public function __construct()
{
if (get_magic_quotes_runtime()) {
@set_magic_quotes_runtime(0);
}
if (get_magic_quotes_gpc()) {
$_POST = $this->strip_slashes($_POST);
$_GET = $this->strip_slashes($_GET);
$_SESSION = $this->strip_slashes($_SESSION);
$_COOKIE = $this->strip_slashes($_COOKIE);
}
if (defined('XIAOCMS_ADMIN') || defined('XIAOCMS_MEMBER')) {
define('SITE_PATH', self::get_a_url());
} else {
define('SITE_PATH', self::get_base_url());
}
if (!is_file(XIAOCMS_PATH . 'data/install.lock')) {
self::redirect(url('install/index'));
}
if (is_file(XIAOCMS_PATH . 'member' . DIRECTORY_SEPARATOR . 'index.php')) {
define('XIAOCMS_MEMBER', XIAOCMS_PATH . 'member' . DIRECTORY_SEPARATOR);
}
$this->db = xiaocms::load_class('Model');
$this->view = xiaocms::load_class('view');
$this->cookie = xiaocms::load_class('cookie');
$this->session = xiaocms::load_class('session');
$this->site_config = xiaocms::load_config('config');
$this->category_cache = get_cache('category');
$this->content_model = get_cache('content_model');
$this->member_info = self::get_member_info();
$this->view->assign(array('cats' => $this->category_cache, 'member' => $this->member_info, 'site_url' => self::get_http_host() . SITE_PATH, 'site_name' => $this->site_config['site_name'], 'page' => (int) self::get('page') ? (int) self::get('page') : 1, 'site_template' => SITE_PATH . basename(TEMPLATE_DIR) . '/' . basename(SYS_THEME_DIR) . '/'));
}
function db_query($sql)
{
global $db_debug;
global $db_conn;
if ($db_debug) {
dump($sql);
}
try {
$r = $db_conn->query($sql);
} catch (PDOException $e) {
die($e->getMessage());
}
$rows = $r->fetchAll(PDO::FETCH_ASSOC);
if (!$rows) {
return false;
}
if (get_magic_quotes_runtime()) {
foreach ($rows as $row) {
foreach ($row as $k => &$v) {
$v = stripslashes($v);
}
}
}
return $rows;
}
/**
* Renders the view.
*
* @return string (X)HTML
*
* @global array The paths of system files and folders.
* @global array The configuration of the plugins.
* @global array The localization of the core.
* @global array The localization of the plugins.
*/
public function render()
{
global $pth, $plugin_cf, $tx, $plugin_tx;
$phpVersion = '5.3.0';
$ptx = $plugin_tx['advancedform'];
$imgdir = $pth['folder']['plugins'] . 'advancedform/images/';
$ok = tag('img src="' . $imgdir . 'ok.png" alt="ok"');
$warn = tag('img src="' . $imgdir . 'warn.png" alt="warning"');
$fail = tag('img src="' . $imgdir . 'fail.png" alt="failure"');
$o = tag('hr') . '<h4>' . $ptx['syscheck_title'] . '</h4>' . (version_compare(PHP_VERSION, $phpVersion) >= 0 ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_phpversion'], $phpVersion) . tag('br') . tag('br') . PHP_EOL;
foreach (array('ctype', 'mbstring', 'pcre', 'session', 'spl') as $ext) {
$o .= (extension_loaded($ext) ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_extension'], $ext) . tag('br') . PHP_EOL;
}
$o .= tag('br') . (strtoupper($tx['meta']['codepage']) == 'UTF-8' ? $ok : $warn) . ' ' . $ptx['syscheck_encoding'] . tag('br') . PHP_EOL;
$o .= (!get_magic_quotes_runtime() ? $ok : $warn) . ' ' . $ptx['syscheck_magic_quotes'] . tag('br') . PHP_EOL;
$filename = $pth['folder']['plugins'] . 'jquery/jquery.inc.php';
$o .= (file_exists($filename) ? $ok : $fail) . ' ' . $ptx['syscheck_jquery'] . tag('br') . PHP_EOL;
$filename = $pth['folder']['plugins'] . $plugin_cf['advancedform']['captcha_plugin'] . '/captcha.php';
$o .= (file_exists($filename) ? $ok : $warn) . ' ' . $ptx['syscheck_captcha_plugin'] . tag('br') . tag('br') . PHP_EOL;
foreach (array('config/', 'css/', 'languages/') as $folder) {
$folders[] = $pth['folder']['plugins'] . 'advancedform/' . $folder;
}
$folders[] = Data::folder();
foreach ($folders as $folder) {
$o .= (is_writable($folder) ? $ok : $warn) . ' ' . sprintf($ptx['syscheck_writable'], $folder) . tag('br') . PHP_EOL;
}
return $o;
}
function session($configfile)
{
if (get_magic_quotes_runtime()) {
set_magic_quotes_runtime(0);
}
$ini = readINIfile("" . $configfile . "", ";");
// dabei ist ; das zeichen für einen kommentar. kann geändert werden.
for ($i = 0; $i <= 7; $i++) {
$_SESSION["color_ch" . $i] = $ini['plotter']['color_ch' . $i];
$_SESSION["temp_min" . $i] = $ini['temp_min']['temp_min' . $i];
$_SESSION["temp_max" . $i] = $ini['temp_max']['temp_max' . $i];
$_SESSION["ch_name" . $i] = $ini['ch_name']['ch_name' . $i];
$_SESSION["alert" . $i] = $ini['web_alert']['ch' . $i];
$_SESSION["ch_show" . $i] = $ini['ch_show']['ch' . $i];
}
$_SESSION["plot_start"] = $ini['ToDo']['plot_start'];
$_SESSION["plotname"] = $ini['plotter']['plotname'];
$_SESSION["plotsize"] = $ini['plotter']['plotsize'];
$_SESSION["plotbereich_min"] = $ini['plotter']['plotbereich_min'];
$_SESSION["plotbereich_max"] = $ini['plotter']['plotbereich_max'];
$_SESSION["keybox"] = $ini['plotter']['keybox'];
$_SESSION["keyboxframe"] = $ini['plotter']['keyboxframe'];
$_SESSION["pit_on"] = $ini['ToDo']['pit_on'];
$_SESSION["pit_ch"] = $ini['Pitmaster']['pit_ch'];
$_SESSION["webcam_start"] = $ini['webcam']['webcam_start'];
$_SESSION["current_temp"] = $ini['filepath']['current_temp'];
$_SESSION["pitmaster"] = $ini['filepath']['pitmaster'];
if (!isset($_SESSION["websoundalert"])) {
$_SESSION["websoundalert"] = "True";
}
}
/**
* Send a download.
*
* @since 0.1.0
*
* @param string $file An absolute file path.
*/
function satispress_send_file($file)
{
@session_write_close();
if (function_exists('apache_setenv')) {
@apache_setenv('no-gzip', 1);
}
if (get_magic_quotes_runtime()) {
@set_magic_quotes_runtime(0);
}
@ini_set('zlib.output_compression', 'Off');
@set_time_limit(0);
@ob_end_clean();
if (ob_get_level()) {
@ob_end_clean();
// Zip corruption fix.
}
nocache_headers();
header('Robots: none');
header('Content-Type: application/force-download');
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename="' . basename($file) . '";');
header('Content-Transfer-Encoding: binary');
if ($size = @filesize($file)) {
header('Content-Length: ' . $size);
}
@readfile_chunked($file) or wp_die(__('File not found', 'satispress'));
exit;
}
public function main()
{
$info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), 'ThinkPHP版本' => THINK_VERSION . ' [ <a href="http://thinkphp.cn" target="_blank">查看最新版本</a> ]', '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '剩余空间' => round(@disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO');
$this->assign('info1', $info);
// dump($info);
$this->display();
}
/**
* Returns the requirements information view.
*
* @return string The (X)HTML.
*/
function Syntaxhighlighter_systemCheck()
{
// RELEASE-TODO
global $pth, $tx, $plugin_tx;
define('SYNTAXHIGHLIGHTER_PHP_VERSION', '4.0.7');
$ptx = $plugin_tx['syntaxhighlighter'];
$imgdir = $pth['folder']['plugins'] . 'syntaxhighlighter/images/';
$ok = tag('img src="' . $imgdir . 'ok.png" alt="ok"');
$warn = tag('img src="' . $imgdir . 'warn.png" alt="warning"');
$fail = tag('img src="' . $imgdir . 'fail.png" alt="failure"');
$o = '<h4>' . $ptx['syscheck_title'] . '</h4>' . (version_compare(PHP_VERSION, SYNTAXHIGHLIGHTER_PHP_VERSION) >= 0 ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_phpversion'], SYNTAXHIGHLIGHTER_PHP_VERSION) . tag('br') . "\n";
foreach (array('pcre') as $ext) {
$o .= (extension_loaded($ext) ? $ok : $fail) . ' ' . sprintf($ptx['syscheck_extension'], $ext) . tag('br') . "\n";
}
$o .= (!get_magic_quotes_runtime() ? $ok : $fail) . ' ' . $ptx['syscheck_magic_quotes'] . tag('br') . tag('br') . "\n";
$o .= (strtoupper($tx['meta']['codepage']) == 'UTF-8' ? $ok : $fail) . ' ' . $ptx['syscheck_encoding'] . tag('br') . "\n";
$folders = array();
foreach (array('config/', 'css/', 'languages/') as $folder) {
$folders[] = $pth['folder']['plugins'] . 'syntaxhighlighter/' . $folder;
}
foreach ($folders as $folder) {
$o .= (is_writable($folder) ? $ok : $warn) . ' ' . sprintf($ptx['syscheck_writable'], $folder) . tag('br') . "\n";
}
return $o;
}
function escape($string)
{
if (get_magic_quotes_runtime()) {
$string = stripslashes($string);
}
return @mysql_real_escape_string($string, $this->link_id);
}
function get_table_def_mysql($table, $crlf)
{
global $drop, $db;
$schema_create = "";
$field_query = "SHOW FIELDS FROM {$table}";
$key_query = "SHOW KEYS FROM {$table}";
//
// If the user has selected to drop existing tables when doing a restore.
// Then we add the statement to drop the tables....
//
if ($drop == 1) {
$schema_create .= "DROP TABLE IF EXISTS {$table};{$crlf}";
}
$schema_create .= "CREATE TABLE {$table}({$crlf}";
// Ok lets grab the fields...
$result = $db->sql_query($field_query);
while ($row = $db->sql_fetchrow($result)) {
$schema_create .= ' ' . $row['Field'] . ' ' . $row['Type'];
if (!empty($row['Default'])) {
$schema_create .= ' DEFAULT \'' . $row['Default'] . '\'';
}
if ($row['Null'] != 'YES') {
$schema_create .= ' NOT NULL';
}
if ($row['Extra'] != '') {
$schema_create .= ' ' . $row['Extra'];
}
$schema_create .= ",{$crlf}";
}
// Drop the last ',$crlf' off ;)
$schema_create = preg_replace('/,' . $crlf . '$/', '', $schema_create);
// Get any Indexed fields from the database...
$result = $db->sql_query($key_query);
while ($row = $db->sql_fetchrow($result)) {
$kname = $row['Key_name'];
if ($kname != 'PRIMARY' && $row['Non_unique'] == 0) {
$kname = "UNIQUE|{$kname}";
}
if (!is_array($index[$kname])) {
$index[$kname] = array();
}
$index[$kname][] = $row['Column_name'];
}
while (list($x, $columns) = @each($index)) {
$schema_create .= ", {$crlf}";
if ($x == 'PRIMARY') {
$schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')';
} elseif (substr($x, 0, 6) == 'UNIQUE') {
$schema_create .= ' UNIQUE ' . substr($x, 7) . ' (' . implode($columns, ', ') . ')';
} else {
$schema_create .= ' KEY ' . $x . '(' . implode($columns, ', ') . ')';
}
}
$schema_create .= "{$crlf});";
if (get_magic_quotes_runtime()) {
return stripslashes($schema_create);
} else {
return $schema_create;
}
}
function MagicQuotesRuntimeSetting()
{
@ini_set("magic_quotes_runtime", 0);
if (version_compare('5.4', PHP_VERSION, '>') && function_exists('set_magic_quotes_runtime') && get_magic_quotes_runtime()) {
@set_magic_quotes_runtime(false);
}
}
function un_quoting_run($str)
{
if (!get_magic_quotes_runtime()) {
return stripslashes($str);
}
return $str;
}
public function main()
{
$count = array();
$article = M('article');
$type = M('type');
$link = M('link');
$hd = M('flash');
$ping = M('pl');
$guest = M('guestbook');
$count['article'] = $article->count();
//文章总数
$count['narticle'] = $article->where('status=0')->count();
//未审核文章总数
$count['guestbook'] = $guest->count();
//留言总数
$count['nguestbook'] = $guest->where('status=0')->count();
//未审核留言总数
$count['type'] = $type->count();
//栏目总数
$count['link'] = $link->count();
//链接总数
$count['hd'] = $hd->count();
//幻灯总数
$count['ping'] = $ping->count();
//评论总数
$count['nping'] = $ping->where('status=0')->count();
//未审核评论
$this->assign('count', $count);
unset($article, $type, $link, $hd, $ping, $guest);
$info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '剩余空间' => round(@disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO');
$this->assign('info', $info);
$this->display('main');
}
public static function sds_init_error_warning()
{
if ((int) Configuration::get('config_maintenance') == 1) {
echo "<div class='alert alert-warning'>Maintenance mode is enabled. This may cause functional problem at your slider revolution module.</div>";
if (!in_array(Tools::getRemoteAddr(), explode(',', Configuration::get('PS_MAINTENANCE_IP')))) {
echo "<div class='alert alert-warning'>It's seemed that your IP is not present in Maintenance IP.</div>";
}
}
if (get_magic_quotes_gpc()) {
echo "<div class='alert alert-warning'>magic_quotes_gpc is enabled. This may cause functional problem at your slider revolution module. Please disable magic_quotes_gpc.</div>";
}
if (get_magic_quotes_runtime()) {
echo "<div class='alert alert-warning'>magic_quotes_runtime is enabled. This may cause functional problem at your slider revolution module. Please disable magic_quotes_runtime.</div>";
}
if (!defined('ABSPATH')) {
echo "<div class='alert alert-warning'>Fatal Error: 'ABSPATH' isn't defined.</div>";
return;
}
if (!is_writable(ABSPATH . '/uploads')) {
echo "<div class='alert alert-warning'>'" . ABSPATH . "/uploads' folder is not writeable. Change the folder permission.</div>";
}
if (!is_writable(ABSPATH . '/rs-plugin/css')) {
echo "<div class='alert alert-warning'>'" . ABSPATH . "/rs-plugin/css' folder is not writeable. Change the folder permission.</div>";
}
// if(!is_executable(ABSPATH.'/rs-plugin/fileuploader/uploadify.php')){
// echo "<div class='alert alert-warning'>'".ABSPATH."/rs-plugin/fileuploader/uploadify.php' file is not executable. Change the file permission.</div>";
// }
if (!is_writable(ABSPATH . '/cache')) {
echo "<div class='alert alert-warning'>'" . ABSPATH . "/cache' folder is not writeable. Change the folder permission.</div>";
}
}
function Pommo_Db($username = NULL, $password = NULL, $database = NULL, $hostname = NULL, $tablePrefix = NULL)
{
// turn off magic quotes runtime
if (get_magic_quotes_runtime()) {
if (!set_magic_quotes_runtime(0)) {
Pommo::kill('Could not turn off PHP\'s magic_quotes_runtime');
}
}
$this->_prefix = $tablePrefix;
$this->_database = $database;
$this->table = array('config' => '`' . $tablePrefix . 'config`', 'fields' => '`' . $tablePrefix . 'fields`', 'group_rules' => '`' . $tablePrefix . 'group_rules`', 'groups' => '`' . $tablePrefix . 'groups`', 'mailing_notices' => '`' . $tablePrefix . 'mailing_notices`', 'mailing_current' => '`' . $tablePrefix . 'mailing_current`', 'mailings' => '`' . $tablePrefix . 'mailings`', 'scratch' => '`' . $tablePrefix . 'scratch`', 'subscriber_data' => '`' . $tablePrefix . 'subscriber_data`', 'subscriber_pending' => '`' . $tablePrefix . 'subscriber_pending`', 'subscriber_update' => '`' . $tablePrefix . 'subscriber_update`', 'subscribers' => '`' . $tablePrefix . 'subscribers`', 'templates' => '`' . $tablePrefix . 'templates`', 'queue' => '`' . $tablePrefix . 'queue`', 'updates' => '`' . $tablePrefix . 'updates`');
$this->_dieOnQuery = TRUE;
$this->_debug = FALSE;
$this->_results = array();
// connect to mysql database using config variables from poMMo class (set in setup/config.php).
// supress errors to hide login information...
$this->_link = mysql_connect($hostname, $username, $password);
if (!$this->_link) {
Pommo::kill(Pommo::_T('Could not establish database connection.') . ' ' . Pommo::_T('Verify your settings in config.php'));
}
if (!@mysql_select_db($database, $this->_link)) {
Pommo::kill(sprintf(Pommo::_T('Connected to database server but could not select database (%s). Does it exist?'), $database) . ' ' . Pommo::_T('Verify your settings in config.php'));
}
// Make sure any results we retrieve or commands we send use the same charset and collation as the database:
// code taken from Juliette Reinders Folmer; http://www.adviesenzo.nl/examples/php_mysql_charset_fix/
// TODO: Cache the charset?
$db_charset = mysql_query("SHOW VARIABLES LIKE 'character_set_database'", $this->_link);
$charset_row = mysql_fetch_assoc($db_charset);
mysql_query("SET NAMES '" . $charset_row['Value'] . "'", $this->_link);
unset($db_charset, $charset_row);
// setup safeSQL class
$this->_safeSQL = new SafeSQL_MySQL($this->_link);
}
public function main()
{
//$upyun_img = $this->createImgUpYun();
$info = array('操作系统' => PHP_OS, '运行环境' => $_SERVER["SERVER_SOFTWARE"], 'PHP运行方式' => php_sapi_name(), '上传附件限制' => ini_get('upload_max_filesize'), '执行时间限制' => ini_get('max_execution_time') . '秒', '服务器时间' => date("Y年n月j日 H:i:s"), '北京时间' => gmdate("Y年n月j日 H:i:s", time() + 8 * 3600), '服务器域名/IP' => $_SERVER['SERVER_NAME'] . ' [ ' . gethostbyname($_SERVER['SERVER_NAME']) . ' ]', '服务器剩余空间' => round(disk_free_space(".") / (1024 * 1024), 2) . 'M', 'register_globals' => get_cfg_var("register_globals") == "1" ? "ON" : "OFF", 'magic_quotes_gpc' => 1 === get_magic_quotes_gpc() ? 'YES' : 'NO', 'magic_quotes_runtime' => 1 === get_magic_quotes_runtime() ? 'YES' : 'NO');
$this->assign('info', $info);
$this->display();
}
/**
* Sanitizes global GET, POST and COOKIE data. Also takes care of
* magic_quotes and register_globals, if they have been enabled.
*
* @return void
*/
public function __construct()
{
// Use XSS clean?
$this->use_xss_clean = (bool) Eight::config('core.global_xss_filtering');
if (self::$instance === nil) {
// Convert all global variables to UTF-8.
$_GET = Input::clean($_GET);
$_POST = Input::clean($_POST);
$_COOKIE = Input::clean($_COOKIE);
$_SERVER = Input::clean($_SERVER);
if (PHP_SAPI == 'cli') {
// Convert command line arguments
$_SERVER['argv'] = Input::clean($_SERVER['argv']);
}
// magic_quotes_runtime is enabled
if (get_magic_quotes_runtime()) {
exit('Disable magic_quotes_runtime! It is evil and deprecated: http://php.net/magic_quotes');
}
// magic_quotes_gpc is enabled
if (get_magic_quotes_gpc()) {
exit('Disable magic_quotes_gpc! It is evil and deprecated: http://php.net/magic_quotes');
}
// register_globals is enabled
if (ini_get('register_globals')) {
exit('Disable register_globals! It is evil and deprecated: http://php.net/register_globals');
}
if (is_array($_GET)) {
foreach ($_GET as $key => $val) {
// Sanitize $_GET
$_GET[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
} else {
$_GET = array();
}
if (is_array($_POST)) {
foreach ($_POST as $key => $val) {
// Sanitize $_POST
$_POST[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
} else {
$_POST = array();
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $val) {
// Sanitize $_COOKIE
$_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
} else {
$_COOKIE = array();
}
// Create a singleton
self::$instance = $this;
Eight::log('debug', 'Global GET, POST and COOKIE data sanitized');
}
// Assign global vars to request helper vars
request::$get = $_GET;
request::$post = $_POST;
request::$input = array_merge(URI::instance()->segments(2, YES), $_REQUEST);
}
function socket_read($byte_count)
{
$mqr = get_magic_quotes_runtime();
set_magic_quotes_runtime(0);
$buffer = fread($this->socket, $byte_count);
set_magic_quotes_runtime($mqr);
return $buffer;
}
/**
* Create a new DiskKeyCache with the given $stream for cloning to make
* InputByteStreams, and the given $path to save to.
*
* @param Swift_KeyCache_KeyCacheInputStream $stream
* @param string $path to save to
*/
public function __construct(Swift_KeyCache_KeyCacheInputStream $stream, $path)
{
$this->_stream = $stream;
$this->_path = $path;
if (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime() == 1) {
$this->_quotes = true;
}
}
/**
* Constructor.
*/
public function __construct()
{
if (version_compare(PHP_VERSION, '5.4.0') < 0) {
$this->magicQuotesGpc = @get_magic_quotes_gpc();
$this->magicQuotesRuntime = @get_magic_quotes_runtime();
$this->registerGlobals = @ini_get('register_globals');
}
}
/**
* Create a new FileByteStream for $path.
*
* @param string $path
* @param boolean $writable if true
*/
public function __construct($path, $writable = false)
{
$this->_path = $path;
$this->_mode = $writable ? 'w+b' : 'rb';
if (function_exists('get_magic_quotes_runtime') && @get_magic_quotes_runtime() == 1) {
$this->_quotes = true;
}
}
/**
* Check the magic_quotes setting
*
* @return boolean Enabled/not enabled
*/
private function checkMagicQuotes()
{
if (get_magic_quotes_gpc() || get_magic_quotes_runtime()) {
$this->throwError('SECURITY WARNING: magic_quotes is enabled! ' . 'Please consider disabling');
} else {
return true;
}
}
function bhi_check_magic_quotes()
{
if (get_magic_quotes_runtime() == 0 && get_magic_quotes_gpc() == 0) {
return true;
} else {
return false;
}
}
/**
* Wrapper for get_magic_quotes_runtime
*
* @since version 0.83
*
* @return boolean
**/
static function get_magic_quotes_runtime()
{
// Deprecated function(8192): Function get_magic_quotes_runtime() is deprecated
if (PHP_VERSION_ID < 50400) {
return get_magic_quotes_runtime();
}
return 0;
}
function insql1($in)
{
if (get_magic_quotes_runtime()) {
return $in;
} else {
return addslashes($in);
}
}
/**
* Gets the current configuration setting of magic_quotes_gpc.
* And gets the current active configuration setting of magic_quotes_runtime
*/
function c_get_magic_quotes()
{
if (c_version_compare("5.4.0")) {
return (bool) (get_magic_quotes_gpc() || get_magic_quotes_runtime() ? true : false);
} else {
return false;
}
}
/**
* Check magic quote and disable it
*/
private function checkMagicQuoteRuntime()
{
// Check for magic quotes
if (get_magic_quotes_runtime()) {
// Oh god! Danger. Magic quote deprecated. Sort it out.
@set_magic_quotes_runtime(0);
}
}
/**
* Constructor. Sanitizes global data GET, POST and COOKIE data.
* Also makes sure those pesty magic quotes and register globals
* don't bother us. This is protected because it really only needs
* to be run once.
*
* @return void
*/
protected function __construct()
{
if (self::$instance === NULL) {
// Check for magic quotes
if (get_magic_quotes_runtime()) {
// Dear lord!! This is bad and deprected. Sort it out ;)
set_magic_quotes_runtime(0);
}
if (get_magic_quotes_gpc()) {
// This is also bad and deprected. See http://php.net/magic_quotes for more information.
$this->magic_quotes_gpc = TRUE;
}
// Check for register globals and prevent security issues from arising.
if (ini_get('register_globals')) {
if (isset($_REQUEST['GLOBALS'])) {
// No no no.. just kill the script here and now
exit('Illegal attack on global variable.');
}
// Get rid of REQUEST
$_REQUEST = array();
// The following globals are standard and shouldn't really be removed
$preserve = array('GLOBALS', '_REQUEST', '_GET', '_POST', '_FILES', '_COOKIE', '_SERVER', '_ENV', '_SESSION');
// Same effect as disabling register_globals
foreach ($GLOBALS as $key => $value) {
if (!in_array($key, $preserve)) {
global ${$key};
${$key} = NULL;
unset($GLOBALS[$key], ${$key});
}
}
}
// Sanitize global data
if (is_array($_POST)) {
foreach ($_POST as $key => $value) {
$_POST[$this->clean_input_keys($key)] = $this->clean_input_data($value);
}
} else {
$_POST = array();
}
if (is_array($_GET)) {
foreach ($_GET as $key => $value) {
$_GET[$this->clean_input_keys($key)] = $this->clean_input_data($value);
}
} else {
$_GET = array();
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
$_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($value);
}
} else {
$_COOKIE = array();
}
// Just make REQUEST a merge of POST and GET. Who really wants cookies in it anyway?
$_REQUEST = array_merge($_GET, $_POST);
self::$instance = $this;
}
}
/**
* Constructor.
* Initialize parser and set parser options.
*/
function XMLParser()
{
// magic_quotes_runtime must be disabled for XML parsing
$this->magicQuotes = get_magic_quotes_runtime();
if ($this->magicQuotes) {
set_magic_quotes_runtime(0);
}
$this->errors = array();
}
/**
* Constructor
* Sets up the database connection.
* Can pass in the hostname, username, password and database name if you want to.
* If you don't it will set up the base class, then you'll have to call Connect yourself.
*
* @param String $hostname Name of the server to connect to.
* @param String $username Username to connect to the server with.
* @param String $password Password to connect with.
* @param String $databasename Database name to connect to.
*
* @see Connect
* @see GetError
*
* @return Mixed Returns false if no connection can be made - the error can be fetched by the Error() method. Returns the connection result if it can be made. Will return Null if you don't pass in the connection details.
*/
function Oci8Db($hostname = '', $username = '', $password = '', $databasename = '')
{
$this->magic_quotes_runtime_on = get_magic_quotes_runtime();
if ($hostname && $username && $databasename) {
$connection = $this->Connect($hostname, $username, $password, $databasename);
return $connection;
}
return null;
}
/**
* Sanitizes global GET, POST and COOKIE data. Also takes care of
* magic_quotes and register_globals, if they have been enabled.
*
* @return void
*/
public function __construct()
{
// Convert all global variables to Kohana charset
$_GET = Input::clean($_GET);
$_POST = Input::clean($_POST);
$_COOKIE = Input::clean($_COOKIE);
$_SERVER = Input::clean($_SERVER);
if (Kohana::$server_api === 'cli') {
// Convert command line arguments
$_SERVER['argv'] = Input::clean($_SERVER['argv']);
}
// Use XSS clean?
$this->use_xss_clean = (bool) Kohana::config('core.global_xss_filtering');
if (Input::$instance === NULL) {
// magic_quotes_runtime is enabled
if (get_magic_quotes_runtime()) {
@set_magic_quotes_runtime(0);
Kohana_Log::add('debug', 'Disable magic_quotes_runtime! It is evil and deprecated: http://php.net/magic_quotes');
}
// magic_quotes_gpc is enabled
if (get_magic_quotes_gpc()) {
$this->magic_quotes_gpc = TRUE;
Kohana_Log::add('debug', 'Disable magic_quotes_gpc! It is evil and deprecated: http://php.net/magic_quotes');
}
if (is_array($_GET)) {
foreach ($_GET as $key => $val) {
// Sanitize $_GET
$_GET[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
} else {
$_GET = array();
}
if (is_array($_POST)) {
foreach ($_POST as $key => $val) {
// Sanitize $_POST
$_POST[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
} else {
$_POST = array();
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $val) {
// Ignore special attributes in RFC2109 compliant cookies
if ($key == '$Version' or $key == '$Path' or $key == '$Domain') {
continue;
}
// Sanitize $_COOKIE
$_COOKIE[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
} else {
$_COOKIE = array();
}
// Create a singleton
Input::$instance = $this;
Kohana_Log::add('debug', 'Global GET, POST and COOKIE data sanitized');
}
}
