function request_token($tmhOAuth) { $code = $tmhOAuth->apponly_request(array('without_bearer' => true, 'method' => 'POST', 'url' => $tmhOAuth->url('oauth/request_token', ''), 'params' => array('oauth_callback' => php_self(false)))); if ($code != 200) { error("There was an error communicating with Twitter. {$tmhOAuth->response['response']}"); return; } // store the params into the session so they are there when we come back after the redirect $_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']); // check the callback has been confirmed if ($_SESSION['oauth']['oauth_callback_confirmed'] !== 'true') { error('The callback was not confirmed by Twitter so we cannot continue.'); } else { $url = $tmhOAuth->url('oauth/authorize', '') . "?oauth_token={$_SESSION['oauth']['oauth_token']}"; ?> <p>To complete the OAuth flow please visit URL: <a href="<?php echo $url; ?> "><?php echo $url; ?> </a></p> <?php } }
/** * get_location * * Determines the location to forward to, relative to your server. * This is used in HTTP Location: redirects. * If set, it uses $config_location_base as the first part of the URL, * specifically, the protocol, hostname and port parts. The path is * always autodetected. * * @return string the base url for this SquirrelMail installation */ function get_location() { global $imap_server_type, $config_location_base, $is_secure_connection, $sq_ignore_http_x_forwarded_headers; /* Get the path, handle virtual directories */ if (strpos(php_self(), '?')) { $path = substr(php_self(), 0, strpos(php_self(), '?')); } else { $path = php_self(); } $path = substr($path, 0, strrpos($path, '/')); // proto+host+port are already set in config: if (!empty($config_location_base)) { // register it in the session just in case some plugin depends on this sqsession_register($config_location_base . $path, 'sq_base_url'); return $config_location_base . $path; } // we computed it before, get it from the session: if (sqgetGlobalVar('sq_base_url', $full_url, SQ_SESSION)) { return $full_url . $path; } // else: autodetect /* Check if this is a HTTPS or regular HTTP request. */ $proto = 'http://'; if ($is_secure_connection) { $proto = 'https://'; } /* Get the hostname from the Host header or server config. */ if ($sq_ignore_http_x_forwarded_headers || !sqgetGlobalVar('HTTP_X_FORWARDED_HOST', $host, SQ_SERVER) || empty($host)) { if (!sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host)) { if (!sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host)) { $host = ''; } } } $port = ''; if (strpos($host, ':') === FALSE) { // Note: HTTP_X_FORWARDED_PROTO could be sent from the client and // therefore possibly spoofed/hackable - for now, the // administrator can tell SM to ignore this value by setting // $sq_ignore_http_x_forwarded_headers to boolean TRUE in // config/config_local.php, but in the future we may // want to default this to TRUE and make administrators // who use proxy systems turn it off (see 1.5.2+). global $sq_ignore_http_x_forwarded_headers; if ($sq_ignore_http_x_forwarded_headers || !sqgetGlobalVar('HTTP_X_FORWARDED_PROTO', $forwarded_proto, SQ_SERVER)) { $forwarded_proto = ''; } if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) { if ($server_port != 80 && $proto == 'http://' || $server_port != 443 && $proto == 'https://' && strcasecmp($forwarded_proto, 'https') !== 0) { $port = sprintf(':%d', $server_port); } } } /* this is a workaround for the weird macosx caching that causes Apache to return 16080 as the port number, which causes SM to bail */ if ($imap_server_type == 'macosx' && $port == ':16080') { $port = ''; } /* Fallback is to omit the server name and use a relative */ /* URI, although this is not RFC 2616 compliant. */ $full_url = $host ? $proto . $host . $port : ''; sqsession_register($full_url, 'sq_base_url'); return $full_url . $path; }
?> </head> <body> <?php } $d = get_dir($n = dirname($_SERVER['SCRIPT_FILENAME'])); asort($d); if (is_file($n . "/Commentary")) { print wiki_render(join('', file($n . "/Commentary"))); } $i = 0; foreach ($d as $e) { if (preg_match('/jpg|jpeg$/i', $e)) { $ee = rawurlencode($e); $e = wiki_split_wikiwords(preg_replace('/[.][a-zA-Z]+$/', '', $e)); print "<div class='image'><a href='" . script_name() . "/slideshow?seq=" . $i . "'><img src='" . php_self() . "?thumb={$ee}' alt='{$e}' /><br />{$e}</a></div>"; $i++; } elseif (is_dir($n . '/' . $e)) { print "<div class='image'><a href='{$e}'>{$e}</a></div>"; } } if (!ALBUM_EMBEDDED) { ?> </body> </html> <?php } } elseif ($_SERVER['PATH_INFO'] == '/framed' or !$_SERVER['PATH_INFO'] and ALBUM_MODE == 'framed') { print doctype("XHTML/1.0 Frameset") . "\n"; ?> <html>
<?php // // $base_uri is not globally available in some // places in 1.4.x, but it is in 1.5.x... although // plugin authors are encouraged to use sqm_baseuri() // which is known to work in both environments // // need to run php_self() before we call sqm_baseuri() // // sqm_baseuri was moved from display_messages.php // as of version 1.4.6... HOWEVER, we cannot include // display_messages.php here because of some chicken- // egg problems that are then introduced and all // plugins will stop working. The only solution is to // copy the sqm_baseuri() code directly here to calculate // $base_uri... which is overall, a rather inefficient // (albiet in a small way in the scheme of things) way // to provide this compatibility of $base_uri to plugin // authors in 1.4.5 and below. // global $PHP_SELF, $base_uri; $PHP_SELF = php_self(); if (!compatibility_check_sm_version(1, 4, 6)) { $dirs = array('|src/.*|', '|plugins/.*|', '|functions/.*|'); $repl = array('', '', ''); $base_uri = preg_replace($dirs, $repl, $PHP_SELF); } else { $base_uri = sqm_baseuri(); }
/** * This determines the location to forward to relative to your server. * If this doesnt work correctly for you (although it should), you can * remove all this code except the last two lines, and change the header() * function to look something like this, customized to the location of * SquirrelMail on your server: * * http://www.myhost.com/squirrelmail/src/login.php */ function get_location() { global $imap_server_type; /* Get the path, handle virtual directories */ $path = substr(php_self(), 0, strrpos(php_self(), '/')); if (sqgetGlobalVar('sq_base_url', $full_url, SQ_SESSION)) { return $full_url . $path; } /* Check if this is a HTTPS or regular HTTP request. */ $proto = 'http://'; /* * If you have 'SSLOptions +StdEnvVars' in your apache config * OR if you have HTTPS=on in your HTTP_SERVER_VARS * OR if you are on port 443 */ $getEnvVar = getenv('HTTPS'); if (isset($getEnvVar) && !strcasecmp($getEnvVar, 'on') || sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && !strcasecmp($https_on, 'on') || sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) && $server_port == 443) { $proto = 'https://'; } /* Get the hostname from the Host header or server config. */ if (!sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host)) { if (!sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host)) { $host = ''; } } $port = ''; if (!strstr($host, ':')) { if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) { if ($server_port != 80 && $proto == 'http://' || $server_port != 443 && $proto == 'https://') { $port = sprintf(':%d', $server_port); } } } /* this is a workaround for the weird macosx caching that causes Apache to return 16080 as the port number, which causes SM to bail */ if ($imap_server_type == 'macosx' && $port == ':16080') { $port = ''; } /* Fallback is to omit the server name and use a relative */ /* URI, although this is not RFC 2616 compliant. */ $full_url = $host ? $proto . $host . $port : ''; sqsession_register($full_url, 'sq_base_url'); return $full_url . $path; }
$dialogBox->question($question); } if ($cmd == 'exMerge') { $uidToKeep = $userInput->getMandatory('uidToKeep'); $uidToRemove = $userInput->getMandatory('uidToRemove'); if ($uidToKeep == $uidToRemove) { throw new Exception(get_lang('Cannot merge one user account with itself')); } if (!user_get_properties($uidToKeep)) { throw new Exception(get_lang('User to keep not found')); } if (!user_get_properties($uidToRemove)) { throw new Exception(get_lang('User to remove not found')); } $mergeUser = new MergeUser(); $mergeUser->merge($uidToRemove, $uidToKeep); if ($mergeUser->hasError()) { $dialogBox->error(get_lang('Some errors have occured while merging those user account, check the log table in the platform main database for more details')); } else { $dialogBox->success(get_lang('User accounts merged')); } } } catch (Exception $e) { $dialogBox->error(get_lang('Cannot perform the requested action') . ' : <br />' . $e->getMessage()); pushClaroMessage('<pre>' . $e->__toString() . '</pre>'); } ClaroBreadCrumbs::getInstance()->prepend(get_lang('Administration'), get_path('rootAdminWeb')); ClaroBreadCrumbs::getInstance()->setCurrent(get_lang('Merge user accounts'), php_self()); ClaroBody::getInstance()->appendContent(claro_html_tool_title(get_lang('Merge user accounts'))); ClaroBody::getInstance()->appendContent($dialogBox->render()); echo Claroline::getInstance()->display->render();
$tmp_token = trim($_GET['token']); $tmp_openid = trim($_GET['wecha_id']); $user = $user->checkUser(array('session_id' => $tmp_sessid, 'token' => $tmp_token, 'third_id' => $tmp_openid)); if (!empty($user)) { $_SESSION['wap_user'] = $user; $_SESSION['wap_user']['store_id'] = $tmp_store_id; $_SESSION['sync_user'] = true; import('source.class.String'); if (empty($_SESSION['sessid'])) { $session_id = String::keyGen(); $_SESSION['sessid'] = $session_id; } D('User')->where(array('uid' => $user['uid']))->data(array('session_id' => $_SESSION['sessid']))->save(); } } $php_self = php_self(); //////////////////////////////////// $wap_user = !empty($_SESSION['wap_user']) ? $_SESSION['wap_user'] : array(); //检测分销商是否存在 if (!empty($_SESSION['wap_drp_store']) && $_SESSION['wap_drp_store']['store_id'] != $tmp_store_id) { $store_exists = D('Store')->where(array('store_id' => $_SESSION['wap_drp_store']['store_id'], 'status' => 1))->find(); if (empty($store_exists)) { //店铺不存在或已删除 unset($_SESSION['wap_drp_store']); //删除保存在session中分销商 } } /*是否移动端*/ $is_mobile = is_mobile(); /*是否微信端*/ $is_weixin = is_weixin();
/** * Get the URI of the current page : PHP_SELF + QUERY_STRING, protected against * HTTP Response Splitting and XSS * @param boolean $html if set to true (default) the returned URI is passed * through claro_htmlspecialchars before being returned * @return string */ function page_uri($html = true) { $uri = Url::Contextualize(php_self() . "?" . strip_tags($_SERVER['QUERY_STRING'])); return $html ? claro_htmlspecialchars($uri) : $uri; }
} // post kernel access check if (claro_is_in_a_course()) { if (!(basename(php_self()) == 'courses.php' && isset($_REQUEST['cmd']) && $_REQUEST['cmd'] == 'exReg')) { if (!claro_is_course_allowed()) { if (!claro_is_user_authenticated()) { claro_disp_auth_form(); } else { if (claro_get_current_course_data('access') == 'private' && !claro_is_course_member()) { claro_die(get_lang("You have to be enroled to this course to access its contents") . '<br /><a href="' . claro_htmlspecialchars(get_path('clarolineRepositoryWeb') . 'auth/courses.php?cmd=exReg&course=' . claro_get_current_course_id()) . '">' . claro_html_icon('enroll') . ' ' . '<b>' . get_lang('Enrolment') . '</b>' . '</a>'); } else { claro_die(get_lang("Not allowed!")); } } } } } // group_space.php?registration=1&selfReg=1 if (claro_is_in_a_group()) { if (!(basename(php_self()) == 'group_space.php' && isset($_REQUEST['registration']) && $_REQUEST['registration'] == '1')) { if (!claro_is_group_allowed()) { if (!claro_is_user_authenticated()) { claro_disp_auth_form(); } else { claro_die(get_lang("Not allowed!")); } } } } // FORCE reloading current module translation here language::load_module_translation();