/**
* Constructor
*
* Sets whether to globally enable the XSS processing
* and whether to allow the $_GET array
*
* @access public
*/
function CI_Input()
{
$CFG =& _load_class('CI_Config');
$this->use_xss_clean = $CFG->item('global_xss_filtering') === TRUE ? TRUE : FALSE;
$this->allow_get_array = $CFG->item('enable_query_strings') === TRUE ? TRUE : FALSE;
log_message('debug', "Input Class Initialized");
$this->_sanitize_globals();
}
/**
* Constructor
*
*/
function CI_Hooks()
{
log_message('debug', "Hooks Class Initialized");
$CFG =& _load_class('CI_Config');
// If hooks are not enabled in the config file
// there is nothing else to do
if ($CFG->item('enable_hooks') == FALSE) {
return;
}
// Grab the "hooks" definition file.
// If there are no hooks, we're done.
@(include APPPATH . 'config/hooks' . EXT);
if (!isset($hook) or !is_array($hook)) {
return;
}
$this->hooks =& $hook;
$this->enabled = TRUE;
}
/**
* Parse a template
*
* Parses pseudo-variables contained in the specified template,
* replacing them with the data in the second param
*
* @access public
* @param string
* @param array
* @param bool
* @return string
*/
function parse($template, $data, $return = FALSE)
{
$OUT =& _load_class('CI_Output');
$obj =& get_instance();
$template = $obj->load->view($template, $data, TRUE);
if ($template == '') {
return FALSE;
}
foreach ($data as $key => $val) {
if (!is_array($val)) {
$template = $this->_parse_single($key, $val, $template);
} else {
$template = $this->_parse_pair($key, $val, $template);
}
}
if ($return == FALSE) {
$OUT->final_output = $template;
}
return $template;
}
function sh_contact_form_submit()
{
if (!count($_POST)) {
return;
}
_load_class('validation', 'helpers', true);
$t =& $GLOBALS['_sh_base'];
//printr($t);
$settings = get_option(SH_NAME . '_theme_options');
/** set validation rules for contact form */
$t->validation->set_rules('contact_name', '<strong>' . __('Name', SH_NAME) . '</strong>', 'required|min_length[4]|max_lenth[30]');
$t->validation->set_rules('contact_email', '<strong>' . __('Email', SH_NAME) . '</strong>', 'required|valid_email');
//$t->validation->set_rules('contact_name','<strong>'.__('Phone', SH_NAME).'</strong>', 'required|min_length[5]');
$t->validation->set_rules('contact_message', '<strong>' . __('Message', SH_NAME) . '</strong>', 'required|min_length[10]');
if (sh_set($settings, 'captcha_status') == 'on') {
if (sh_set($_POST, 'contact_captcha') !== sh_set($_SESSION, 'captcha')) {
$t->validation->_error_array['captcha'] = __('Invalid captcha entered, please try again.', SH_NAME);
}
}
$messages = '';
if ($t->validation->run() !== FALSE && empty($t->validation->_error_array)) {
//exit('ssssss');
$name = $t->validation->post('contact_name');
$email = $t->validation->post('contact_email');
$message = $t->validation->post('contact_message');
$contact_to = sh_set($settings, 'contact_email') ? sh_set($settings, 'contact_email') : get_option('admin_email');
$headers = 'From: ' . $name . ' <' . $email . '>' . "\r\n";
wp_mail($contact_to, __('Contact Us Message', SH_NAME), $message, $headers);
$message = sh_set($settings, 'success_message') ? $settings['success_message'] : sprintf(__('Thank you <strong>%s</strong> for using our Contact form! Your email was successfully sent and we will be in touch with you soon.', SH_NAME), $name);
$messages = '<div class="alert alert-success">' . __('SUCCESS! ', SH_NAME) . $message . '</div>';
} else {
if (is_array($t->validation->_error_array)) {
foreach ($t->validation->_error_array as $msg) {
$messages .= '<div class="alert alert-danger"><span class="red">' . __('Error! ', SH_NAME) . '</span>' . $msg . '</div>';
}
}
}
echo $messages;
exit;
return $messages;
}
<?php
include_once 'includes/common/require.php';
_load_class('cpanel');
//include_once ('includes/classes/cpanel.class.php');
//check user login
check_user_session();
global $DB;
//form action
if (isset($_POST['submit']) && _post('task') == 'save_acc') {
$host = isset($_POST['cpanel_host']) ? $_POST['cpanel_host'] : '';
$domain = isset($_POST['cpanel_domain']) ? $_POST['cpanel_domain'] : '';
$user = isset($_POST['cpanel_user']) ? $_POST['cpanel_user'] : '';
$pass = isset($_POST['cpanel_pass']) ? $_POST['cpanel_pass'] : '';
$email = isset($_POST['cpanel_email']) ? $_POST['cpanel_email'] : '';
//update acc
$data = array('cpanel_host' => $host, 'cpanel_domain' => $domain, 'cpanel_user' => $user, 'cpanel_pass' => encrypt($pass), 'cpanel_email' => $email);
$res = update_cpacct($data, isset($_POST['acc_id']) ? $_POST['acc_id'] : '');
#var_dump($DB->Affected_Rows());
}
//edit acc
if (isset($_GET['id']) && is_numeric($_GET['id']) && _get('do') == 'edit') {
$current = get_cpanel_acc(_get('id'));
if (!count($current)) {
unset($current);
}
}
//delete acc
if (isset($_GET['id']) && _get('do') == 'delete') {
del_cpanel_acc(_get('id'));
}
//list rows
/**
* Constructor
*
* Runs the route mapping function.
*/
function CI_Router()
{
$this->config =& _load_class('CI_Config');
$this->_set_route_mapping();
log_message('debug', "Router Class Initialized");
}
* ------------------------------------------------------
*
* Note: Due to the poor object handling in PHP 4 we'll
* contditionally load different versions of the base
* class. Retaining PHP 4 compatibility requires a bit of a hack.
*
* Note: The Loader class needs to be included first
*
*/
_load_class('CI_Loader', FALSE);
if (floor(phpversion()) < 5) {
require BASEPATH . 'codeigniter/Base4' . EXT;
} else {
require BASEPATH . 'codeigniter/Base5' . EXT;
}
_load_class('CI_Controller', FALSE);
require APPPATH . 'controllers/' . $RTR->fetch_directory() . $RTR->fetch_class() . EXT;
/*
* ------------------------------------------------------
* Security check
* ------------------------------------------------------
*
* None of the functions in the app controller or the
* loader class can be called via the URI, nor can
* controller functions that begin with an underscore
*/
$class = $RTR->fetch_class();
$method = $RTR->fetch_method();
if (!class_exists($class) or $method == 'controller' or substr($method, 0, 1) == '_' or in_array($method, get_class_methods('Controller'))) {
show_404();
}
function post()
{
_load_class('validation', 'helpers', true);
$t = _WSH();
$settings = $t->option();
$message = '';
foreach ($this->fields as $f) {
$field_name = sh_set($f, 'name');
$validation = array();
$placehold = sh_set($f, 'placeholder');
foreach (sh_set($f, 'validation') as $valid) {
$validation[] = $valid;
}
/** set validation rules for contact form */
$t->validation->set_rules($field_name, '<strong>' . sh_set($f, 'placeholder') . '</strong>', implode('|', $validation));
$message .= "{$placehold}\t" . $t->validation->post($field_name) . "\r\n";
}
if (sh_set($_POST, 'form_secret') !== $this->_old_hash) {
$t->validation->_error_array['form_secret'] = __('There is form validation error or spamming issue', SH_NAME);
}
if ($t->validation->run() !== FALSE && empty($t->validation->_error_array)) {
$contact_to = sh_set($this->meta, 'form_email') ? sh_set($this->meta, 'form_email') : get_option('admin_email');
$headers = 'From: ' . get_option('name') . ' <' . get_option('admin_email') . '>' . "\r\n";
wp_mail($contact_to, sprintf(__('%s - Form Submitted', SH_NAME), get_the_title($this->id)), $message, $headers);
$response = sh_set($this->meta, 'form_success_msg') ? $this->meta['form_success_msg'] : sprintf(__('Form is successfully submitted, we\'ll response you shortly.', SH_NAME), $name);
return "<div id='success_page' class=\"alert-success\">" . "<h1>" . __("Successful", SH_NAME) . "</h1>" . "<p>" . $response . "</p>" . "</div>";
} else {
$messages = '';
if (is_array($t->validation->_error_array)) {
foreach ($t->validation->_error_array as $msg) {
$messages .= '<div class="alert error_message alert-error">
<p>' . __('Error! ', SH_NAME) . $msg . '</p>
</div>';
}
}
return $messages;
}
return '';
}
/**
* Loader
*
* This function isn't called directly. It's called from
* the two functions above. It's used to load views and files
*
* @access private
* @param array
* @return void
*/
function _ci_load($data)
{
$OUT =& _load_class('CI_Output');
// This allows anything loaded using $this->load (viwes, files, etc.)
// to become accessible from within the Controller and Model functions.
$obj =& get_instance();
foreach ($obj->ci_is_loaded as $val) {
if (!isset($this->{$val})) {
$this->{$val} =& $obj->{$val};
}
}
// Set the default data variables
foreach (array('view', 'vars', 'path', 'return') as $val) {
${$val} = !isset($data[$val]) ? FALSE : $data[$val];
}
/*
* Extract and cached variables
*
* You can either set variables using the dedicated
* $this->load_vars() function or via the second
* parameter of this function. We'll
* merge the two types and cache them so that
* views that are embedded within other views
* can have access to these variables.
*
*/
if (is_array($vars)) {
$this->cached_vars = array_merge($this->cached_vars, $vars);
}
extract($this->cached_vars);
// Set the path to the requested file
if ($path == '') {
$ext = pathinfo($view, PATHINFO_EXTENSION);
$file = $ext == '' ? $view . EXT : $view;
$path = $this->view_path . $file;
} else {
$x = explode('/', $path);
$file = end($x);
}
/*
* Buffer the output
*
* We buffer the output for two reasons:
* 1. Speed. You get a significant speed boost.
* 2. So that the final rendered template can be
* post-processed by the output class. Why do we
* need post processing? For one thing, in order to
* show the elapsed page load time. Unless we
* can intercept the content right before it's sent to
* the browser and then stop the timer, it won't be acurate.
*
*/
if (!file_exists($path)) {
show_error('Unable to load the requested file: ' . $file);
}
ob_start();
include $path;
log_message('debug', 'File loaded: ' . $path);
// Return the file data if requested to
if ($return === TRUE) {
$buffer = ob_get_contents();
ob_end_clean();
return $buffer;
}
/*
* Flush the buffer... or buff the flusher?
*
* In order to permit templates (views) to be nested within
* other views, we need to flush the content back out whenever
* we are beyond the first level of output buffering so that
* it can be seen and included properly by the first included
* template and any subsequent ones. Oy!
*
*/
if (ob_get_level() > $this->ob_level + 1) {
ob_end_flush();
} else {
$OUT->set_output(ob_get_contents());
ob_end_clean();
}
}
public function CI_Base()
{
$instance =& _load_class('Instance');
$instance->set_instance($this);
}
}
}
include_once 'library/form_helper.php';
include_once 'library/functions.php';
include_once 'library/widgets.php';
_load_class('post_types', 'helpers', false);
_load_class('taxonomies', 'helpers', false);
_load_class('ajax', 'helpers', false);
_load_class('forms', 'helpers', false);
_load_class('enqueue', 'helpers', false);
_load_class('validation', 'helpers', true);
_load_class('seo', 'helpers', true);
_load_class('update_theme', 'update', false);
_load_class('donation', 'helpers');
_load_class('shortcodes', 'helpers', true);
_load_class('bootstrap_walker', 'helpers', false);
if (sh_set($_GET, 'sh_shortcode_editor_action')) {
include_once 'resource/shortcode_output.php';
exit;
}
/**
* Include Vafpress Framework
*/
require_once 'vafpress/bootstrap.php';
/**
* Include Custom Data Sources
*/
require_once 'vafpress/admin/data_sources.php';
/**
* Load options, metaboxes, and shortcode generator array templates.
*/
/**
* Exception Handler
*
* This is the custom exception handler we defined at the
* top of this file. The main reason we use this is permit
* PHP errors to be logged in our own log files since we may
* not have access to server logs. Since this function
* effectively intercepts PHP errors, however, we also need
* to display errors based on the current error_reporting level.
* We do that with the use of a PHP error template.
*
* @access private
* @return void
*/
function _exception_handler($severity, $message, $filepath, $line)
{
// We don't bother with "strict" notices since they will fill up
// the log file with information that isn't normally very
// helpful. For example, if you are running PHP 5 and you
// use version 4 style class functions (without prefixes
// like "public", "private", etc.) you'll get notices telling
// you that these have been deprecated.
if ($severity == E_STRICT) {
return;
}
$error =& _load_class('CI_Exceptions');
// Should we display the error?
// We'll get the current error_reporting level and add its bits
// with the severity bits to find out.
if (($severity & error_reporting()) == $severity) {
$error->show_php_error($severity, $message, $filepath, $line);
}
// Should we log the error? No? We're done...
$config =& _get_config();
if ($config['log_errors'] === FALSE) {
return;
}
$error->log_exception($severity, $message, $filepath, $line);
}
<?php
//include libs
include_once 'includes/common/require.php';
_load_class('cpanel');
_load_class('ftp', 'cpanel');
//check user login
check_user_session();
global $DB;
if (isset($_POST['submit'])) {
//validation
if (_post('acc') == '') {
add_message("Please select which account you want to use ?");
goto invalid_form;
}
//get cpanel credentials
/*$acc = get_cpanel_acc(_post('acc'));
$host = isset($acc['cpanel_host'])? $acc['cpanel_host']: '';
$cpaneluser = isset($acc['cpanel_user'])? $acc['cpanel_user']:"";
$cpaneluser_pass= isset($acc['cpanel_pass'])? decrypt($acc['cpanel_pass']) :'';
$email_domain= isset($acc['cpanel_email'])? $acc['cpanel_email']:'*****@*****.**';
*/
//authorize
#$cpanel = new HW_CPanel($host, $cpaneluser, $cpaneluser_pass,false);
$cpanel = HW_CPanel::loadacct_instance(_post('acc'), 0);
//add an ftp
if (_post('task') == 'add_ftp') {
//authorize
#$cpanel_ftp = new HW_CPanel_Ftp($host, $cpaneluser, $cpaneluser_pass);
$cpanel_ftp = HW_CPanel_Ftp::init($cpanel);
$ftp = array('user' => _post('ftp_username'), 'pass' => _post('ftp_passwd'), 'quota' => _post('ftp_quota'), 'homedir' => _post('ftp_homedir'));
<?php
include_once 'includes/common/require.php';
_load_class('mysql', 'cpanel');
_load_class('user', 'cpanel');
//check user login
#check_user_session();
global $DB;
if (isset($_POST['submit'])) {
//validation
if (_post('acc') == '') {
add_message("Please select which account you want to use ?");
goto invalid;
}
//get cpanel credentials
$acc_id = _post('acc');
$acc = get_cpanel_acc($acc_id);
$host = isset($acc['cpanel_host']) ? $acc['cpanel_host'] : '';
$cpaneluser = isset($acc['cpanel_user']) ? $acc['cpanel_user'] : "";
$cpaneluser_pass = isset($acc['cpanel_pass']) ? decrypt($acc['cpanel_pass']) : '';
$email_domain = isset($acc['cpanel_email']) ? $acc['cpanel_email'] : '*****@*****.**';
//db info
$databaseuser = isset($_POST['dbuser']) ? $_POST['dbuser'] : "";
$databasepass = isset($_POST['dbpass']) ? $_POST['dbpass'] : '';
$databasename = isset($_POST['dbname']) ? $_POST['dbname'] : '';
$task = _post('task');
//authorize
$cpanel = new HW_CPanel($host, $cpaneluser, $cpaneluser_pass);
if ($task == 'adddb') {
//create database
if (!empty($databasename)) {
$cpanel_mysql = HW_CPanel_Mysql::init($cpanel);
/**
* Assign the core classes to the global $CI object
*
* By assigning all the classes instantiated by the front controller
* local class variables we enable everything to be accessible using
* $this->class->function()
*
* @access private
* @return void
*/
function _ci_assign_core()
{
foreach (array('Config', 'Input', 'Benchmark', 'URI', 'Output') as $val) {
$class = strtolower($val);
$this->{$class} =& _load_class('CI_' . $val);
$this->ci_is_loaded[] = $class;
}
$this->lang =& _load_class('CI_Language');
$this->ci_is_loaded[] = 'lang';
// In PHP 4 the Controller class is a child of CI_Loader.
// In PHP 5 we run it as its own class.
if (floor(phpversion()) >= 5) {
$this->load = new CI_Loader();
}
$this->ci_is_loaded[] = 'load';
}
/**
* Update/serve a cached file
*
* @access public
* @return void
*/
function _display_cache(&$CFG, &$RTR)
{
$CFG =& _load_class('CI_Config');
$RTR =& _load_class('CI_Router');
$cache_path = $CFG->item('cache_path') == '' ? BASEPATH . 'cache/' : $CFG->item('cache_path');
if (!is_dir($cache_path) or !is_writable($cache_path)) {
return FALSE;
}
// Build the file path. The file name is an MD5 hash of the full URI
$uri = $CFG->item('base_url') . $CFG->item('index_page') . $RTR->uri_string;
$filepath = $cache_path . md5($uri);
if (!@file_exists($filepath)) {
return FALSE;
}
if (!($fp = @fopen($filepath, 'rb'))) {
return FALSE;
}
flock($fp, LOCK_SH);
$cache = '';
if (filesize($filepath) > 0) {
$cache = fread($fp, filesize($filepath));
}
flock($fp, LOCK_UN);
fclose($fp);
// Strip out the embedded timestamp
if (!preg_match("/(\\d+TS--->)/", $cache, $match)) {
return FALSE;
}
// Has the file expired? If so we'll delete it.
if (time() >= trim(str_replace('TS--->', '', $match['1']))) {
@unlink($filepath);
log_message('debug', "Cache file has expired. File deleted");
return FALSE;
}
// Display the cache
$this->_display(str_replace($match['0'], '', $cache));
log_message('debug', "Cache file is current. Sending it to browser.");
return TRUE;
}
<?php
//include libs
include_once 'includes/common/require.php';
_load_class('cpanel');
_load_class('fileman', 'cpanel');
//check user login
check_user_session();
global $DB;
$task = _post('task');
if (isset($_POST['submit'])) {
//validation
if (_post('acc') == '') {
add_message("Please select which account you want to use ?");
goto invalid_form;
}
//get cpanel credentials
$acc_id = _post('acc');
$acc = get_cpanel_acc($acc_id);
$host = isset($acc['cpanel_host']) ? $acc['cpanel_host'] : '';
$cpaneluser = isset($acc['cpanel_user']) ? $acc['cpanel_user'] : "";
$cpaneluser_pass = isset($acc['cpanel_pass']) ? decrypt($acc['cpanel_pass']) : '';
$email_domain = isset($acc['cpanel_email']) ? $acc['cpanel_email'] : '*****@*****.**';
//authorize
$cpanel = new HW_CPanel($host, $cpaneluser, $cpaneluser_pass);
}
if (isset($cpanel)) {
/**
* upload file
*/
if ($task == 'upload') {
#$cpanel_file = HW_CPanel_Fileman::init($cpanel);
/**
* Constructor
*
* Simply globalizes the $RTR object. The front
* loads the Router class early on so it's not available
* normally as other classes are.
*
* @access public
*/
function CI_URI()
{
$this->router =& _load_class('CI_Router');
log_message('debug', "URI Class Initialized");
}
