/**
* Allows users to delete OpenID locations from their account.
*/
require_login();
$messages = array();
$errors = array();
$identity = require_post("identity");
// make sure we aren't deleting our last identity
$q = db()->prepare("SELECT COUNT(*) AS c FROM user_openid_identities WHERE user_id=?");
$q->execute(array(user_id()));
$count = $q->fetch();
// or we have an OAuth2 identity
$q = db()->prepare("SELECT * FROM user_oauth2_identities WHERE user_id=? LIMIT 1");
$q->execute(array(user_id()));
$oauth2 = $q->fetch();
// or we have a password hash
$q = db()->prepare("SELECT * FROM user_passwords WHERE user_id=?");
$q->execute(array(user_id()));
$password_hash = $q->fetch();
if ($count['c'] <= 1 && !$password_hash && !$oauth2) {
$errors[] = t("Cannot remove that OpenID identity; at least one identity must be defined.");
set_temporary_messages($messages);
set_temporary_errors($errors);
redirect(url_for('user#user_openid'));
}
$user = \Users\User::getInstance(db());
\Users\UserOpenID::removeIdentity(db(), $user, $identity);
$messages[] = t("Removed OpenID identity ':identity'.", array(':identity' => $identity));
set_temporary_messages($messages);
set_temporary_errors($errors);
redirect(url_for('user#user_openid'));
function require_user($user)
{
global $errors;
if (!$user) {
if (!$errors) {
$errors = array();
}
$errors[] = t("Could not find your profile on the system. You will need to login or signup again.");
set_temporary_errors($errors);
redirect(url_for('login'));
}
}
$q = require_get("q");
if (!is_string($q)) {
set_temporary_errors(array(t("Invalid article key.")));
redirect(url_for('help'));
}
if (!$q) {
redirect(url_for('help'));
}
// we define all knowledge base articles ourselves, so that there's no chance
// of a security breach/injection
$knowledge = get_knowledge_base();
global $title;
$title = false;
foreach ($knowledge as $label => $a) {
if (isset($a[$q])) {
$title = $a[$q];
}
}
if (!$title) {
set_temporary_errors(array(t("No such knowledge base article ':key'.", array(':key' => htmlspecialchars($q)))));
redirect(url_for('help'));
}
if (is_array($title)) {
global $kb_inline;
$kb_inline = $title['inline'];
$title = $title['title'];
$q = 'inline';
}
page_header(t("Knowledge Base: :title", array(":title" => $title)), "page_kb");
require_template("kb_" . $q);
page_footer();
// does nothing
return false;
}
throw new Exception("Cannot set temporary errors with no session");
}
if ($m === null) {
unset($_SESSION["temporary_errors"]);
} else {
if (!is_array($m)) {
$m = array($m);
}
$_SESSION["temporary_errors"] = $m;
}
}
$global_temporary_errors = isset($_SESSION["temporary_errors"]) ? $_SESSION["temporary_errors"] : null;
// only lasts a single request
set_temporary_errors(null);
// reset
function get_temporary_errors()
{
global $global_temporary_errors;
return $global_temporary_errors === null ? array() : $global_temporary_errors;
}
class EscapedException extends Exception
{
}
function safe_include_arg($arg)
{
// take out any relative paths etc
return preg_replace("/[^a-z0-9_\\-]/i", "", $arg);
}
<?php
/**
* This page displays external API historical data publically.
*/
require __DIR__ . "/../layout/graphs.php";
require __DIR__ . "/../layout/templates.php";
$messages = array();
$errors = array();
$type = require_get('type');
$titles = get_external_apis_titles();
if (!isset($titles[$type])) {
set_temporary_errors(t("No such external API type ':type'.", array(':type' => htmlspecialchars($type))));
redirect(url_for('external'));
}
$api_title = $titles[$type];
$graph = array('graph_type' => 'external_historical', 'width' => 8, 'height' => 4, 'page_order' => 0, 'days' => 45, 'delta' => '', 'id' => 0, 'arg0_resolved' => $type, 'public' => true, 'no_technicals' => true);
page_header(t("External API Status: :api_title", array(':api_title' => $api_title)), "page_external_historical", array('jsapi' => true));
?>
<h1><?php
echo ht("External API Status: :api_title", array(':api_title' => $api_title));
?>
</h1>
<p class="backlink">
<a href="<?php
echo htmlspecialchars(url_for('external'));
?>
"><?php
echo ht("< Back to External API Status");
?>