";
    echo '<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="' . _LANGCODE . '" lang="' . _LANGCODE . '">
	<head>
	<meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" />
	<meta http-equiv="content-language" content="' . _LANGCODE . '" />
	' . htmlspecialchars($icmsConfigMetaFooter['google_meta']) . '
	<meta name="robots" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_robots']) . '" />
	<meta name="keywords" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_keywords']) . '" />
	<meta name="description" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_description']) . '" />
	<meta name="rating" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_rating']) . '" />
	<meta name="author" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_author']) . '" />
	<meta name="copyright" content="' . htmlspecialchars($icmsConfigMetaFooter['meta_copyright']) . '" />
	<meta name="generator" content="ImpressCMS" />
	<title>' . htmlspecialchars($icmsConfig['sitename']) . '</title>
	<script type="text/javascript" src="' . ICMS_URL . '/include/xoops.js"></script>
	<script type="text/javascript" src="' . ICMS_URL . '/include/linkexternal.js"></script>
	<link rel="stylesheet" type="text/css" media="all" href="' . ICMS_URL . '/icms' . (defined('_ADM_USE_RTL') && _ADM_USE_RTL ? '_rtl' : '') . '.css" />';
    $style_info = '';
    if (!empty($icmsConfigPlugins['sanitizer_plugins'])) {
        foreach ($icmsConfigPlugins['sanitizer_plugins'] as $key) {
            if (empty($key)) {
                continue;
            }
            if (file_exists(ICMS_ROOT_PATH . '/plugins/textsanitizer/' . $key . '/' . $key . '.css')) {
                echo '<link rel="stylesheet" media="screen" href="' . ICMS_URL . '/plugins/textsanitizer/' . $key . '/' . $key . '.css" type="text/css" />';
            } else {
                $extension = (include_once ICMS_ROOT_PATH . '/plugins/textsanitizer/' . $key . '/' . $key . '.php');
                $func = 'style_' . $key;
                if (function_exists($func)) {
                    $style_info = $func();
                    if (!empty($style_info)) {
                        if (!file_exists(ICMS_ROOT_PATH . '/' . $style_info)) {
                            echo '<style media="screen" type="text/css">
							' . $style_info . '
							</style>';
                        } else {
                            echo '<link rel="stylesheet" media="screen" href="' . $style_info . '" type="text/css" />';
                        }
                    }
                }
            }
        }
    }
    $themecss = xoops_getcss($icmsConfig['theme_set']);
    if ($themecss) {
        echo '<link rel="stylesheet" type="text/css" media="all" href="' . $themecss . '" />';
    }
    if ($closehead) {
        echo '</head><body>';
    }
}
예제 #6
0
 /**
  * Returns the bodytext in a certain format
  *
  * @param    string    $format
  * @return   string    $bodytext
  **/
 function bodytext($format = 'Show')
 {
     $myts =& icms_core_Textsanitizer::getInstance();
     $html = 1;
     $smiley = 1;
     $xcodes = 1;
     if ($this->nohtml()) {
         $html = 0;
     }
     if ($this->nosmiley()) {
         $smiley = 0;
     }
     switch ($format) {
         case 'Show':
             $bodytext = $myts->displayTarea($this->bodytext, $html, $smiley, $xcodes);
             break;
         case 'Edit':
             $bodytext = $myts - previewTarea($this->bodytext);
             break;
         case 'Preview':
             $bodytext = $myts->previewTarea($this->bodytext, $html, $smiley, $xcodes);
             break;
         case 'InForm':
             $bodytext = $myts->makeTareaData4PreviewInForm($this->bodytext);
             break;
     }
     return $bodytext;
 }
예제 #7
0
<?php

require_once dirname(dirname(__FILE__)) . '/class/gtickets.php';
$myts =& icms_core_Textsanitizer::getInstance();
$db =& icms_db_Factory::instance();
// GET vars
$pos = empty($_GET['pos']) ? 0 : intval($_GET['pos']);
$num = empty($_GET['num']) ? 20 : intval($_GET['num']);
// for RTL users
@define('_GLOBAL_LEFT', @_ADM_USE_RTL == 1 ? 'right' : 'left');
@define('_GLOBAL_RIGHT', @_ADM_USE_RTL == 1 ? 'left' : 'right');
// Table Name
$log_table = $db->prefix($mydirname . "_log");
// Protector object
require_once dirname(dirname(__FILE__)) . '/class/protector.php';
$db =& icms_db_Factory::instance();
$protector =& Protector::getInstance($db->conn);
$conf = $protector->getConf();
//
// transaction stage
//
if (!empty($_POST['action'])) {
    // Ticket check
    if (!$xoopsGTicket->check(true, 'protector_admin')) {
        redirect_header(XOOPS_URL . '/', 3, $xoopsGTicket->getErrors());
    }
    if ($_POST['action'] == 'update_ips') {
        $error_msg = '';
        $lines = empty($_POST['bad_ips']) ? array() : explode("\n", trim($_POST['bad_ips']));
        $bad_ips = array();
        foreach ($lines as $line) {
예제 #8
0
 /**
  * Gets list of topics
  * @return  array    $ret        Array of topic id's, topic parentid's and topic titles
  **/
 function getTopicsList()
 {
     $result = $this->db->query('SELECT topic_id, topic_pid, topic_title FROM ' . $this->table);
     $ret = array();
     $myts =& icms_core_Textsanitizer::getInstance();
     while ($myrow = $this->db->fetchArray($result)) {
         $ret[$myrow['topic_id']] = array('title' => $myts->htmlspecialchars($myrow['topic_title']), 'pid' => $myrow['topic_pid']);
     }
     return $ret;
 }
예제 #9
0
 /**
  * returns a specific variable for the object in a proper format
  *
  * We had to put this method in the icms_ipf_Object because the XOBJ_DTYPE_ARRAY does not work properly
  * at least on PHP 5.1. So we have created a new type XOBJ_DTYPE_SIMPLE_ARRAY to handle 1 level array
  * as a string separated by |
  *
  * @access public
  * @param string $key key of the object's variable to be returned
  * @param string $format format to use for the output
  * @return mixed formatted value of the variable
  */
 public function getVar($key, $format = 's')
 {
     global $myts;
     $ret = $this->vars[$key]['value'];
     switch ($this->vars[$key]['data_type']) {
         case XOBJ_DTYPE_TXTBOX:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                     // ML Hack by marcan
                     $ret = icms_core_DataFilter::htmlSpecialChars($ret);
                     if (method_exists($myts, 'formatForML')) {
                         return $ts->formatForML($ret);
                     } else {
                         return $ret;
                     }
                     break 1;
                     // End of ML Hack by marcan
                 // End of ML Hack by marcan
                 case 'clean':
                     $ret = icms_html2text($ret);
                     $ret = icms_purifyText($ret);
                     return $ret;
                     break 1;
                     // End of ML Hack by marcan
                 // End of ML Hack by marcan
                 case 'e':
                 case 'edit':
                     return icms_core_DataFilter::htmlSpecialChars($ret);
                     break 1;
                 case 'p':
                 case 'preview':
                 case 'f':
                 case 'formpreview':
                     return icms_core_DataFilter::htmlSpecialChars(icms_core_DataFilter::stripSlashesGPC($ret));
                     break 1;
                 case 'n':
                 case 'none':
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_LTIME:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                 case 'p':
                 case 'preview':
                 case 'f':
                 case 'formpreview':
                     $ret = formatTimestamp($ret, _DATESTRING);
                     return $ret;
                     break 1;
                 case 'n':
                 case 'none':
                 case 'e':
                 case 'edit':
                     break 1;
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_STIME:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                 case 'p':
                 case 'preview':
                 case 'f':
                 case 'formpreview':
                     $ret = formatTimestamp($ret, _SHORTDATESTRING);
                     return $ret;
                     break 1;
                 case 'n':
                 case 'none':
                 case 'e':
                 case 'edit':
                     break 1;
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_TIME_ONLY:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                 case 'p':
                 case 'preview':
                 case 'f':
                 case 'formpreview':
                     $ret = formatTimestamp($ret, 'G:i');
                     return $ret;
                     break 1;
                 case 'n':
                 case 'none':
                 case 'e':
                 case 'edit':
                     break 1;
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_CURRENCY:
             $decimal_section_original = strstr($ret, '.');
             $decimal_section = $decimal_section_original;
             if ($decimal_section) {
                 if (strlen($decimal_section) == 1) {
                     $decimal_section = '.00';
                 } elseif (strlen($decimal_section) == 2) {
                     $decimal_section = $decimal_section . '0';
                 }
                 $ret = str_replace($decimal_section_original, $decimal_section, $ret);
             } else {
                 $ret = $ret . '.00';
             }
             break;
         case XOBJ_DTYPE_TXTAREA:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                     $ts = icms_core_Textsanitizer::getInstance();
                     $html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
                     $xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
                     $smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
                     $image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
                     $br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
                     if (defined('XOOPS_EDITOR_IS_HTML')) {
                         $br = false;
                     }
                     if ($html) {
                         return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br);
                     } else {
                         return icms_core_DataFilter::checkVar($ret, 'text', 'output');
                     }
                     break 1;
                 case 'e':
                 case 'edit':
                     return htmlspecialchars($ret, ENT_QUOTES);
                     break 1;
                 case 'p':
                 case 'preview':
                     $ts = icms_core_Textsanitizer::getInstance();
                     $html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
                     $xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
                     $smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
                     $image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
                     $br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
                     if ($html) {
                         return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br);
                     } else {
                         return icms_core_DataFilter::checkVar($ret, 'text', 'output');
                     }
                     break 1;
                 case 'f':
                 case 'formpreview':
                     return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
                     break 1;
                 case 'n':
                 case 'none':
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_SIMPLE_ARRAY:
             $ret =& explode('|', $ret);
             break;
         case XOBJ_DTYPE_ARRAY:
             $ret =& unserialize($ret);
             break;
         case XOBJ_DTYPE_SOURCE:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                     break 1;
                 case 'e':
                 case 'edit':
                     return htmlspecialchars($ret, ENT_QUOTES);
                     break 1;
                 case 'p':
                 case 'preview':
                     return icms_core_DataFilter::stripSlashesGPC($ret);
                     break 1;
                 case 'f':
                 case 'formpreview':
                     return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
                     break 1;
                 case 'n':
                 case 'none':
                 default:
                     break 1;
             }
             break;
         default:
             if ($this->vars[$key]['options'] != '' && $ret != '') {
                 switch (strtolower($format)) {
                     case 's':
                     case 'show':
                         $selected = explode('|', $ret);
                         $options = explode('|', $this->vars[$key]['options']);
                         $i = 1;
                         $ret = array();
                         foreach ($options as $op) {
                             if (in_array($i, $selected)) {
                                 $ret[] = $op;
                             }
                             $i++;
                         }
                         return implode(', ', $ret);
                     case 'e':
                     case 'edit':
                         $ret = explode('|', $ret);
                         break 1;
                     default:
                         break 1;
                 }
             }
             break;
     }
     return $ret;
 }
예제 #10
0
 /**
  *
  *
  * @param unknown_type $key
  * @param unknown_type $editor
  */
 public function getValueFor($key, $editor = true)
 {
     global $icmsModuleConfig;
     $ret = $this->getVar($key, 'n');
     $myts = icms_core_Textsanitizer::getInstance();
     $control = isset($this->controls[$key]) ? $this->controls[$key] : false;
     $form_editor = isset($control['form_editor']) ? $control['form_editor'] : 'textarea';
     $html = isset($this->vars['dohtml']) ? $this->getVar('dohtml') : true;
     $smiley = true;
     $xcode = true;
     $image = true;
     $br = isset($this->vars['dobr']) ? $this->getVar('dobr') : true;
     $formatML = true;
     if ($form_editor == 'default') {
         global $icmsModuleConfig;
         $form_editor = isset($icmsModuleConfig['default_editor']) ? $icmsModuleConfig['default_editor'] : 'textarea';
     }
     if ($editor) {
         if (defined('XOOPS_EDITOR_IS_HTML') && !in_array($form_editor, array('formtextarea', 'textarea', 'dhtmltextarea'))) {
             $br = false;
             $formatML = !$editor;
         } else {
             return htmlspecialchars($ret, ENT_QUOTES);
         }
     }
     if (method_exists($myts, 'formatForML')) {
         return $myts->displayTarea($ret, $html, $smiley, $xcode, $image, $br, $formatML);
     } else {
         if ($html) {
             if ($br) {
                 return icms_core_DataFilter::filterHTMLdisplay($ret, $xcode, $br);
             } else {
                 return icms_core_DataFilter::checkVar($ret, 'html', 'output');
             }
         } else {
             return icms_core_DataFilter::checkVar($ret, 'text', 'output');
         }
     }
 }
예제 #11
0
 /**
  * returns a specific variable for the object in a proper format
  *
  * @access public
  * @param string $key key of the object's variable to be returned
  * @param string $format format to use for the output
  * @return mixed formatted value of the variable
  */
 public function getVar($key, $format = 's')
 {
     $ret = $this->vars[$key]['value'];
     switch ($this->vars[$key]['data_type']) {
         case XOBJ_DTYPE_TXTBOX:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                 case 'e':
                 case 'edit':
                     return icms_core_DataFilter::htmlSpecialchars($ret);
                     break 1;
                 case 'p':
                 case 'preview':
                 case 'f':
                 case 'formpreview':
                     return icms_core_DataFilter::htmlSpecialchars(icms_core_DataFilter::stripSlashesGPC($ret));
                     break 1;
                 case 'n':
                 case 'none':
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_TXTAREA:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                     $ts =& icms_core_Textsanitizer::getInstance();
                     $html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
                     $xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
                     $smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
                     $image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
                     $br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
                     if ($html) {
                         return $ts->displayTarea($ret, $html, $smiley, $xcode, $image, $br);
                     } else {
                         return icms_core_DataFilter::checkVar($ret, 'text', 'output');
                     }
                     break 1;
                 case 'e':
                 case 'edit':
                     return htmlspecialchars($ret, ENT_QUOTES);
                     break 1;
                 case 'p':
                 case 'preview':
                     $ts =& icms_core_Textsanitizer::getInstance();
                     $html = !empty($this->vars['dohtml']['value']) ? 1 : 0;
                     $xcode = !isset($this->vars['doxcode']['value']) || $this->vars['doxcode']['value'] == 1 ? 1 : 0;
                     $smiley = !isset($this->vars['dosmiley']['value']) || $this->vars['dosmiley']['value'] == 1 ? 1 : 0;
                     $image = !isset($this->vars['doimage']['value']) || $this->vars['doimage']['value'] == 1 ? 1 : 0;
                     $br = !isset($this->vars['dobr']['value']) || $this->vars['dobr']['value'] == 1 ? 1 : 0;
                     if ($html) {
                         return $ts->previewTarea($ret, $html, $smiley, $xcode, $image, $br);
                     } else {
                         return icms_core_DataFilter::checkVar($ret, 'text', 'output');
                     }
                     break 1;
                 case 'f':
                 case 'formpreview':
                     return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
                     break 1;
                 case 'n':
                 case 'none':
                 default:
                     break 1;
             }
             break;
         case XOBJ_DTYPE_ARRAY:
             $ret =& unserialize($ret);
             break;
         case XOBJ_DTYPE_SOURCE:
             switch (strtolower($format)) {
                 case 's':
                 case 'show':
                     break 1;
                 case 'e':
                 case 'edit':
                     return htmlspecialchars($ret, ENT_QUOTES);
                     break 1;
                 case 'p':
                 case 'preview':
                     return icms_core_DataFilter::stripSlashesGPC($ret);
                     break 1;
                 case 'f':
                 case 'formpreview':
                     return htmlspecialchars(icms_core_DataFilter::stripSlashesGPC($ret), ENT_QUOTES);
                     break 1;
                 case 'n':
                 case 'none':
                 default:
                     break 1;
             }
             break;
         default:
             if ($this->vars[$key]['options'] != '' && $ret != '') {
                 switch (strtolower($format)) {
                     case 's':
                     case 'show':
                         $selected = explode('|', $ret);
                         $options = explode('|', $this->vars[$key]['options']);
                         $i = 1;
                         $ret = array();
                         foreach ($options as $op) {
                             if (in_array($i, $selected)) {
                                 $ret[] = $op;
                             }
                             $i++;
                         }
                         return implode(', ', $ret);
                     case 'e':
                     case 'edit':
                         $ret = explode('|', $ret);
                         break 1;
                     default:
                         break 1;
                 }
             }
             break;
     }
     return $ret;
 }
 public function __construct()
 {
     parent::getInstance();
     $this->_deprecated = icms_core_Debug::setDeprecated('icms_core_DataFilter', sprintf(_CORE_REMOVE_IN_VERSION, '1.4'));
 }
예제 #13
0
	static public function sessionAutologin($autologinName, $autologinPass) {
		// autologin V2 GIJ
		if (!empty($_POST)) {
			$_SESSION['AUTOLOGIN_POST'] = $_POST;
			$_SESSION['AUTOLOGIN_REQUEST_URI'] = $_SERVER['REQUEST_URI'];
			redirect_header(ICMS_URL . '/session_confirm.php', 0, '&nbsp;');
		} elseif (!empty($_SERVER['QUERY_STRING']) && substr($_SERVER['SCRIPT_NAME'], -19) != 'session_confirm.php') {
			$_SESSION['AUTOLOGIN_REQUEST_URI'] = $_SERVER['REQUEST_URI'];
			redirect_header(ICMS_URL . '/session_confirm.php', 0, '&nbsp;');
		}
		// end of autologin V2

		// redirect to ICMS_URL/ when query string exists (anti-CSRF) V1 code
		/* if (! empty($_SERVER['QUERY_STRING'])) {
		redirect_header(ICMS_URL . '/' , 0 , 'Now, logging in automatically') ;
		exit ;
		}*/

		$myts = icms_core_Textsanitizer::getInstance();
		$uname = $myts->stripSlashesGPC($autologinName);
		$pass = $myts->stripSlashesGPC($autologinPass);
		if (empty($uname) || is_numeric($pass)) {
			$user = false ;
		} else {
			// V3
			$uname4sql = addslashes($uname);
			$criteria = new icms_db_criteria_Compo(new icms_db_criteria_Item('uname', $uname4sql));
			$user_handler = icms::handler('icms_member_user');
			$users = $user_handler->getObjects($criteria, false);
			if (empty($users) || count($users) != 1) {
				$user = false ;
			} else {
				// V3.1 begin
				$user = $users[0] ;
				$old_limit = time() - (defined('ICMS_AUTOLOGIN_LIFETIME') ? ICMS_AUTOLOGIN_LIFETIME : 604800);
				list($old_Ynj, $old_encpass) = explode(':', $pass);
				if (strtotime($old_Ynj) < $old_limit || md5($user->getVar('pass') .
						ICMS_DB_PASS . ICMS_DB_PREFIX . $old_Ynj) != $old_encpass)
				{
					$user = false;
				}
				// V3.1 end
			}
			unset($users);
		}
		$icms_cookie_path = defined('ICMS_COOKIE_PATH') ? ICMS_COOKIE_PATH
			: preg_replace('?http://[^/]+(/.*)$?', "$1", ICMS_URL);
		if ($icms_cookie_path == ICMS_URL) {
			$icms_cookie_path = '/';
		}
		if (false != $user && $user->getVar('level') > 0) {
			// update time of last login
			$user->setVar('last_login', time());
			if (!icms::handler('icms_member')->insertUser($user, true)) {
			}
			//$_SESSION = array();
			$_SESSION['xoopsUserId'] = $user->getVar('uid');
			$_SESSION['xoopsUserGroups'] = $user->getGroups();

			global $icmsConfig;
			$user_theme = $user->getVar('theme');
			$user_language = $user->getVar('language');
			if (in_array($user_theme, $icmsConfig['theme_set_allowed'])) {
				$_SESSION['xoopsUserTheme'] = $user_theme;
			}
			$_SESSION['UserLanguage'] = $user_language;

			// update autologin cookies
			// we need to secure cookie when using SSL
			$secure = substr(ICMS_URL, 0, 5) == 'https' ? 1 : 0;
			// 1 week default
			$expire = time()
					+ (defined('ICMS_AUTOLOGIN_LIFETIME') ? ICMS_AUTOLOGIN_LIFETIME : 604800);
			setcookie('autologin_uname', $uname, $expire, $icms_cookie_path, '', $secure, 1);
			// V3.1
			$Ynj = date('Y-n-j');
			setcookie(
				'autologin_pass', $Ynj . ':' . md5($user->getVar('pass') . ICMS_DB_PASS . ICMS_DB_PREFIX . $Ynj),
				$expire, $icms_cookie_path, '', $secure, 1
			);
		} else {
			setcookie('autologin_uname', '', time() - 3600, $icms_cookie_path, '', 0, 0);
			setcookie('autologin_pass', '', time() - 3600, $icms_cookie_path, '', 0, 0);
		}
	}