function http_test_string($name, $method, $arg = array()) { if ($method == "get") { $value = @$_GET[$name]; if ($value == "") { $value = http_get($name); } } else { if ($method == "post") { $value = @$_POST[$name]; } else { if ($method == "cookie") { $value = @$_COOKIE[$name]; } else { $value = $name; } } } $value = trim($value); if (array_key_exists("len", $arg)) { $len = $arg["len"]; } else { $len = 0; } if (array_key_exists("required", $arg)) { $required = $arg["required"]; } else { $required = true; } if (array_key_exists("valid", $arg)) { $valid = $arg["valid"]; } else { $valid = "[a-z][A-Z][0-9]`~!@#\$%^&*()_+-=[]\\{}|;':\",./<>? "; } if ($value == "") { if (array_key_exists("default", $arg)) { return $arg["default"]; } else { if ($required) { default_error("value not found - method [{$method}] type [text] name [{$name}]"); } else { return ""; } } } if (!string_uses($value, $valid)) { default_error("invalid value - method [{$method}] type [string] name [{$name}] value [{$value}]"); } if ($len > 0 && strlen($value) > $len) { return substr($value, 0, $len); } return $value; }
function clean_entities($dirty) { $a = array(); // math $a[] = "forall"; $a[] = "part"; $a[] = "exist"; $a[] = "empty"; $a[] = "nabla"; $a[] = "isin"; $a[] = "notin"; $a[] = "ni"; $a[] = "prod"; $a[] = "sub"; $a[] = "minus"; $a[] = "lowast"; $a[] = "radic"; $a[] = "prop"; $a[] = "infin"; $a[] = "ang"; $a[] = "and"; $a[] = "or"; $a[] = "cap"; $a[] = "cup"; $a[] = "int"; $a[] = "there4"; $a[] = "sim"; $a[] = "cong"; $a[] = "asymp"; $a[] = "ne"; $a[] = "equiv"; $a[] = "le"; $a[] = "ge"; $a[] = "sub"; $a[] = "sup"; $a[] = "nsub"; $a[] = "sube"; $a[] = "supe"; $a[] = "oplus"; $a[] = "otimes"; $a[] = "perp"; $a[] = "plusmn"; $a[] = "frac14"; $a[] = "frac12"; $a[] = "frac34"; $a[] = "divide"; // greek $a[] = "Alpha"; $a[] = "Beta"; $a[] = "Gamma"; $a[] = "Delta"; $a[] = "Epsilon"; $a[] = "Zeta"; $a[] = "Eta"; $a[] = "Theta"; $a[] = "Iota"; $a[] = "Kappa"; $a[] = "Lambda"; $a[] = "Mu"; $a[] = "Nu"; $a[] = "Xi"; $a[] = "Omicron"; $a[] = "Pi"; $a[] = "Rho"; $a[] = "Sigma"; $a[] = "Tau"; $a[] = "Upsilon"; $a[] = "Phi"; $a[] = "Chi"; $a[] = "Psi"; $a[] = "Omega"; $a[] = "alpha"; $a[] = "beta"; $a[] = "gamma"; $a[] = "delta"; $a[] = "epsilon"; $a[] = "zeta"; $a[] = "eta"; $a[] = "theta"; $a[] = "iota"; $a[] = "kappa"; $a[] = "lambda"; $a[] = "mu"; $a[] = "nu"; $a[] = "xi"; $a[] = "omnicron"; $a[] = "pi"; $a[] = "rho"; $a[] = "sigmaf"; $a[] = "sigma"; $a[] = "tau"; $a[] = "upsilon"; $a[] = "phi"; $a[] = "chi"; $a[] = "psi"; $a[] = "omega"; $a[] = "thetasym"; $a[] = "upsih"; $a[] = "straightphi"; $a[] = "piv"; $a[] = "Gammad"; $a[] = "gammad"; $a[] = "varkappa"; $a[] = "varrho"; $a[] = "straightepsilon"; $a[] = "backepsilon"; // latin $a[] = "Agrave"; $a[] = "Aacute"; $a[] = "Acirc"; $a[] = "Atilde"; $a[] = "Auml"; $a[] = "Aring"; $a[] = "AElig"; $a[] = "Ccedil"; $a[] = "Egrave"; $a[] = "Eacute"; $a[] = "Ecirc"; $a[] = "Euml"; $a[] = "Igrave"; $a[] = "Iacute"; $a[] = "Icirc"; $a[] = "Iuml"; $a[] = "ETH"; $a[] = "Ntilde"; $a[] = "Ograve"; $a[] = "Oacute"; $a[] = "Ocirc"; $a[] = "Otilde"; $a[] = "Ouml"; $a[] = "times"; $a[] = "Oslash"; $a[] = "Ugrave"; $a[] = "Uacute"; $a[] = "Ucirc"; $a[] = "Uuml"; $a[] = "Yacute"; $a[] = "THORN"; $a[] = "szlig"; $a[] = "agrave"; $a[] = "aacute"; $a[] = "acirc"; $a[] = "atilde"; $a[] = "auml"; $a[] = "aring"; $a[] = "aelig"; $a[] = "ccedil"; $a[] = "egrave"; $a[] = "eacute"; $a[] = "ecirc"; $a[] = "euml"; $a[] = "igrave"; $a[] = "iacute"; $a[] = "icirc"; $a[] = "iuml"; $a[] = "eth"; $a[] = "ntilde"; $a[] = "ograve"; $a[] = "oacute"; $a[] = "ocirc"; $a[] = "otilde"; $a[] = "ouml"; $a[] = "oslash"; $a[] = "ugrave"; $a[] = "uacute"; $a[] = "ucirc"; $a[] = "uuml"; $a[] = "yacute"; $a[] = "thorn"; $a[] = "yuml"; $a[] = "OElig"; $a[] = "oelig"; $a[] = "Scaron"; $a[] = "scaron"; $a[] = "Yuml"; $a[] = "fnof"; $a[] = "circ"; $a[] = "tilde"; $a[] = "Alpha"; // currency $a[] = "euro"; $a[] = "cent"; $a[] = "pound"; $a[] = "yen"; $a[] = "curren"; // other $a[] = "copy"; $a[] = "reg"; $a[] = "trade"; $a[] = "sup1"; $a[] = "sup2"; $a[] = "sup3"; // symbols $a[] = "deg"; $a[] = "micro"; $a[] = "para"; $a[] = "middot"; $a[] = "dagger"; $a[] = "Dagger"; $a[] = "bull"; $a[] = "hellip"; $a[] = "permil"; $a[] = "prime"; $a[] = "Prime"; // punctuation $a[] = "quot"; $a[] = "amp"; $a[] = "apos"; $a[] = "lt"; $a[] = "gt"; $a[] = "nbsp"; $a[] = "iexcl"; $a[] = "brvbar"; $a[] = "sect"; $a[] = "ordf"; $a[] = "iquest"; $a[] = "sdot"; $a[] = "vellip"; // quotes $a[] = "laquo"; $a[] = "raquo"; $a[] = "lsquo"; $a[] = "rsquo"; $a[] = "sbquo"; $a[] = "ldquo"; $a[] = "rdquo"; $a[] = "bdquo"; $a[] = "lsaquo"; $a[] = "rsaquo"; $a[] = "lceil"; $a[] = "rceil"; $a[] = "lfloor"; $a[] = "rfloor"; $a[] = "lang"; $a[] = "rang"; $len = mb_strlen($dirty); $inside = false; $s = ""; $t = ""; for ($i = 0; $i < $len; $i++) { $c = mb_substr($dirty, $i, 1); if ($inside) { if ($c == "&") { // nested ampersand $s .= "&" . $t; $t = ""; } else { if ($c == ";") { $inside = false; if (@mb_substr($t, 0, 1) == "#") { // numerical entity - nuke it //writeln("numerical"); } else { if (in_array($t, $a)) { // valid entity //writeln("valid"); $s .= "&" . $t . ";"; } else { // invalid entity //writeln("invalid"); } } } else { if (!string_uses($c, "[A-Z][a-z][0-9]#")) { // dangling entity //writeln("dangling [$c] [$i]"); $s .= "&" . $t . $c; $inside = false; } else { $t .= $c; } } } } else { if ($c == "&") { $t = ""; $inside = true; } else { $s .= $c; } } } return $s; }
// // Pipecode is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Pipecode is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Pipecode. If not, see <http://www.gnu.org/licenses/>. // $pid = (int) $s2; if (!string_uses($pid, "[0-9]")) { die("error: invalid pid [{$pid}]"); } if (!http_post()) { die("error: post method required"); } if (!db_has_rec("pipe", $pid)) { die("error: pipe not found [{$pid}]"); } //var_dump($_POST); //if (!empty(@$_POST["up_x"]) || !empty(@$_POST["down_x"])) { if (array_key_exists("up_x", $_POST) || array_key_exists("down_x", $_POST) || array_key_exists("undo_x", $_POST)) { $redirect = true; $up = array_key_exists("up_x", $_POST); //die("up"); } else {
function clean_url($dirty) { $dirty = str_replace("<b>", "", $dirty); $dirty = str_replace("</b>", "", $dirty); $dirty = str_replace("<i>", "", $dirty); $dirty = str_replace("</i>", "", $dirty); $dirty = str_replace("<s>", "", $dirty); $dirty = str_replace("</s>", "", $dirty); $dirty = str_replace("<q>", "", $dirty); $dirty = str_replace("</q>", "", $dirty); $clean = ""; for ($i = 0; $i < strlen($dirty); $i++) { $c = substr($dirty, $i, 1); if (string_uses($c, "[a-z][A-Z][0-9] ")) { $clean .= $c; } } $clean = str_replace(" ", "-", strtolower(trim($clean))); return $clean; }
$user_conf["joined"] = time(); db_set_conf("user_conf", $user_conf, $zid); db_del_rec("email_challenge", $email_challenge["challenge"]); print_header("User Created"); writeln('<h1>User Created</h1>'); writeln('<p>Welcome to ' . $server_title . '!</p>'); writeln('<p>' . $zid . "</p>"); print_footer(); die; } $username = http_post_string("username", array("len" => 20, "valid" => "[a-z][0-9]")); $mail_1 = http_post_string("mail_1", array("len" => 50, "valid" => "[a-z][A-Z][0-9]@.-_+")); $mail_2 = http_post_string("mail_2", array("len" => 50, "valid" => "[a-z][A-Z][0-9]@.-_+")); $answer = http_post_string("answer", array("required" => false)); $luser = strtolower($username); if (string_uses(substr($username, 0, 1), "[0-9]")) { die("user_name may not start with a number [{$username}]"); } if (strlen($username) < 3) { die("user_name must be at least 3 characters [{$username}]"); } $rfc_2142 = array("info", "marketing", "sales", "support", "abuse", "noc", "security", "postmaster", "hostmaster", "usenet", "news", "webmaster", "www", "uucp", "ftp"); if (in_array($luser, $rfc_2142)) { die("username is reserved [{$username}]"); } $reserved_usernames = array("admin", "administrator", "anonymous", "blog", "bugs", "code", "donate", "feed", "feedback", "forum", "git", "img", "legal", "list", "lists", "mail", "pipe", "pipecode", "pipedot", "pipeline", "root", "scm", "ssladmin", "wiki"); if (in_array($luser, $reserved_usernames)) { die("username is reserved [{$username}]"); } if ($mail_1 != $mail_2) { die("email addresses do not match [{$mail_1}] [{$mail_2}]");
// Pipecode is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Pipecode is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Pipecode. If not, see <http://www.gnu.org/licenses/>. // include "render.php"; include "story.php"; if (string_uses($s2, "[0-9]")) { $sid = (int) $s2; } else { $date = $s2; $ctitle = $s3; $time_beg = strtotime($date); if ($time_beg === false) { die("invalid date [{$date}]"); } $time_end = $time_beg + 86400; $row = run_sql("select sid from story where time > ? and time < ? and ctitle = ?", array($time_beg, $time_end, $ctitle)); if (count($row) == 0) { die("story not found - date [{$date}] title [{$ctitle}]"); } $sid = $row[0]["sid"]; }
return; } } } $comment_vote = array(); $comment_vote["cid"] = $cid; $comment_vote["zid"] = $zid; $comment_vote["rid"] = $rid; $comment_vote["time"] = time(); db_set_rec("comment_vote", $comment_vote); } $k = array_keys($_POST); for ($i = 0; $i < count($k); $i++) { $a = explode("_", $k[$i]); if (count($a) == 2) { if ($a[0] == "cid" && string_uses($a[1], "[0-9]") && string_uses($_POST[$k[$i]], "[0-9]-")) { $cid = (int) $a[1]; $rid = (int) $_POST[$k[$i]]; if ($rid >= 0 && $rid <= 10) { moderate($cid, $auth_zid, $rid); } } } } $sid = http_post_int("sid", array("required" => false)); $pid = http_post_int("pid", array("required" => false)); $qid = http_post_int("qid", array("required" => false)); if ($sid > 0) { header("Location: /story/{$sid}"); } else { if ($pid > 0) {
die("invalid aid [" . $aids[$i] . "]"); } $poll_answer = db_get_rec("poll_answer", $aids[$i]); if ($qid != $poll_answer["qid"]) { die("answer [" . $aids[$i] . "] not on question [{$qid}]"); } } } else { if ($type_id == 3) { $row = run_sql("select count(*) as answer_count from poll_answer where qid = ?", array($qid)); $max = $row[0]["answer_count"]; $aids = @$_POST["aid"]; $keys = array_keys($aids); $scores = array(); for ($i = 0; $i < count($keys); $i++) { if (!string_uses($keys[$i], "[0-9]")) { die("invalid aid [" . $keys[$i] . "]"); } $poll_answer = db_get_rec("poll_answer", $keys[$i]); if ($qid != $poll_answer["qid"]) { die("answer [" . $keys[$i] . "] not on question [{$qid}]"); } $aid = $keys[$i]; $score = (int) $aids[$aid]; if ($aids[$aid] === "0" || $score > $max) { die("score out of bounds [{$score}]"); } if ($score > 0) { $scores[] = $score; } }
// // Pipecode is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Pipecode is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Pipecode. If not, see <http://www.gnu.org/licenses/>. // include "../include/common.php"; if (!string_uses($request_script, "[a-z][0-9]_-/")) { die("invalid request [{$request_script}]"); } $a = explode("/", $request_script); if (count($a) >= 2) { $s1 = $a[1]; } else { $s1 = ""; } if (count($a) >= 3) { $s2 = $a[2]; } else { $s2 = ""; } if (count($a) >= 4) { $s3 = $a[3];