Exemplo n.º 1
0
 /**
  * Don't bother loading if the gd library isn't active
  */
 public function action_plugin_activation($file)
 {
     if (!function_exists('imagecreatefromjpeg')) {
         Session::error(_t("Habari Silo activation failed. PHP has not loaded the gd imaging library."));
         Plugins::deactivate_plugin(__FILE__);
     }
 }
Exemplo n.º 2
0
 /**
  * function add_comment
  * adds a comment to a post, if the comment content is not NULL
  * @param array An associative array of content found in the $_POST array
  */
 public function act_add_comment()
 {
     Utils::check_request_method(array('POST'));
     // We need to get the post anyway to redirect back to the post page.
     $post = Post::get(array('id' => $this->handler_vars['id']));
     if (!$post) {
         // trying to comment on a non-existent post?  Weirdo.
         header('HTTP/1.1 403 Forbidden', true, 403);
         die;
     }
     // Allow theme action hooks to work
     Themes::create();
     $form = $post->comment_form();
     $form->get();
     // Disallow non-FormUI comments
     if (!$form->submitted) {
         // Trying to submit a non-FormUI comment
         header('HTTP/1.1 403 Forbidden', true, 403);
         die;
     } else {
         // To be eventually incorporated more fully into FormUI.
         Plugins::act('comment_form_submit', $form);
         if ($form->success) {
             $this->add_comment($post->id, $form->cf_commenter->value, $form->cf_email->value, $form->cf_url->value, $form->cf_content->value, $form->get_values());
         } else {
             Session::error(_t('There was a problem submitting your comment.'));
             $form->bounce();
             //Utils::redirect( $post->permalink . '#respond' );
         }
     }
 }
Exemplo n.º 3
0
 /**
  * Constructor for RenderCache
  *
  * Sets up paths and gets the list of groups from file
  */
 public static function __static()
 {
     //Define the cache path and url
     self::$cache_path = HABARI_PATH . '/' . self::$rel_cache_path;
     self::$cache_url = Site::get_url('habari') . '/' . self::$rel_cache_path;
     //If the cache directory doesn't exist, make it
     if (!is_dir(self::$cache_path)) {
         mkdir(self::$cache_path, 0755);
     }
     //Enable only if the cache directory now exists and is writable
     self::$enabled = is_dir(self::$cache_path) && is_writeable(self::$cache_path);
     //Give an error if the cache directory is not writable
     if (!self::$enabled) {
         Session::error(sprintf(_t("The cache directory '%s' is not writable - the cache is disabled. The user, or group, which your web server is running as, needs to have read, write, and execute permissions on this directory."), self::$cache_path), 'RenderCache');
         EventLog::log(sprintf(_t("The cache directory '%s' is not writable - the cache is disabled."), self::$cache_path), 'notice', 'RenderCache', 'habari');
         return;
     }
     //Get the list of group names
     $group_file = self::get_group_list_file();
     if (file_exists($group_file)) {
         self::$group_list = unserialize(file_get_contents($group_file));
     } else {
         self::$group_list = array();
     }
 }
Exemplo n.º 4
0
	/**
	 * Handles GET requests for the import page.
	 */
	public function get_import()
	{
		// First check for troublesome plugins
		$bad_features = array(
		    'ping',
		    'pingback',
		    'spamcheck',
		);
		$troublemakers = array();
		$plugins = Plugins::list_active();
		foreach( $plugins as $plugin ) {
			$info = Plugins::load_info( $plugin );
			$provides = array();
			if( isset($info->provides ) ) {
				foreach( $info->provides->feature as $feature ) {
					$provides[] = $feature;
				}
			}
			$has_bad = array_intersect( $bad_features, $provides );
			if( count( $has_bad ) ) {
				$troublemakers[] = $info->name;
			}
		}
		if( count( $troublemakers ) ) {
			$troublemakers = implode( ', ', $troublemakers );
			$msg = _t( 'Plugins that conflict with importing are active. To prevent undesirable consequences, please de-activate the following plugins until the import is finished: ' ) . '<br>';
			$msg .= $troublemakers;
			$this->theme->conflicting_plugins = $msg;
			Session::error( $msg );
		}

		// Now get on with creating the page
		$importer = isset( $_POST['importer'] ) ? $_POST['importer'] : '';
		$stage = isset( $_POST['stage'] ) ? $_POST['stage'] : '1';
		$step = isset( $_POST['step'] ) ? $_POST['step'] : '1';

		$this->theme->enctype = Plugins::filter( 'import_form_enctype', 'application/x-www-form-urlencoded', $importer, $stage, $step );
		
		// filter to get registered importers
		$importers = Plugins::filter( 'import_names', array() );
		
		// fitler to get the output of the current importer, if one is running
		if ( $importer != '' ) {
			$output = Plugins::filter( 'import_stage', '', $importer, $stage, $step );
		}
		else {
			$output = '';
		}

		$this->theme->importer = $importer;
		$this->theme->stage = $stage;
		$this->theme->step = $step;
		$this->theme->importers = $importers;
		$this->theme->output = $output;
		
		$this->display( 'import' );

	}
Exemplo n.º 5
0
 /**
  * Constructor for APCCache
  */
 public function __construct()
 {
     $this->prefix = Options::get('private-GUID');
     $this->enabled = extension_loaded('apc');
     if (!$this->enabled) {
         Session::error(_t("The APC Cache PHP module is not loaded - the cache is disabled.", "apccache"), 'filecache');
         EventLog::log(_t("The APC Cache PHP module is not loaded - the cache is disabled.", "apccache"), 'notice', 'cache', 'apccache');
     }
 }
Exemplo n.º 6
0
 public function login($params = [])
 {
     if ($error = Session::authorize_admin($params['username'], $params['password'])) {
         Session::$error = $error;
         header('Location: ' . SUBDIR . '/md/admin');
     } else {
         header('Location: ' . SUBDIR . '/md/doc-editor');
     }
 }
Exemplo n.º 7
0
 public function filter_activate_plugin($ok, $file)
 {
     // Don't bother loading if the gd library isn't active
     if (!function_exists('imagecreatefromjpeg')) {
         EventLog::log(_t("S3 Silo activation failed. PHP has not loaded the gd imaging library."), 'warning', 'plugin');
         Session::error(_t("S3 Silo activation failed. PHP has not loaded the gd imaging library."));
         $ok = false;
     }
     return $ok;
 }
Exemplo n.º 8
0
 /**
  * function action_init
  * A function which makes sure we are good to go for plugin activation.
  */
 public function action_init()
 {
     if (!class_exists('RenderCache')) {
         Session::error(_t("LaTeX activation failed. This plugin requires the RenderCache class which was not found."));
         Plugins::deactivate_plugin(__FILE__);
         //Deactivate plugin
         Utils::redirect();
         //Refresh page. Unfortunately, if not done so then results don't appear
     }
 }
Exemplo n.º 9
0
 /**
  * Handler FormUI success action and do the replacement
  **/
 public function filter_do_replace($show_form, $form)
 {
     if (DB::query('UPDATE {posts} SET content = REPLACE(content, ? , ?)', array($form->search->value, $form->replace->value))) {
         Session::notice(sprintf(_t('Successfully replaced \'%s\' with \'%s\' in all posts'), $form->search->value, $form->replace->value));
         Utils::redirect(URL::get('admin', array('page' => 'plugins', 'configure' => Plugins::id_from_file(__FILE__), 'configaction' => _t('Replace'))), false);
     } else {
         Session::error(_t('There was an error with replacement.'));
     }
     return false;
 }
Exemplo n.º 10
0
 public function action_plugin_activation($file)
 {
     if (realpath($file) == __FILE__) {
         // Let's make sure we at least have the default paths set
         $this->default_paths();
         // Also, check if the upload directory exist and are writable
         if (!$this->check_upload_dir()) {
             Session::error(_t('Failed to create the upload directory for metaWeblog.'));
         }
     }
 }
Exemplo n.º 11
0
 /**
  * Don't bother loading if the gd library isn't active
  */
 public function action_plugin_activation($file)
 {
     if (!function_exists('imagecreatefromjpeg')) {
         Session::error(_t("Habari Silo activation failed. PHP has not loaded the gd imaging library."));
         Plugins::deactivate_plugin(__FILE__);
     }
     // Create required tokens
     ACL::create_token('create_directories', _t('Create media silo directories'), 'Administration');
     ACL::create_token('delete_directories', _t('Delete media silo directories'), 'Administration');
     ACL::create_token('upload_media', _t('Upload files to media silos'), 'Administration');
     ACL::create_token('delete_media', _t('Delete files from media silos'), 'Administration');
 }
Exemplo n.º 12
0
 public function act_uninstall($handler, $theme)
 {
     try {
         $package = HabariPackages::remove($handler->handler_vars['guid']);
         Session::notice("{$package->name} {$package->version} was uninstalled.");
     } catch (Exception $e) {
         Session::error('Could not complete uninstall: ' . $e->getMessage());
         if (DEBUG) {
             Utils::debug($e);
         }
     }
 }
Exemplo n.º 13
0
 function call($method, $args = array())
 {
     $args = array_merge(array('method' => $method, 'api_key' => $this->key), $args);
     ksort($args);
     $args = array_merge($args, array('api_sig' => $this->sign($args)));
     ksort($args);
     if ($method == 'upload') {
         $req = curl_init();
         $args['api_key'] = $this->key;
         $photo = $args['photo'];
         $args['photo'] = '@' . $photo;
         curl_setopt($req, CURLOPT_URL, $this->uploadendpoint);
         curl_setopt($req, CURLOPT_TIMEOUT, 0);
         // curl_setopt($req, CURLOPT_INFILESIZE, filesize($photo));
         // Sign and build request parameters
         curl_setopt($req, CURLOPT_POSTFIELDS, $args);
         curl_setopt($req, CURLOPT_CONNECTTIMEOUT, $this->conntimeout);
         curl_setopt($req, CURLOPT_FOLLOWLOCATION, 1);
         curl_setopt($req, CURLOPT_HEADER, 0);
         curl_setopt($req, CURLOPT_RETURNTRANSFER, 1);
         $this->_http_body = curl_exec($req);
         if (curl_errno($req)) {
             throw new Exception(curl_error($req));
         }
         curl_close($req);
         $xml = simplexml_load_string($this->_http_body);
         $this->xml = $xml;
         return $xml;
     } else {
         $url = $this->endpoint . implode('&', $this->encode($args));
         $call = new RemoteRequest($url);
         $call->set_timeout(5);
         try {
             $result = $call->execute();
         } catch (RemoteRequest_Timeout $t) {
             Session::error('Currently unable to connect to Flickr.', 'flickr API');
             return false;
         } catch (Exception $e) {
             // at the moment we're using the same error message, though this is more catastrophic
             Session::error('Currently unable to connect to Flickr.', 'flickr API');
             return false;
         }
         $response = $call->get_response_body();
         try {
             $xml = new SimpleXMLElement($response);
             return $xml;
         } catch (Exception $e) {
             Session::error('Unable to process Flickr response.', 'flickr API');
             return false;
         }
     }
 }
Exemplo n.º 14
0
 /**
  * Handles AJAX from /admin/tags
  * Used to delete and rename tags
  */
 public function ajax_tags($handler_vars)
 {
     Utils::check_request_method(array('POST'));
     $wsse = Utils::WSSE($handler_vars['nonce'], $handler_vars['timestamp']);
     if ($handler_vars['digest'] != $wsse['digest']) {
         Session::error(_t('WSSE authentication failed.'));
         echo Session::messages_get(true, array('Format', 'json_messages'));
         return;
     }
     $tag_names = array();
     $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true));
     $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir);
     $action = $this->handler_vars['action'];
     switch ($action) {
         case 'delete':
             foreach ($_POST as $id => $delete) {
                 // skip POST elements which are not tag ids
                 if (preg_match('/^tag_\\d+/', $id) && $delete) {
                     $id = substr($id, 4);
                     $tag = Tags::get_by_id($id);
                     $tag_names[] = $tag->term_display;
                     Tags::vocabulary()->delete_term($tag);
                 }
             }
             $msg_status = _n(_t('Tag %s has been deleted.', array(implode('', $tag_names))), _t('%d tags have been deleted.', array(count($tag_names))), count($tag_names));
             Session::notice($msg_status);
             break;
         case 'rename':
             if (!isset($this->handler_vars['master'])) {
                 Session::error(_t('Error: New name not specified.'));
                 echo Session::messages_get(true, array('Format', 'json_messages'));
                 return;
             }
             $master = $this->handler_vars['master'];
             $tag_names = array();
             foreach ($_POST as $id => $rename) {
                 // skip POST elements which are not tag ids
                 if (preg_match('/^tag_\\d+/', $id) && $rename) {
                     $id = substr($id, 4);
                     $tag = Tags::get_by_id($id);
                     $tag_names[] = $tag->term_display;
                 }
             }
             Tags::vocabulary()->merge($master, $tag_names);
             $msg_status = sprintf(_n('Tag %1$s has been renamed to %2$s.', 'Tags %1$s have been renamed to %2$s.', count($tag_names)), implode($tag_names, ', '), $master);
             Session::notice($msg_status);
             break;
     }
     $this->theme->tags = Tags::vocabulary()->get_tree();
     $this->theme->max = Tags::vocabulary()->max_count();
     echo json_encode(array('msg' => Session::messages_get(true, 'array'), 'tags' => $this->theme->fetch('tag_collection')));
 }
Exemplo n.º 15
0
 /**
  * Initialize by added directory variables
  */
 public function action_init()
 {
     $this->logs = dirname(__FILE__) . '/logs';
     $this->cache = dirname(__FILE__) . '/cache';
     if (!$this->confirm_dirs($error)) {
         Session::error("Clickheat error: {$error}");
         Plugins::deactivate_plugin(__FILE__);
         // Deactivate plugin
         Utils::redirect();
         //Refresh page
         exit;
     }
 }
Exemplo n.º 16
0
 /**
  * Constructor for MemcacheCache
  *
  * Sets up paths etc. and reads cache index, if it exists.
  */
 public function __construct()
 {
     $this->prefix = Options::get('GUID');
     $this->enabled = extension_loaded('memcache');
     if ($this->enabled) {
         $this->memcache = new Memcache();
         $this->memcache->connect(Config::get('memcache_host', 'localhost'), Config::get('memcache_port', 11211));
         $this->cache_index = $this->memcache->get('habari:cache:index');
     } else {
         Session::error(_t("The Memcache PHP module is not loaded - the cache is disabled.", "memcache"), 'memcachecache');
         EventLog::log(_t("The Memcache PHP module is not loaded - the cache is disabled.", "memcache"), 'notice', 'cache', 'memcachecache');
     }
 }
Exemplo n.º 17
0
 public function action_plugin_ui($plugin_id, $action)
 {
     switch ($action) {
         case 'update':
             $result = $this->filter_rssblocks_update(false, true);
             if ($result) {
                 Session::notice('RSS Feeds Successfully Updated');
             } else {
                 Session::error('RSS Feeds Did Not Successfully Update');
             }
             break;
     }
 }
Exemplo n.º 18
0
 /**
  * Check whether the preconditions for the plugin are installed
  *
  * @return boolean
  */
 public function check_conditions()
 {
     $ok = true;
     if (!is_writable($this->_root_path)) {
         Session::error('Init failed, Search index directory is not writeable. Please update configuration with a writeable directiory.', 'Multi Search');
         $ok = false;
     }
     if (!class_exists("Zend_Search_Lucene")) {
         Session::error('Init failed, Zend Framework or Zend Search Lucene not installed.', 'Multi Search');
         $ok = false;
     }
     return $ok;
 }
Exemplo n.º 19
0
 public function action_plugin_activation($file)
 {
     if ($file == str_replace('\\', '/', $this->get_file())) {
         CpgDb::registerTables();
         //Options::set( 'cpg__db_version', CpgDb::DB_VERSION );
         CpgOptions::setDbVersion(CpgDb::DB_VERSION);
         if (CpgDb::install()) {
             Session::notice(_t('Created the CPG database tables.', 'cpg'));
         } else {
             Session::error(_t('Could not install CPG database tables.', 'cpg'));
         }
     }
 }
Exemplo n.º 20
0
 public function action_post_insert_after($post)
 {
     if (Post::status('published') != $post->status) {
         return;
     }
     try {
         $bitly = new BitlyAPI(Options::get('bitly__login'), Options::get('bitly__api_key'));
         $result = $bitly->shorten($post->permalink);
         $post->info->short_url = $result->data->url;
     } catch (Exception $e) {
         Session::error('Could not communicate with bit.ly API.', 'Bit.ly API');
     }
 }
 public function do_login($ui)
 {
     $login = $this->api_login($ui->email->value, $ui->password->value);
     if ($login->error != '0') {
         Session::error($login->error);
     } else {
         Options::set('linkit__email', $ui->email->value);
         Options::set('linkit__privatekey', $login->private_key);
         Options::set('linkit__publickey', $login->public_key);
         Session::notice(_t('Successful login.'));
     }
     return _t('You have logged in successfully', 'linkit');
     // do not display the form again
 }
 /**
  * Do some checking and setting up.
  */
 public function action_plugin_activation($file)
 {
     // Don't bother loading if the gd library isn't active
     if (!function_exists('imagecreatefromjpeg')) {
         Session::error(_t("Simple Gallery activation failed. PHP has not loaded the gd imaging library."));
         Plugins::deactivate_plugin(__FILE__);
     } else {
         /*
         $this->silo = new HabariSilo();
         $this->silo->action_init();
         $this->silo->mkdir('simplegallery');
         */
     }
 }
Exemplo n.º 23
0
 /**
  * Read session data from the database to return into the $_SESSION global.
  * Verifies against a number of parameters for security purposes.
  *
  * @param string $session_id The id generated by PHP for the session.
  * @return string The retrieved session.
  */
 static function read($session_id)
 {
     // for offline testing
     $remote_address = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
     // not always set, even by real browsers
     $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
     $session = DB::get_row('SELECT * FROM {sessions} WHERE token = ?', array($session_id));
     // Verify session exists
     if (!$session) {
         self::$initial_data = false;
         return false;
     }
     $dodelete = false;
     if (!defined('SESSION_SKIP_SUBNET') || SESSION_SKIP_SUBNET != true) {
         // Verify on the same subnet
         $subnet = self::get_subnet($remote_address);
         if ($session->subnet != $subnet) {
             $dodelete = true;
         }
     }
     // Verify expiry
     if (HabariDateTime::date_create(time())->int > $session->expires) {
         Session::error(_t('Your session expired.'), 'expired_session');
         $dodelete = true;
     }
     // Verify User Agent
     if ($user_agent != $session->ua) {
         $dodelete = true;
     }
     // Let plugins ultimately decide
     $dodelete = Plugins::filter('session_read', $dodelete, $session, $session_id);
     if ($dodelete) {
         $sql = 'DELETE FROM {sessions} WHERE token = ?';
         $args = array($session_id);
         $sql = Plugins::filter('sessions_clean', $sql, 'read', $args);
         DB::query($sql, $args);
         return false;
     }
     // Do garbage collection, since PHP is bad at it
     $probability = ini_get('session.gc_probability');
     // Allow plugins to control the probability of a gc event, return >=100 to always collect garbage
     $probability = Plugins::filter('gc_probability', is_numeric($probability) && $probability > 0 ? $probability : 1);
     if (rand(1, 100) <= $probability) {
         self::gc(ini_get('session.gc_maxlifetime'));
     }
     // Throttle session writes, so as to not hammer the DB
     self::$initial_data = ini_get('session.gc_maxlifetime') - $session->expires + HabariDateTime::date_create(time())->int < 120 ? $session->data : FALSE;
     return $session->data;
 }
Exemplo n.º 24
0
 function action_template_header($theme)
 {
     // Add the HTML5 shiv for IE < 9
     Stack::add('template_header_javascript', array('http://cdnjs.cloudflare.com/ajax/libs/html5shiv/r29/html5.js', null, '<!--[if lt IE 9]>%s<![endif]-->'), 'html5_shiv');
     // Add this line to your config.php to show an error and a notice, and
     // to process the raw LESS code via javascript instead of the rendered CSS:  define('DEBUG_THEME', 1);
     if (defined('DEBUG_THEME')) {
         Session::error('This is a <b>sample error</b>');
         Session::notice('This is a <b>sample notice</b> for ' . $_SERVER['REQUEST_URI']);
         Stack::add('template_header_javascript', $theme->get_url('/less/less-1.3.0.min.js'), 'less');
         Stack::add('template_stylesheet', array($theme->get_url('/less/style.less'), null, array('type' => null, 'rel' => 'stylesheet/less')), 'style');
     } else {
         Stack::add('template_stylesheet', $theme->get_url('/css/style.css'), 'style');
     }
 }
Exemplo n.º 25
0
 function action_template_header($theme)
 {
     // Add the HTML5 shiv for IE < 9
     Stack::add('template_header_javascript', StackItem::get('html5_shiv'));
     Stack::add('template_header_javascript', StackItem::get('less-js'));
     Stack::add('template_header_javascript', '$(function(){$("#masthead").click(function(){location.href=$("#home").attr("href");})})', 'homelink', 'jquery');
     Stack::add('template_stylesheet', $theme->get_url('/fonts/new_athena_unicode.css'), 'new_athena_unicode');
     Stack::add('template_stylesheet', $theme->get_url('/fonts/ss-standard.css'), 'ss-standard');
     //Stack::add('template_stylesheet', $theme->get_url('/css/style.css'), 'style');
     Stack::add('template_stylesheet', array($theme->get_url('/less/style.less'), null, array('type' => null, 'rel' => 'stylesheet/less')), 'style');
     // Add this line to your config.php to show an error and a notice
     if (defined('DEBUG_THEME')) {
         Session::error('This is a <b>sample error</b>');
         Session::notice('This is a <b>sample notice</b> for ' . $_SERVER['REQUEST_URI']);
     }
 }
	public function filter_activate_plugin( $ok, $file )
	{
		if ( Plugins::id_from_file($file) == Plugins::id_from_file(__FILE__) ) {
			if ( !$this->check_files() ) {
				EventLog::log( _t( "Habari Silo activation failed. The web server does not have permission to create the 'files' directory for the Habari Media Silo." ), 'warning', 'plugin' );
				Session::error( _t( "Habari Silo activation failed. The web server does not have permission to create the 'files' directory for the Habari Media Silo." ) );
				$ok = false;
			}
			// Don't bother loading if the gd library isn't active
			if ( !function_exists( 'imagecreatefromjpeg' ) ) {
				EventLog::log( _t( "Habari Silo activation failed. PHP has not loaded the gd imaging library." ), 'warning', 'plugin' );
				Session::error( _t( "Habari Silo activation failed. PHP has not loaded the gd imaging library." ) );
				$ok = false;
			}
		}
		return $ok;
	}
Exemplo n.º 27
0
 public function loginform_do_reset($form)
 {
     $name = $form->habari_username->value;
     if (empty($name)) {
         Session::error(_t('You must supply a username to reset its password.'));
     } else {
         if (!is_numeric($name) && ($user = User::get($name))) {
             $hash = Utils::random_password();
             $user->info->password_reset = md5($hash);
             $user->info->commit();
             $message = _t('Please visit %1$s to reset your password.', array(URL::get('auth', array('page' => 'password_reset', 'id' => $user->id, 'hash' => $hash))));
             Utils::mail($user->email, _t('[%1$s] Password reset request for %2$s', array(Options::get('title'), $user->displayname)), $message);
         }
         // Moving this inside the check for user existence would allow attackers to test usernames, so don't
         Session::notice(_t('A password reset request has been sent to the user.'));
     }
 }
Exemplo n.º 28
0
 /**
  * Constructor for FileCache
  *
  * Sets up paths etc. and reads cache index, if it exists.
  */
 public function __construct()
 {
     if (!defined('FILE_CACHE_LOCATION')) {
         define('FILE_CACHE_LOCATION', HABARI_PATH . '/user/cache/');
     }
     $this->cache_location = FILE_CACHE_LOCATION;
     $this->index_file = $this->cache_location . md5('index' . Options::get('GUID')) . '.data';
     $this->enabled = is_writeable($this->cache_location);
     if ($this->enabled) {
         if (file_exists($this->index_file)) {
             $this->cache_files = unserialize(file_get_contents($this->index_file));
         }
     } else {
         Session::error(_t("The cache directory '%s' is not writable - the cache is disabled. The user, or group, which your web server is running as, needs to have read, write, and execute permissions on this directory.", array($this->cache_location)), 'filecache');
         EventLog::log(_t("The cache directory '%s' is not writable - the cache is disabled.", array($this->cache_location)), 'notice', 'cache', 'habari');
     }
 }
Exemplo n.º 29
0
 public function login($params = [])
 {
     Session::$error = FALSE;
     $email = isset($_POST['email']) ? $_POST['email'] : '';
     $password = isset($_POST['password']) ? $_POST['password'] : '';
     $user = AdminUser::read_one($params['email']);
     if (!isset($user['username'])) {
         header('Location: https://www.winwrap.com/web/basic/support/login.asp?A=' . urlencode($email) . '&P=' . urlencode($password));
     } else {
         if (isset($_POST['email'])) {
             Session::$error = Session::authorize_admin($email, $password);
         }
         if (Session::$error) {
             Render::php(HTML . 'login.php');
         } else {
             header('Location: ' . SUBDIR . '/md/doc-editor');
         }
     }
 }
Exemplo n.º 30
-1
 public function filter_post_content($content, Post $post)
 {
     if ($post->info->password) {
         // if user logged in, show post
         // make sure it's not just the anonymous user!
         $user = User::identify();
         if ($user instanceof User && $user != User::anonymous()) {
             return $content;
         }
         $session = Session::get_set('post_passwords', false);
         $token = Utils::crypt('42' . $post->info->password . $post->id . Options::get('GUID'));
         // if password was submitted verify it
         if (Controller::get_var('post_password') && Controller::get_var('post_password_id') == $post->id) {
             $pass = InputFilter::filter(Controller::get_var('post_password'));
             if (Utils::crypt($pass, $post->info->password)) {
                 Session::add_to_set('post_passwords', $token, $post->id);
                 $session[$post->id] = $token;
             } else {
                 Session::error(_t('That password was incorrect.', 'postpass'));
             }
         }
         // if password is stored in session verify it
         if (isset($session[$post->id]) && $session[$post->id] == $token) {
             return $content;
         } else {
             $theme = Themes::create();
             $theme->post = $post;
             return $theme->fetch('post_password_form');
         }
     } else {
         return $content;
     }
 }