public static function getForm($errors = array()) { global $cfg; if (LOGGED) { redirect(REFERER); } $note = new Notifier(); $err = new Error(); if ($errors) { $note->error($errors); } if ($_POST['login'] && $_POST['module']) { $form = array('logname' => $_POST['logname-session'] ? filter($_POST['logname-session'], 100) : '', 'password' => $_POST['password-session'] ? filter($_POST['password-session'], 100) : ''); $err->setError('empty_logname', t('Logname field is required.'))->condition(!$form['logname']); $err->setError('logname_not_exists', t('The logname you used isn't registered.'))->condition($form['logname'] && !User::loginNameRegistered($form['logname'])); $err->setError('password_empty', t('Password field is required.'))->condition(!$form['password']); $err->setError('password_invalid', t('Password is invalid.'))->condition($form['password'] && !User::loginPasswordCorrect($form['password'])); $err->noErrors() ? redirect(REFERER) : $note->restore()->error($err->toArray()); } $tpl = new PHPTAL('modules/login/form.html'); $tpl->form = $form; $tpl->err = $err->toArray(); $tpl->note = $note; echo $tpl->execute(); }
public function Exists() { $field = get('field', 'txt'); $value = get('value', 'txt'); if (false != ($f = filter($value))) { exit(jsonEncode(array('status'=>'failed','result'=>$f))); } $allows = array( 'email', 'name', 'phone' ); if (false !== array_search($field, $allows)) { $r = false; if('name' == $field) { $r = account()->invaidAccount($value); } elseif ('email' == $field) { $r = account()->invaidAccount(null, null, $value); } if($r) { $ops = array('status'=>'failed','result' => $r); } else { if ($field == 'phone' && !ini('member.phone.unique')){ $r = false; }else{ $r = account()->Exists($field, $value); } $ops = array('status' => 'ok','result' => $r); } }else{ $ops = array('status'=>'failed','result' => __('未允许字段')); } exit(jsonEncode($ops)); }
function startjournal($sitename, $user) { global $module_name; $user = filter($user, "nohtml"); $sitename = filter($sitename, "nohtml"); if (is_user($user)) { $j_user1 = "<center>[ <a href=\"modules.php?name={$module_name}\">" . _JOURNALDIR . "</a> | <a href=\"modules.php?name={$module_name}&file=edit\">" . _YOURJOURNAL . "</a> ]</center>"; $j_user2 = ""; } else { $j_user1 = "<center>[ <a href=\"modules.php?name={$module_name}\">" . _JOURNALDIR . "</a> | <a href=\"modules.php?name=Your_Account&op=new_user\">" . _CREATEACCOUNT . "</a> ]</center>"; $j_user2 = "<br><center><font class=\"tiny\">" . _MEMBERSCAN . "</font></center>"; } title("{$sitename}: " . _USERSJOURNAL . ""); if (is_user($user)) { include "modules/Your_Account/navbar.php"; OpenTable(); nav(); CloseTable(); echo "<br>"; } OpenTable(); echo "<center><img src=modules/{$module_name}/images/bgimage.gif><br><font class=title><b>" . _USERSJOURNAL . "</b></font></center>"; echo "{$j_user1}"; echo "{$j_user2}"; CloseTable(); }
function sendEmail($name, $email, $message) { $to = get_option('smcf_to_email'); $subject = get_option('smcf_subject'); // Filter name $name = filter($name); // Filter and validate email $email = filter($email); if (!validateEmail($email)) { $subject .= " - invalid email"; $message .= "\n\nBad email: {$email}"; $email = $to; } // Add additional info to the message if (get_option('smcf_ip')) { $message .= "\n\nIP: " . $_SERVER['REMOTE_ADDR']; } if (get_option('smcf_ua')) { $message .= "\n\nUSER AGENT: " . $_SERVER['HTTP_USER_AGENT']; } // Set and wordwrap message body $body = "From: {$name}\n\n"; $body .= "Message: {$message}"; $body = wordwrap($body, 70); // Build header $header = "From: {$email}\n"; $header .= "X-Mailer: PHP/SimpleModalContactForm"; // Send email - suppress errors @mail($to, $subject, $body, $header) or die('Unfortunately, your message could not be delivered.'); }
function hreferer() { global $bgcolor2, $prefix, $db, $admin_file; include "header.php"; GraphicAdmin(); OpenTable(); echo "<center><font class=\"title\"><b>" . _HTTPREFERERS . "</b></font></center>"; CloseTable(); echo "<br>"; OpenTable(); echo "<center><b>" . _WHOLINKS . "</b></center><br><br>" . "<table border=\"0\" width=\"100%\">"; $row = $db->sql_fetchrow($db->sql_query("SELECT httprefmode from " . $prefix . "_config")); $httprefmode = intval($row['httprefmode']); $result = $db->sql_query("SELECT rid, url from " . $prefix . "_referer"); while ($row = $db->sql_fetchrow($result)) { $rid = intval($row['rid']); $url = filter($row['url'], "nohtml"); $url2 = urlencode($url); $title = $url; if ($httprefmode == 1) { $url = explode("/", $url); $url = "http://{$url['2']}"; } echo "<tr><td bgcolor=\"{$bgcolor2}\"><font class=\"content\">{$rid}</td>" . "<td bgcolor=\"{$bgcolor2}\"><font class=\"content\"><a href=\"index.php?url={$url2}\" target=\"_new\" title=\"{$title}\">{$url}</a></td></tr>"; } echo "</table>" . "<form action=\"" . $admin_file . ".php\" method=\"post\">" . "<input type=\"hidden\" name=\"op\" value=\"delreferer\">" . "<center><input type=\"submit\" value=\"" . _DELETEREFERERS . "\"></center>"; CloseTable(); include "footer.php"; }
function solution($list) { $acc = 1; $func = function ($item, $acc) { return $acc * $item; }; $cellItAll = map($list, function ($item) { //map return ceil($item); }); $leaveJustEven = filter($cellItAll, function ($item) { //filter return $item % 2 == 0; }); $multiplyKill = accumulate($leaveJustEven, $func, $acc); //reduce ###################################################### // one line solution // return accumulate(filter(map($list, function($item) { // return ceil($item); // }), function($item) { // return $item % 2 == 0; // }), function($item, $acc) { // return $acc * $item; // }, $acc); return $multiplyKill; }
function page_protect() { session_start(); global $db; if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) { if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])) { $cookie_user_id = filter($_COOKIE['user_id']); $rs_ctime = mysql_query("select `ckey`,`ctime` from `users` where `id` ='{$cookie_user_id}'") or die(mysql_error()); list($ckey, $ctime) = mysql_fetch_row($rs_ctime); if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) { logout(); } if (!empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)) { session_regenerate_id(); //against session fixation attacks. $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_name'] = $_COOKIE['user_name']; list($user_level) = mysql_fetch_row(mysql_query("select user_level from users where id='{$_SESSION['user_id']}'")); $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: login.php"); exit; } } }
function sendEmail($subject, $content, $emailto, $emailfrom) { $from = $emailfrom; $response_sent = 'Thank you. Your comments have been received.'; $response_error = 'Error. Please try again.'; $subject = filter($subject); $url = "Origin Page: " . $_SERVER['HTTP_REFERER']; $ip = "IP Address: " . $_SERVER["REMOTE_ADDR"]; $message = $content . "\n{$ip}\r\n{$url}"; // Validate return email & inform admin $emailto = filter($emailto); // Setup final message $body = wordwrap($message); if ($use_smtp == '1') { $SmtpServer = 'SMTP SERVER'; $SmtpPort = 'SMTP PORT'; $SmtpUser = '******'; $SmtpPass = '******'; $to = $emailto; $SMTPMail = new SMTPClient($SmtpServer, $SmtpPort, $SmtpUser, $SmtpPass, $from, $to, $subject, $body); $SMTPChat = $SMTPMail->SendMail(); $response = $SMTPChat ? $response_sent : $response_error; } else { // Create header $headers = "From: {$from}\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/plain; charset=utf-8\r\n"; $headers .= "Content-Transfer-Encoding: quoted-printable\r\n"; // Send email $mail_sent = @mail($emailto, $subject, $body, $headers); $response = $mail_sent ? $response_sent : $response_error; } return $response; }
public function getContent() { global $sql; //Lang::load('blocks/shoutbox/lang.*.php'); $err = new Error(); $note = new Notifier('note-shoutbox'); $form['author'] = LOGGED ? User::$nickname : ''; $form['message'] = ''; if (isset($_POST['reply-shoutbox'])) { $form['author'] = LOGGED ? User::$nickname : filter($_POST['author-shoutbox'], 100); $form['message'] = filter($_POST['message-shoutbox'], Kio::getConfig('message_max', 'shoutbox')); $err->setError('author_empty', t('Author field is required.'))->condition(!$form['author']); $err->setError('author_exists', t('Entered nickname is registered.'))->condition(!LOGGED && is_registered($form['author'])); $err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']); // No errors if ($err->noErrors()) { $sql->exec(' INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip) VALUES ( ' . TIMESTAMP . ', "' . $form['author'] . '", "' . cut($form['message'], Kio::getConfig('message_max', 'shoutbox')) . '", ' . UID . ', "' . IP . '")'); $sql->clearCache('shoutbox'); $note->success(t('Entry was added successfully.')); redirect(HREF . PATH . '#shoutbox'); } else { $note->error($err->toArray()); } } // If cache for shoutbox doesn't exists if (!($entries = $sql->getCache('shoutbox'))) { $query = $sql->query(' SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message FROM ' . DB_PREFIX . 'shoutbox s LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = s.author_id ORDER BY s.id DESC LIMIT ' . Kio::getConfig('limit', 'shoutbox')); while ($row = $query->fetch()) { if ($row['author_id']) { $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']); $row['message'] = parse($row['message'], Kio::getConfig('parser', 'shoutbox')); } $entries[] = $row; } $sql->putCacheContent('shoutbox', $entries); } try { $tpl = new PHPTAL('blocks/shoutbox/shoutbox.tpl.html'); $tpl->entries = $entries; $tpl->err = $err->toArray(); $tpl->form = $form; $tpl->note = $note; return $tpl->execute(); } catch (Exception $e) { return template_error($e->getMessage()); //echo Note::error($e->getMessage()); } }
/** * 返回给定字符串的分词后的结果 * * @param string 给定的字符串,默认从GET传参 * @return array 分词后的结果,一个索引数组 */ function getSegmentation($str = '') { //$text = !empty($str) ? $str : I('request.keywords', ''); $text = !empty($str) ? $str : $_REQUEST['keyword']; $text = urldecode($text); if ($text != "") { $stime = microtime(true); if (strlen($text) <= 20480) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "http://192.168.120.47:1985"); $text = iconv("UTF-8", "GBK//IGNORE", $text); curl_setopt($ch, CURLOPT_POSTFIELDS, urlencode($text)); //增加这个选项后 curl_exec就会返回分词后的内容 而不是true or false curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); $result = iconv("GBK", "UTF-8//IGNORE", $result); $result = urldecode($result); curl_close($ch); } else { //字段太长则返回false return false; //echo "为防止恶意攻击,文字内容大小限制在了20KB以内。"; } $etime = microtime(true); $total = $etime - $stime; //echo '<br>',$total; //echo '<pre>'; return filter(explode(' ', $result)); } }
public static function login($db, $sess_type = SESSION_TYPE) { if ($admin = $sess_type()) { return $admin; } if (isset($_POST['username']) && isset($_POST['password'])) { $username = filter($_POST['username']); $password = filter($_POST['password']); if ($username === '' || $password === '') { return '用户名或密码不能为空!'; } $sql = "select * from user where username='******' and password='******' and gid=2 limit 1"; if (!($result = $conn->query($sql))) { return ERROR::err('SQL语句有误!'); } if (!($admin = $result->fetch_assoc())) { return '用户名或密码错误!'; } $sess_type .= '_l'; return $sess_type($admin); } else { include ABSPATH . TPLPATH . 'login.html'; return $login_html; } }
public static function bootstrap() { $inis = glob(TH_ROOT . TH_CONTENT . 'libraries/*/*.ini'); foreach ($inis as $ini) { $info = parse_ini_file($ini); $dir = explode('/', dirname($ini)); $dir = end($dir) . '/'; $info = filter('library_library_info', $info); if (array_key_exists('js_file', $info)) { $info['js_file'] = (array) $info['js_file']; array_walk($info['js_file'], 'Library::prependPATH', $dir); } else { $info['js_file'] = array(); } if (array_key_exists('css_file', $info)) { $info['css_file'] = (array) $info['css_file']; array_walk($info['css_file'], 'Library::prependPATH', $dir); } else { $info['css_file'] = array(); } if (array_key_exists('php_file', $info)) { $info['php_file'] = (array) $info['php_file']; array_walk($info['php_file'], 'Library::prependPATH', $dir); } else { $info['php_file'] = array(); } $info['file'] = array('js' => $info['js_file'], 'css' => $info['css_file'], 'php' => $info['php_file']); if (array_key_exists('depends_on', $info)) { $info['depends_on'] = (array) $info['depends_on']; } else { $info['depends_on'] = array(); } self::register($info['type'], $info['name'], $info['file'], $info['importance'], $info['depends_on']); } }
function sendEmail($name, $email, $message) { global $to, $subject, $extra; // Filter name $name = filter($name); // Filter and validate email $email = filter($email); if (!validateEmail($email)) { $subject .= " - invalid email"; $message .= "\n\nBad email: $email"; $email = $to; } // Add additional info to the message if ($extra['ip']) { $message .= "\n\nIP: " . $_SERVER['REMOTE_ADDR']; } if ($extra['user_agent']) { $message .= "\n\nUSER AGENT: " . $_SERVER['HTTP_USER_AGENT']; } // Set and wordwrap message body $body = "From: $name\n\n"; $body .= "Message: $message"; $body = wordwrap($body, 70); // Build header $header = "From: $email\n"; $header .= "X-Mailer: PHP/SimpleModalContactForm"; // Send email @mail($to, $subject, $body, $header) or die('Unfortunately, your message could not be delivered.'); }
public function getContent() { // User is logged in if (LOGGED) { $this->subcodename = 'logged'; $tpl = new PHPTAL('blocks/user_panel/logged.html'); $tpl->user = User::format(User::$id, User::$nickname, User::$groupId); $pm_item = User::$pmNew ? array(t('Messages <strong>(New: %new)</strong>', array('%new' => $user->pm_new)), 'pm/inbox') : array(t('Messages'), 'pm'); $tpl->items = items(array($pm_item[0] => HREF . $pm_item[1], t('Administration') => HREF . 'admin', t('Edit profile') => HREF . 'edit_profile', t('Log out') => HREF . 'logout')); return $tpl->execute(); } else { $err = new Error(); $note = new Notifier('note-user_panel'); $this->subcodename = 'not_logged'; $form = array('logname' => null, 'password' => null); if ($_POST['login'] && $_POST['user_panel']) { $form['logname'] = $_POST['logname-session'] ? filter($_POST['logname-session'], 100) : ''; $form['password'] = $_POST['password-session'] ? $_POST['password-session'] : ''; $err->setError('logname_empty', t('Logname field is required.'))->condition(!$form['logname']); $err->setError('logname_not_exists', t('Entered logname is not registered.'))->condition(!User::loginNameRegistered($form['logname'])); $err->setError('password_empty', t('Password field is required.'))->condition(!$form['password']); $err->setError('password_incorrect', t('ERROR_PASS_INCORRECT'))->condition($form['password'] && !User::loginPasswordCorrect($form['password'])); if ($err->noErrors()) { redirect('./'); } else { $note->error($err->toArray()); } } $tpl = new PHPTAL('blocks/user_panel/not_logged.html'); $tpl->note = $note; $tpl->form = $form; $tpl->err = $err->toArray(); return $tpl->execute(); } }
public function getrelayipAction() { global $_u, $_c, $_p; $relay_name = filter($_c->getUriParams(1)); $lighthouse_url = LIGHTHOUSE_HOST . '/getrelayip/' . $relay_name; echo $relay_host = trim(implode(file($lighthouse_url))); }
function getMovieLinks($inputString) { $json = json_decode(file_get_contents("data.json"), true); $minEditDistance = strlen($inputString) + 1; $minMovieLink = ""; $finalList = array(); $inputString = filter($inputString); foreach ($json as $movieName => $movieLink) { $currentEditDistance = getEditDistance($inputString, filter($movieName)); if ($currentEditDistance < $minEditDistance) { $minEditDistance = $currentEditDistance; $finalList = array(); $finalList[$movieName] = $movieLink; } else { if ($currentEditDistance == $minEditDistance) { $finalList[$movieName] = $movieLink; } } } /* foreach($finalList as $movieName=>$movieLink) echo $movieName." ".$movieLink."<br>"; */ return $finalList; }
public function add() { //关闭数据库缓存 $this->db->cache_off(); $token = $this->input->post('token', TRUE); $add['neir'] = $this->input->post('neir', TRUE); $add['neir'] = filter(get_bm($add['neir'])); if (User_BookFun == 0) { $error = '10000'; } elseif (!isset($_SESSION['gbooktoken']) || $token != $_SESSION['gbooktoken']) { $error = '10001'; } elseif (empty($add['neir'])) { $error = '10002'; } else { $add['uidb'] = isset($_SESSION['cscms__id']) ? intval($_SESSION['cscms__id']) : 0; $add['cid'] = 1; $add['ip'] = getip(); $add['addtime'] = time(); $ids = $this->CsdjDB->get_insert('gbook', $add); if (intval($ids) == 0) { $error = '10003'; //失败 } else { //摧毁token unset($_SESSION['token']); $error = '10004'; } } $data['error'] = $error; echo json_encode($data); }
public static function display() { $messages = ""; if ($_POST['cc_form'] === 'add-group') { $group = $_POST['group']; $rows = Database::select('users', 'name', array('name = ? AND type = ?', $group, 'group'), null, 1)->fetch(PDO::FETCH_ASSOC); if (!empty($rows)) { $messages .= Message::error(__('admin', 'group-in-use')); } else { $row = DB::select('users', array('data'), array('users_id = ?', $_GET['parent']))->fetch(PDO::FETCH_ASSOC); $inheritance = unserialize($row['data']); $inheritance = $inheritance['permissions']; $result = Database::insert('users', array('name' => filter('admin_add_group_name', $group), 'type' => 'group', 'group' => '-1', 'data' => serialize(filter('admin_add_group_data', array('permissions' => $inheritance))))); if ($result === 1) { $messages .= Message::success(__('admin', 'group-added')); } } } $form = new Form('self', 'post', 'add-group'); $form->startFieldset(__("admin", 'group-information')); $form->addInput(__('admin', 'group-name'), 'text', 'group', self::get('group')); $groups = Users::allGroups(); foreach ($groups as $key => $value) { $groups[$value->getId()] = $value->getName(); } $form->addSelectList(__('admin', 'inherit-permissions'), 'parent', $groups); plugin('admin_add_group_custom_fields', array(&$form)); $form->addSubmit('', 'add-group', __('admin', 'add-group')); $form->endFieldset(); plugin('admin_add_group_custom_fieldset', array(&$form)); $form = $form->endAndGetHTML(); return array(__('admin', 'add-group'), $messages . $form); }
public function testHelpersFacade() { $this->assertInstanceOf(\Clarity\Support\Auth\Auth::class, auth()); $this->assertInstanceOf(\Phalcon\Config::class, config()); $this->assertInstanceOf(\Phalcon\Mvc\Dispatcher::class, dispatcher()); $this->assertInstanceOf(\Phalcon\Filter::class, filter()); $this->assertInstanceOf(\Phalcon\Flash\Direct::class, flash()->direct()); $this->assertInstanceOf(\Phalcon\Flash\Session::class, flash()->session()); $this->assertInstanceOf(\League\Flysystem\Filesystem::class, flysystem()); $this->assertInstanceOf(\League\Flysystem\MountManager::class, flysystem_manager()); $this->assertInstanceOf(\Clarity\Support\Redirect\Redirect::class, redirect()); $this->assertInstanceOf(\Clarity\Support\Phalcon\Http\Request::class, request()); $this->assertInstanceOf(\Phalcon\Http\Response::class, response()); $this->assertInstanceOf(\Phalcon\Mvc\Router::class, route()); $this->assertInstanceOf(\Phalcon\Security::class, security()); $this->assertInstanceOf(\Phalcon\Tag::class, tag()); $this->assertInstanceOf(\Phalcon\Mvc\Url::class, url()); $this->assertInstanceOf(\Phalcon\Mvc\View::class, view()); # getting an error, will check later on $this->assertInstanceOf(\Monolog\Logger::class, logger()); # adapter base functions // $this->assertInstanceOf(, cache()); // $this->assertInstanceOf(, db()); // $this->assertInstanceOf(, queue()); // $this->assertInstanceOf(, session()); $this->assertContains(url()->getBaseUri() . 'auth/login', route('showLoginForm')); $this->assertInstanceOf(\Phalcon\Mvc\View::class, view('welcome')); }
function DoAdd() { $this->_check_login(); $longtext = $this->Post['longtext'] ? $this->Post['longtext'] : $this->Get['longtext']; if ('' == trim(strip_tags($longtext))) { json_error('内容不能为空'); } $f_rets = filter($longtext); if ($f_rets && $f_rets['error']) { json_error('内容 ' . $f_rets['msg']); } $data_length_limit = $this->Config['topic_cut_length'] * 2; $retval_data = trim(strip_tags($longtext)); $retval_data_length = strlen($retval_data); $ret = 0; $ret_msg = ''; if ($retval_data_length > $data_length_limit) { $ret = $this->LongtextLogic->add($longtext); if ($ret < 1) { json_error('内容添加失败'); } else { $ret_msg = '内容添加成功'; } } else { $ret_msg = '内容长度过短,点击确定按钮直接发起一条微博'; } $retval = array('id' => $ret, 'data' => cut_str($retval_data, $data_length_limit, '')); json_result($ret_msg, $retval); }
function __invoke($value) { foreach ($this->filters as $filter) { $value = filter($value, $filter); } return $value; }
public static function GetDatasource($datasource,$offset=null,$limit=null,&$count=null) { // format for datasource is: // controller://path/path?arg1=val&q=asdads asd ad ad&arg=[123,232,123] // channel://channel/datasource?arg1=val&q=asdads asd ad ad&arg=[123,232,123] // model://profiles/profile_view?arg1!=val&q=asdads asd ad ad&arg=[123,232,123] $matches=array(); if (preg_match_all('#^([^:]*):\/\/([^?]*)(.*)$#',$datasource,$matches)) { switch($matches[1][0]) { case 'controller': return Dispatcher::Call($matches[2][0]); case 'model': $parsed=explode('.',$matches[2][0]); if (count($parsed)==2) { $filter=filter($matches[2][0]); if ($offset) $filter->offset=$offset; if ($limit) $filter->limit=$limit; if ($matches[3][0]!='') $filter->parse(trim($matches[3][0],'?')); if ($count==null) $count=$filter->get_count(); return $filter->find(); } return null; case 'channel': $parsed=explode('/',$matches[2][0]); $channel=Channel::Get($parsed[0]); $query=trim($matches[3][0],'?'); $args=array(); if ($query!="") { $items=explode('&',$query); foreach($items as $item) { $element=explode('=',$item); $args[trim($element[0])]=trim($element[1]); } } return $channel->datasource($parsed[1],$offset,$limit,$count,$args); } } }
function COOKIE($cookie) { if (isset($_COOKIE[$cookie])) { return filter($_COOKIE[$cookie]); } else { return FALSE; } }
public function __construct(array $config = []) { $this->config = config(['title' => 'Sphido CMS', 'cache' => false, 'content' => realpath(getcwd() . '/pages/'), 'meta' => ['template' => getcwd() . '/layout.latte']], $config, is_file(getcwd() . '/config.php') ? include_once getcwd() . '/config.php' : []); \route\map([404, 500], new MissingPage()); // add error handler \route\map(filter(Sphido::class, $this)); // pages handler }
public function testFilter() { $range = range(-5, 5); $filtered = filter(function ($n) { return $n < 0; }, $range); $this->assertSame([-5, -4, -3, -2, -1], toArray($filtered)); }
/** * Includes the theme file for the given theme. (it is pretty important). * * @param string $theme The name of the theme! */ function cc_theme_include($theme) { plugin('core_theme_include', array($theme)); $file = filter('core_theme_include', TH_ROOT . TH_THEMES . $theme . '/index.tpl.php'); if (file_exists($file)) { require_once $file; } }
public function testBadCombinator() { try { filter('ID')->equal->value('value')->foo->filter('FOO')->not_equal->value('bar'); $this->fail('Bad combinator should have raised exception!'); } catch (AfsUnknownCombinatorException $e) { } }
function myFunc($input) { $output = $input; // Do something $output = filter('myFuncFilter', $output); // Call filter function for the any filters hooked to myFuncFilter return $output; // Return }
function page_protect() { //session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/sessions')); //session_save_path('/hermes/bosweb/web032/b328/ipg.undosonet/miconexionv173/sitio-php/sessions'); //ini_set('session.gc_probability', 1); //echo session_save_path(realpath(dirname($_SERVER['DOCUMENT_ROOT']) . '/sessions')); session_start(); global $db; /* Secure against Session Hijacking by checking user agent */ if (isset($_SESSION['HTTP_USER_AGENT'])) { if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT'])) { logout(); exit; } } // before we allow sessions, we need to check authentication key - ckey and ctime stored in database /* If session not set, check for cookies set by Remember me */ if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name'])) { if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])) { /* we double check cookie expiry time against stored in database */ $cookie_user_id = filter($_COOKIE['user_id']); $stmt = $conn->prepare('SELECT `ckey`,`ctime` FROM users WHERE id = :Id'); $stmt->execute(array('Id' => $cookie_user_id)); $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); foreach ($rows as $row) { $ckey = $row["ckey"]; $ctime = $row["ctime"]; } // coookie expiry if (time() - $ctime > 60 * 60 * 24 * COOKIE_TIME_OUT) { logout(); } /* Security check with untrusted cookies - dont trust value stored in cookie. /* We also do authentication check of the `ckey` stored in cookie matches that stored in database during login*/ if (!empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)) { session_regenerate_id(); //against session fixation attacks. $_SESSION['user_id'] = $_COOKIE['user_id']; $_SESSION['user_name'] = $_COOKIE['user_name']; /* query user level from database instead of storing in cookies */ $stmt2 = $conn->prepare("SELECT user_level FROM users WHERE id= :Id"); $stmt2->execute(array('Id' => $_SESSION[user_id])); $rows = $stmt2->fetchAll(PDO::FETCH_ASSOC); foreach ($rows as $row) { $user_level = $row["user_level"]; } $_SESSION['user_level'] = $user_level; $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']); } else { logout(); } } else { header("Location: login.php"); exit; } } }
function SESSION($session, $value = false) { if (!$value) { return isset($_SESSION[$session]) ? $_SESSION[$session] : false; } else { $_SESSION[$session] = filter($value); } return true; }