public function menu_pages()
{
$q = WebApp::get('q');
$m = WebApp::get('m');
if ($q === NULL) {
return new ActionResult($this, Server::get('HTTP_Referer'), 0, 'No search term sent', B_T_FAIL, array('pages' => array()));
}
if ($m === NULL || $m === '') {
return new ActionResult($this, Server::get('HTTP_Referer'), 0, 'No module selected', B_T_FAIL, array('pages' => array()));
}
$pages = array();
$q = '%' . $q . '%';
$page_query = $this->mySQL_r->prepare("SELECT `ID`,`title` FROM `core_pages` WHERE `title` LIKE ? AND `module_id`=?");
if (!$page_query) {
return new ActionResult($this, Server::get('HTTP_Referer'), 0, 'Query failed', B_T_FAIL, array('pages' => array()));
}
$page_query->bind_param('si', $q, $m);
$page_query->execute();
$page_query->store_result();
$page_query->bind_result($id, $value);
while ($page_query->fetch()) {
$page['id'] = $id;
$page['text'] = $value;
if ($id >= pow(10, 6)) {
$page['text'] = '* ' . $page['text'];
}
$pages[] = $page;
}
return new ActionResult($this, '/admin/core/menu_add', 0, 'Success', B_T_SUCCESS, array('pages' => $pages));
}
function ban($reason, $length = -1, $ip = '')
{
if ($ip == '') {
$ip = Server::get('Remote_Addr');
}
if ($length == -1) {
$length = 36526;
}
if ($this->parent->user->is_loggedIn()) {
$user_id = $this->parent->user->getUserID();
} else {
$user_id = -1;
}
$ban_query = $this->mySQL_w->prepare("INSERT INTO `core_ip` (`time`, `user_id`, `ip`, `length`, `reason`) VALUES (NOW(), ?, INET_ATON(?), ?, ?)\nON DUPLICATE KEY UPDATE\n\t`length`=(`length`+VALUES(`length`)),\n\t`reason`=CONCAT(`reason`, '. Ban extended by ', VALUES(`length`), ' days for reason ', VALUES(`reason`))\n");
$ban_query->bind_param('isis', $user_id, $ip, $length, $reason);
$ban_query->execute();
$ban_query->store_result();
if ($ban_query->affected_rows == 1) {
$this->parent->logEvent($this::name_space, 'Blocked ' . $ip . ' for ' . $length . ' days because "' . $reason . '"');
return true;
} else {
$this->parent->logEvent($this::name_space, 'Failed to block ' . $ip . ' for "' . $reason . '"');
return false;
}
}
protected function _handleInput()
{
if ($this->autodetect) {
$this->current = Project_Navigator::getNavPoint(Server::get('REQUEST_URL'));
} elseif ($this->current !== null) {
Project_Navigator::get($this->current);
}
// check if registered
}
public function update()
{
$this->parent->parent->debug($this::name_space . ': Updating session status...');
$token = Cookie::get('ltkn');
$ip = Server::get('remote_addr');
$update_query = $this->mySQL_w->prepare("UPDATE `core_sessions` SET `IP`=INET_ATON(?), `lpr`=NOW() WHERE `token`=?");
$update_query->bind_param('ss', $ip, $token);
$update_query->execute();
}
public static function del($opt, $path = '/', $domain = '')
{
if ($domain == '') {
$domain = Server::get('Server_Name');
}
if ($domain == 'localhost') {
$domain = NULL;
}
setcookie($opt, '', time() - 3600, $path, $domain);
}
function processAction()
{
$action = WebApp::get('cat3');
if (is_callable(array($this, $action))) {
$this->result = $this->{$action}();
return true;
} else {
$this->result = new ActionResult($this, Server::get('Request_URI'), 0, 'Whoops, something went wrong with that action and we\'re trying to fix it. <br />Error: <code>Action not found: "' . Server::get('Request_URI') . '"</code>');
return false;
}
}
public function checkHTTPS($https)
{
$this->parent->debug($this::name_space . ': Checking HTTPS settings for page...');
if ($this->parent->https !== true && $this->parent->config->config['core']['https']['a'] && $https) {
$location = 'https://' . Server::get('HTTP_Host') . Server::get('Request_URI');
$this->parent->debug($this::name_space . ': HTTPS turned on... follow link: ' . $location);
if (!$this->parent->debug) {
header('Location: ' . $location);
exit;
}
} else {
$this->parent->debug($this::name_space . ': HTTPS left as it is.');
}
}
public function getRelative($name, $path = null)
{
if ($path === null) {
$path = dirname(Server::get('PHP_SELF'));
}
$base = $this->getRelativePath($path == '\\' ? '/' : $path, $this->_base);
if ($base === null) {
$base = $this->_base;
}
try {
$result = $this->_locations->{$name};
return $base . $result;
} catch (No_Such_Variable_Exception $e) {
throw new Navigator_No_Such_Location_Exception($name);
}
}
public function loadConfig()
{
$config = $this->_loadDefaultConfig();
// Load Custom Config
$this->parent->debug($this::name_space . ': Checking for config file');
if (file_exists(__LIBDIR__ . '/config.inc.php')) {
$this->parent->debug($this::name_space . ': Loading config file');
include_once __LIBDIR__ . '/config.inc.php';
} else {
$this->parent->debug($this::name_space . ': Config file not found!');
}
$this->config = $config;
// Don't use CDN for integrity if on HTTPS
if (Server::get('HTTPS') !== NULL && Server::get('HTTPS') !== 'off' || Server::get('SERVER_PORT') == 443) {
$this->config['core']['cdn'] = '/';
}
}
public function secondary_groups()
{
$q = WebApp::get('q');
if ($q === NULL) {
return new ActionResult($this, Server::get('HTTP_Referer'), 0, 'No search term sent', B_T_FAIL, array('groups' => array()));
}
$groups = array();
$q = '%' . $q . '%';
$group_query = $this->mySQL_r->prepare("SELECT `GID`,`name` FROM `core_groups` WHERE `name` LIKE ? AND `type`='s'");
$group_query->bind_param('s', $q);
$group_query->execute();
$group_query->store_result();
$group_query->bind_result($id, $value);
while ($group_query->fetch()) {
$group['id'] = $id;
$group['text'] = $value;
$groups[] = $group;
}
return new ActionResult($this, '/admin/email', 0, 'Success', B_T_SUCCESS, array('groups' => $groups));
}
public function setFile()
{
include __LIBDIR__ . '/fileMIMEs.php';
$this->MIMEs = $MIME_type;
if (WebApp::get('cat1') == 'css' || WebApp::get('cat1') == 'js' || WebApp::get('cat1') == 'images') {
$filename = strtolower(WebApp::get('cat2')) . '/' . WebApp::get('cat1') . '/' . WebApp::get('cat3');
$i = 4;
while (WebApp::get('cat' . $i) !== NULL) {
$filename .= '/' . WebApp::get('cat' . $i);
$i++;
}
$this->parent->addHeader('file', $filename);
$file = __MODULE__ . '/' . $filename;
} elseif (WebApp::get('cat1') == 'fonts') {
$file = __EXECDIR__ . '/' . Server::get('REQUEST_URI');
}
if (file_exists($file)) {
$this->file = $file;
} else {
$this->file = false;
}
}
public function redirect()
{
if (headers_sent()) {
throw new Headers_Already_Sent_Exception();
}
$to = $this->target;
if ($to[0] != '/') {
$dirname = dirname(Server::get('REQUEST_URL'));
if ($dirname == '/') {
$to = "/{$to}";
} else {
$to = "{$dirname}/{$to}";
}
}
if (array_key_exists($this->code, self::$codes)) {
$ht = self::$codes[$this->code];
} else {
throw new Unknown_HTTP_Header_Code_Exception($this->code);
}
header(self::$codes[$this->code]);
header("Location: {$this->schema}://{$this->host}{$to}");
exit;
}
function __construct($parent)
{
$this->parent = $parent;
$this->mySQL_r = $parent->mySQL_r;
$this->mySQL_w = $parent->mySQL_w;
$this->parent->debug('***** ' . $this::name_space . ' *****');
$this->parent->debug($this::name_space . ': Version ' . $this::version);
$this->session = new SessionTokeniser($this);
// Is a user logged in?
if (Session::get($this::name_space, 'loggedIn') !== true) {
$this->parent->debug($this::name_space . ': No user logged in, using anoymous');
$this->_fetchDetails();
return;
}
if ($this->session->check()) {
$this->parent->debug($this::name_space . ': User logged in');
$this->loggedIn = true;
$this->username = Session::get($this::name_space, 'username');
$this->userID = Session::get($this::name_space, 'userID');
$this->session->update();
} else {
Session::del($this::name_space, 'loggedIn');
Session::del($this::name_space, 'username');
Session::del($this::name_space, 'userID');
}
// Create user data
$this->_fetchDetails();
if ($this->enabled == false) {
$this->parent->debug($this::name_space . ': User disabled... logging out');
$this->logout();
header("Location: /user/login");
exit;
} elseif (Server::get('request_uri') != "/user/profile/password" && $this->changePwd == 1) {
$this->parent->debug($this::name_space . ': User must change password');
WebApp::forceRedirect('/user/profile/password');
}
}
protected function resolveHRef()
{
if ($this->page !== null) {
if ($this->page == 'current') {
$page = Server::get('REQUEST_URL');
$qs = Server::get('REQUEST_QUERY_STRING');
if ($qs !== '') {
$qs = "?{$qs}";
}
} else {
$page = Project_Navigator::getPage($this->page, $this->nobase !== null);
$qs = $this->qs === null ? '' : "?{$this->qs}";
}
$link = $page . $qs;
$this->_a->href = $link;
if ($this->popup !== null) {
$onclick = $this->_a->onclick;
if ($onclick === null) {
$onclick = '';
}
if ($onclick !== '' && substr($onclick, -1) != ';') {
$onclick .= ';';
}
if (substr($onclick, -13) == 'return false;') {
$onclick = substr($onclick, 0, -13);
}
$onclick .= "window.open('{$link}','_blank','{$this->popup}');return false";
$this->_a->onclick = $onclick;
}
if ($this->content !== null) {
$this->_a->clear();
$this->_a->add($this->content, false);
}
} else {
throw new Data_Insufficient_Exception('page');
}
}
function logEvent($ns, $event)
{
$this->parent->debug($this::name_space . ': Logging event to event log...');
$userID = $this->parent->user->getUserID();
$user_ip = Server::get('Remote_Addr');
if ($user_ip === NULL) {
$user_ip = '127.0.0.1';
}
$uri = Server::get('Request_URI');
if ($uri === NULL) {
$uri = '<<CLI>>';
}
$event_log = $this->mySQL_w->prepare("INSERT INTO `core_log` (`user_id`,`user_ip`,`uri`,`namespace`,`event`) VALUES(?,INET_ATON(?),?,?,?)");
$event_log->bind_param('issss', $userID, $user_ip, $uri, $ns, $event);
$event_log->execute();
$event_log->store_result();
if ($event_log->affected_rows == 1) {
return true;
} else {
$this->parent->debug($this::name_space . ': ' . $this->mySQL_w->error);
return false;
}
$event_log->free_result();
}
<div class="btn-group pull-right">
<?php
if ($page->parent->config->config['core']['database']) {
if ($user->is_loggedIn()) {
print ' <a href="#" class="btn btn-default">' . $user->get_fullName() . '</a>' . PHP_EOL;
print ' <a href="#" class="btn btn-default dropdown-toggle" data-toggle="dropdown">' . PHP_EOL;
print ' <span class="caret"></span>' . PHP_EOL;
print ' <span class="sr-only">Toggle Dropdown</span>' . PHP_EOL;
print ' </a>' . PHP_EOL;
print ' <ul class="dropdown-menu" role="menu">' . PHP_EOL;
print ' <li><a href="/user/profile">My Profile <span class="pull-right ' . B_ICON . ' ' . B_ICON . '-user"></span></a></li>' . PHP_EOL;
print ' <li class="divider"></li>' . PHP_EOL;
print ' <li><a href="#" onclick="processData(\'/action/user/lock\')">';
print 'Lock <span class="pull-right ' . B_ICON . ' ' . B_ICON . '-lock"></span></a></li>' . PHP_EOL;
print ' <li class="divider"></li>' . PHP_EOL;
print ' <li><a href="/action/user/logout?r=' . urlencode(Server::get('Request_URI')) . '">';
print 'Logout <span class="pull-right ' . B_ICON . ' ' . B_ICON . '-log-out"></span></a></li>' . PHP_EOL;
print ' </ul>' . PHP_EOL;
} else {
print ' <a href="/user/login" class="btn btn-default">Log In <span class="pull-right ' . B_ICON . ' ' . B_ICON . '-log-in"></span></a>' . PHP_EOL;
if (!$page->parent->config->config['core']['maintenance']) {
print ' <a href="#" class="btn btn-default dropdown-toggle" data-toggle="dropdown">' . PHP_EOL;
print ' <span class="caret"></span>' . PHP_EOL;
print ' <span class="sr-only">Toggle Dropdown</span>' . PHP_EOL;
print ' </a>' . PHP_EOL;
print ' <ul class="dropdown-menu" role="menu">' . PHP_EOL;
print ' <li><a href="/user/recover" class="btn btn-default">Forgot Details?</a></li>' . PHP_EOL;
print ' <li><a href="/user/register">Registration</a></li>' . PHP_EOL;
print ' </ul>' . PHP_EOL;
}
}
protected function resolveQS()
{
if ($this->_qs === null) {
$this->qs = Server::get('REQUEST_QUERY_STRING');
$this->_qs->remove($this->ns . 'ni');
$this->_qs->remove($this->ns . 'pg');
}
}
public function down()
{
$MID = WebApp::get('cat4') === NULL ? '' : WebApp::get('cat4');
$up_query = $this->mySQL_w->prepare("UPDATE\n\t`core_menu` INNER JOIN (SELECT `position` FROM `core_menu` WHERE `MID`=?) curr\n\tON `core_menu`.`position` IN (curr.`position`, curr.`position`+1)\nSET\n\t`core_menu`.`position` = CASE WHEN `core_menu`.`position`=curr.`position`+1\n\t\tTHEN curr.`position` ELSE curr.`position`+1 END;");
if (!$up_query) {
return new ActionResult($this, Server::get('HTTP_Referer'), 0, 'Failed to swap item position!<br />Error: <code>Query failed</code>', B_T_FAIL);
}
$up_query->bind_param('i', $MID);
$up_query->execute();
if ($up_query->affected_rows == 2) {
return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Swapped positions!', B_T_SUCCESS);
} else {
return new ActionResult($this, Server::get('HTTP_Referer'), 0, 'Failed to swap positions!', B_T_FAIL);
}
}
public function SrvEventClientDisconnect($id)
{
$_warns = Server::get('warns');
unset($_warns[$id]);
Server::set('warns', $_warns);
}
static function recoverAccount($name, $username, $email, $code)
{
$html = '<p>Dear ' . $name . ',</p>' . PHP_EOL;
$html .= '<p>You had trouble logging in and requested to recover your account. To protect your account, we have disabled your account and it will need activating before you can set a new password and log in. In addition to this, we\'d like to remind of of your details.</p>' . PHP_EOL;
$html .= '<h3>Your Details:</h3>' . PHP_EOL;
$html .= '<p><strong>Name:</strong> ' . $name . '<br />' . PHP_EOL;
$html .= '<strong>Email:</strong> ' . $email . '<br />' . PHP_EOL;
$html .= '<strong>Username:</strong> ' . $username . '</p>' . PHP_EOL;
$html .= '<p>To recover your account and activate it, <a href="https://' . Server::get('HTTP_Host') . '/user/activate?code=' . $code . '">click here</a><br />' . PHP_EOL;
$html .= 'Alternatively, visit <a href="https://' . Server::get('HTTP_Host') . '/user/activate">https://' . Server::get('HTTP_Host') . '/user/activate</a> and paste the following code into the activation code box.</p>' . PHP_EOL;
$html .= '<p><strong>Activation Code:</strong> ' . $code . '</p>' . PHP_EOL;
$html .= '<p>Many Thanks,<br />' . PHP_EOL . 'Biggleswade Swimming Club</p>';
$text = 'Dear ' . $name . ',' . PHP_EOL;
$text .= 'You had trouble logging in and requested to recover your account. To protect your account, we have disabled your account and it will need activating before you can set a new password and log in. In addition to this, we\'d like to remind of of your details.' . PHP_EOL;
$text .= 'Your Details:' . PHP_EOL;
$text .= 'Name: ' . $name . PHP_EOL;
$text .= 'Email: ' . $email . PHP_EOL;
$text .= 'Username: '******'To activate your account, visit https://' . Server::get('HTTP_Host') . '/user/activate and paste the following code into the activation code box.' . PHP_EOL;
$text .= 'Activation Code: ' . $code . PHP_EOL . PHP_EOL;
$html .= 'Many Thanks,' . PHP_EOL . 'Biggleswade Swimming Club';
return array('html' => $html, 'text' => $text);
}
public function IrcStats($pseudo, $channel, $cmd, $message)
{
$server = LeelaBotIrc::nameOfServer($cmd[2], FALSE);
$actual = Server::getName();
if (isset($cmd[1])) {
if ($server !== false) {
Server::setServer($this->_main->servers[$server]);
$target = Server::searchPlayer(trim($cmd[1]));
if (!$target) {
LeelaBotIrc::sendMessage("Unknown player");
} elseif (is_array($target)) {
$players = array();
foreach ($target as $p) {
$players[] = Server::getPlayer($p)->name;
}
LeelaBotIrc::sendMessage("Multiple players found : " . join(', ', $players));
} else {
$buffer = array();
$_stats = Server::get('stats');
$_awards = Server::get('awards');
$player = Server::getPlayer($target);
if ($_stats[$player->id]['deaths'] != 0) {
$ratio = $_stats[$player->id]['kills'] / $_stats[$player->id]['deaths'];
} else {
$ratio = $_stats[$player->id]['kills'];
}
if (in_array('hits', $this->config['ShowStats'])) {
//Gestion des hits en fonction de la configuration du plugin de stats
$hits = " Hits : " . $_stats[$player->id]['hits'] . " - ";
}
if (Server::getServer()->serverInfo['g_gametype'] == 7) {
//Gestion des caps uniquement en CTF
$caps = " - Caps : " . $_stats[$player->id]['caps'];
}
LeelaBotIrc::sendMessage("Stats de " . $player->name . " : " . $hits . " Kills : " . $_stats[$player->id]['kills'] . " - Deaths : " . $_stats[$player->id]['deaths'] . " - Ratio : " . $ratio . $caps . " - Streaks : " . $_stats[$player->id]['streaks']);
}
Server::setServer($this->_main->servers[$actual]);
}
} else {
LeelaBotIrc::sendMessage("Player name missing");
}
}
public function session_destroym()
{
if (!$this->accessAdminPage(20)) {
return new ActionResult($this, '/admin/', 0, 'You are not allowed to do that', B_T_FAIL);
}
$userID = WebApp::get('cat4');
if ($userID === NULL || $userID == '') {
return new ActionResult($this, '/admin/user/user_view', 0, 'User ID cannot be blank!', B_T_FAIL);
}
$destroy_query = $this->mySQL_w->prepare("DELETE FROM `core_sessions` WHERE `user`=?");
$destroy_query->bind_param('i', $userID);
$destroy_query->execute();
$destroy_query->store_result();
if ($destroy_query->affected_rows != 0) {
$this->parent->parent->logEvent($this::name_space, 'Logged out user ' . $userID);
return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'User was logged!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Failed to add ' . $userID);
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to logout user!', B_T_FAIL);
}
}
public static function forceRedirect($uri)
{
if (strpos(Server::get('request_uri'), "action") === false && strpos(Server::get('request_uri'), "ajax") === false && strpos(Server::get('request_uri'), "css") === false && strpos(Server::get('request_uri'), "font") === false && strpos(Server::get('request_uri'), "js") === false && strpos(Server::get('request_uri'), "image") === false && strpos(Server::get('request_uri'), parse_url($uri, PHP_URL_PATH)) === false) {
header('Location: ' . $uri);
exit;
}
}
public static function getById(Server $server, $id)
{
return $server->get("reusable_invoice_items/show", array("id" => $id));
}
protected function _spamDetected()
{
$this->saveSessionVars();
$this->_redirection = Project_Navigator::getNavPoint(Server::get('REQUEST_URL'));
}
protected function _updateSuccessTemplate()
{
//$this->__updateFormTemplate();
$this->_redirection = Project_Navigator::getNavPoint(Server::get('REQUEST_URL'));
}
protected function _getSuccessPageNavPoint()
{
return $this->successPage !== NULL ? $this->successPage : Project_Navigator::getNavPoint(Server::get('REQUEST_URL'));
}
<?php
$config = $this->parent->parent->config->config;
$closeBtn = array('a' => array('t' => 'url', 'a' => '../'), 'ic' => 'remove-sign');
$form = $page->getPlugin('form', array('system_info', WebApp::action('core', 'system_info', true), 'post'));
$form->setColumns(3, 9)->setIndent(' ')->addHTML('<h3>Web Server Info</h3>', false)->addTextField('IP', 'server_addr', Server::get('Server_Addr'), array('t' => 'IP Address of the server'), array('ro' => true))->addTextField('Name', 'server_name', Server::get('Server_Name'), array('t' => 'Server host name'), array('ro' => true))->addTextField('Software', 'server_software', Server::get('Server_Software'), array('t' => 'Software powering the server'), array('ro' => true))->addTextField('Signature', 'server_signature', array_pop(GUMP::xss_clean(array(Server::get('Server_Signature')))), array('t' => ''), array('ro' => true))->addTextField('Port', 'server_port', Server::get('Server_Port'), array('t' => 'Port the server is listening on'), array('ro' => true))->addTextField('Gateway Interface', 'server_gateway', Server::get('Gateway_Interface'), array('t' => 'How the web server is communicating with PHP'), array('ro' => true))->addTextField('Protocol', 'protocol', Server::get('Server_Protocol'), array('t' => 'Protocol used to communicate between the web server and client'), array('ro' => true))->addTextField('PHP Version', 'php_version', phpversion(), array('t' => 'Software powering the website'), array('ro' => true))->addTextField('HTTPS', 'server_https', Server::get('HTTPS'), array('t' => 'HTTPS Status of the server'), array('ro' => true))->addHTML('<h3>Database</h3>', false)->addHTML('<h4>Read Server</h4>', false)->addTextField('Connection', 'mysqlr_con', $this->mySQL_r->host_info, array('t' => ''), array('ro' => true))->addTextField('Version', 'mysqlr_ver', $this->mySQL_r->server_info, array('t' => ''), array('ro' => true))->addTextField('Client', 'mysqlr_cli', $this->mySQL_r->client_info, array('t' => ''), array('ro' => true))->addHTML('<h4>Write Server</h4>', false)->addTextField('Connection', 'mysqlw_con', $this->mySQL_w->host_info, array('t' => ''), array('ro' => true))->addTextField('Version', 'mysqlw_ver', $this->mySQL_w->server_info, array('t' => ''), array('ro' => true))->addTextField('Client', 'mysqlw_cli', $this->mySQL_w->client_info, array('t' => ''), array('ro' => true));
$form->build();
?>
<div class="row pane">
<div class="col-xs-12">
<h1 class="page-header">System Information</h1>
<?php
print $form->getForm();
?>
</div>
</div>