protected function getInput() { if (!NNFrameworkFunctions::extensionInstalled('virtuemart')) { return '<fieldset class="alert alert-danger">' . JText::_('ERROR') . ': ' . JText::sprintf('NN_FILES_NOT_FOUND', JText::_('NN_VIRTUEMART')) . '</fieldset>'; } $this->params = $this->element->attributes(); $this->db = JFactory::getDBO(); $group = $this->get('group', 'categories'); $tables = $this->db->getTableList(); if (!in_array($this->db->getPrefix() . 'virtuemart_' . $group, $tables)) { return '<fieldset class="alert alert-danger">' . JText::_('ERROR') . ': ' . JText::sprintf('NN_TABLE_NOT_FOUND', JText::_('NN_VIRTUEMART')) . '</fieldset>'; } $parameters = NNParameters::getInstance(); $params = $parameters->getPluginParams('nnframework'); $this->max_list_count = $params->max_list_count; if (!is_array($this->value)) { $this->value = explode(',', $this->value); } $options = $this->{'get' . $group}(); $size = (int) $this->get('size'); $multiple = $this->get('multiple'); if ($group == 'categories') { require_once JPATH_PLUGINS . '/system/nnframework/helpers/html.php'; return nnHtml::selectlist($options, $this->name, $this->value, $this->id, $size, $multiple); } $attr = ''; $attr .= ' size="' . (int) $size . '"'; $attr .= $multiple ? ' multiple="multiple"' : ''; return JHtml::_('select.genericlist', $options, $this->name, trim($attr), 'value', 'text', $this->value, $this->id); }
/** * Retrieve filter array * * @param Enterprise_Search_Model_Resource_Collection $collection * @param Mage_Catalog_Model_Resource_Eav_Attribute $attribute * @param string|array $value * @return array */ protected function _getSearchParam($collection, $attribute, $value) { if (!is_string($value) && empty($value) || is_string($value) && strlen(trim($value)) == 0 || is_array($value) && isset($value['from']) && empty($value['from']) && isset($value['to']) && empty($value['to'])) { return array(); } if (!is_array($value)) { $value = array($value); } $field = Mage::getResourceSingleton('enterprise_search/engine')->getSearchEngineFieldName($attribute, 'nav'); if ($attribute->getBackendType() == 'datetime') { $format = Mage::app()->getLocale()->getDateFormat(Mage_Core_Model_Locale::FORMAT_TYPE_SHORT); foreach ($value as &$val) { if (!is_empty_date($val)) { $date = new Zend_Date($val, $format); $val = $date->toString(Zend_Date::ISO_8601) . 'Z'; } } unset($val); } if (empty($value)) { return array(); } else { return array($field => $value); } }
/** @return object */ public static function getSwarmUAIndex() { // Lazy-init and cache if (self::$swarmUaIndex === null) { global $swarmInstallDir; // Convert from array with string values // to an object with boolean values $swarmUaIndex = new stdClass(); $rawIndex = parse_ini_file("{$swarmInstallDir}/config/useragents.ini", true); foreach ($rawIndex as $uaID => $uaItem) { if (is_array($uaItem)) { $uaItem2 = $uaItem; foreach ($uaItem2 as $uaDataKey => $uaDataVal) { if ($uaDataKey !== "displaytitle" && $uaDataKey !== "displayicon") { $uaItem[$uaDataKey] = (bool) trim($uaDataVal); } else { $uaItem[$uaDataKey] = trim($uaDataVal); } } if (!isset($uaItem["displaytitle"]) || !$uaItem["displaytitle"]) { throw new SwarmException("User agent `{$uaID}` is missing a displaytitle property."); } if (!isset($uaItem["displayicon"]) || !$uaItem["displayicon"]) { throw new SwarmException("User agent `{$uaID}` is missing a displayicon property."); } $swarmUaIndex->{$uaID} = (object) $uaItem; } } self::$swarmUaIndex = $swarmUaIndex; } return self::$swarmUaIndex; }
/** * Performs payment module specific configuration validation * * @param string &$errorMessage - error message when return result is not true * * @return bool - true if configuration is valid, false otherwise * * */ function moduleValidateConfiguration(&$errorMessage) { global $providerConf; $commomResult = commonValidateConfiguration($errorMessage); if (!$commomResult) { return false; } if (strlen(trim($providerConf['Param_sid'])) == 0) { $errorMessage = '\'Account number\' field is empty'; return false; } if (!in_array($providerConf['Param_pay_method'], array('CC', 'CK'))) { $errorMessage = '\'Pay method\' field has incorrect value'; return false; } if (strlen(trim($providerConf['Param_secret_word'])) == 0) { $errorMessage = '\'Secret word\' field is empty'; return false; } if (strlen(trim($providerConf['Param_secret_word'])) > 16 || strpos($providerConf['Param_secret_word'], ' ') !== false) { $errorMessage = '\'Secret word\' field has incorrect value'; return false; } return true; }
/** * {@inheritdoc} */ public function apply(DataSourceInterface $dataSource, $name, $data, array $options) { $expressionBuilder = $dataSource->getExpressionBuilder(); if (is_array($data) && !isset($data['type'])) { $data['type'] = isset($options['type']) ? $options['type'] : self::TYPE_CONTAINS; } if (!is_array($data)) { $data = ['type' => self::TYPE_CONTAINS, 'value' => $data]; } $fields = array_key_exists('fields', $options) ? $options['fields'] : [$name]; $type = $data['type']; $value = array_key_exists('value', $data) ? $data['value'] : null; if (!in_array($type, [self::TYPE_NOT_EMPTY, self::TYPE_EMPTY], true) && '' === trim($value)) { return; } if (1 === count($fields)) { $dataSource->restrict($this->getExpression($expressionBuilder, $type, current($fields), $value)); return; } $expressions = []; foreach ($fields as $field) { $expressions[] = $this->getExpression($expressionBuilder, $type, $field, $value); } $dataSource->restrict($expressionBuilder->orX(...$expressions)); }
function getstr($string, $length, $in_slashes = 0, $out_slashes = 0, $bbcode = 0, $html = 0) { global $_G; $string = trim($string); $sppos = strpos($string, chr(0) . chr(0) . chr(0)); if ($sppos !== false) { $string = substr($string, 0, $sppos); } if ($in_slashes) { $string = dstripslashes($string); } $string = preg_replace("/\\[hide=?\\d*\\](.*?)\\[\\/hide\\]/is", '', $string); if ($html < 0) { $string = preg_replace("/(\\<[^\\<]*\\>|\r|\n|\\s|\\[.+?\\])/is", ' ', $string); } elseif ($html == 0) { $string = dhtmlspecialchars($string); } if ($length) { $string = cutstr($string, $length); } if ($bbcode) { require_once DISCUZ_ROOT . './source/class/class_bbcode.php'; $bb =& bbcode::instance(); $string = $bb->bbcode2html($string, $bbcode); } if ($out_slashes) { $string = daddslashes($string); } return trim($string); }
public function setUp(PDO $pdo, $sql) { $sql = explode(';', trim($sql)); foreach ($sql as $query) { $pdo->exec(trim($query)); } }
/** * @ORM\PreFlush() */ public function preUpload() { if ($this->file) { if ($this->file instanceof FileUpload) { $basename = $this->file->getSanitizedName(); $basename = $this->suggestName($this->getFilePath(), $basename); $this->setName($basename); } else { $basename = trim(Strings::webalize($this->file->getBasename(), '.', FALSE), '.-'); $basename = $this->suggestName(dirname($this->file->getPathname()), $basename); $this->setName($basename); } if ($this->_oldPath && $this->_oldPath !== $this->path) { @unlink($this->getFilePathBy($this->_oldProtected, $this->_oldPath)); } if ($this->file instanceof FileUpload) { $this->file->move($this->getFilePath()); } else { copy($this->file->getPathname(), $this->getFilePath()); } return $this->file = NULL; } if (($this->_oldPath || $this->_oldProtected !== NULL) && ($this->_oldPath != $this->path || $this->_oldProtected != $this->protected)) { $oldFilePath = $this->getFilePathBy($this->_oldProtected !== NULL ? $this->_oldProtected : $this->protected, $this->_oldPath ?: $this->path); if (file_exists($oldFilePath)) { rename($oldFilePath, $this->getFilePath()); } } }
/** * 积分兑换列表 */ public function pointorder_listOp() { $model_pointorder = Model('pointorder'); //获取兑换订单状态 $pointorderstate_arr = $model_pointorder->getPointOrderStateBySign(); $where = array(); //兑换单号 $pordersn = trim($_GET['pordersn']); if ($pordersn) { $where['point_ordersn'] = array('like', "%{$pordersn}%"); } //兑换会员名称 $pbuyname = trim($_GET['pbuyname']); if (trim($_GET['pbuyname'])) { $where['point_buyername'] = array('like', "%{$pbuyname}%"); } //订单状态 if (trim($_GET['porderstate'])) { $where['point_orderstate'] = $pointorderstate_arr[$_GET['porderstate']][0]; } //查询兑换订单列表 $order_list = $model_pointorder->getPointOrderList($where, '*', 10, 0, 'point_orderid desc'); //信息输出 Tpl::output('pointorderstate_arr', $pointorderstate_arr); Tpl::output('order_list', $order_list); Tpl::output('show_page', $model_pointorder->showpage()); Tpl::showpage('pointorder.list'); }
/** * Returns upload status. * * This is implementation for uploadprogress extension. */ function PMA_getUploadStatus($id) { global $SESSION_KEY; global $ID_KEY; if (trim($id) == "") { return; } if (!array_key_exists($id, $_SESSION[$SESSION_KEY])) { $_SESSION[$SESSION_KEY][$id] = array('id' => $id, 'finished' => false, 'percent' => 0, 'total' => 0, 'complete' => 0, 'plugin' => $ID_KEY); } $ret = $_SESSION[$SESSION_KEY][$id]; if (!PMA_import_uploadprogressCheck() || $ret['finished']) { return $ret; } $status = uploadprogress_get_info($id); if ($status) { if ($status['bytes_uploaded'] == $status['bytes_total']) { $ret['finished'] = true; } else { $ret['finished'] = false; } $ret['total'] = $status['bytes_total']; $ret['complete'] = $status['bytes_uploaded']; if ($ret['total'] > 0) { $ret['percent'] = $ret['complete'] / $ret['total'] * 100; } } else { $ret = array('id' => $id, 'finished' => true, 'percent' => 100, 'total' => $ret['total'], 'complete' => $ret['total'], 'plugin' => $ID_KEY); } $_SESSION[$SESSION_KEY][$id] = $ret; return $ret; }
public function __construct() { // if the route isn't specified, use the index controller $this->route = isset($_GET['route']) ? htmlspecialchars($_GET['route']) : 'index'; $this->route = trim($this->route, '/'); // remove trailing slashes }
public function updateNotice($data = array()) { $update = array('TITLE' => trim($data['TITLE']), 'CONTENT' => json_encode($data['CONTENT']), 'START_DATE' => trim($data['START_DATE']), 'END_DATE' => trim($data['END_DATE']), 'IS_SHOW' => trim($data['IS_SHOW']), 'UPDATE_DATE' => date('Y-m-d H:i:s')); $wheres = array('NOTICE_ID' => $data['NOTICE_ID']); $this->db->where($wheres)->update('notices', $update); return true; }
public static function ghost_command($nick, $ircdata = array()) { $unick = $ircdata[0]; $password = $ircdata[1]; // get the parameters. if (trim($unick) == '' || trim($password) == '') { services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_INVALID_SYNTAX_RE, array('help' => 'GHOST')); return false; } // invalid syntax if (!isset(core::$nicks[$unick])) { services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_NOT_IN_USE, array('nick' => $unick)); return false; // nickname isn't in use } if ($user = services::user_exists($unick, false, array('display', 'pass', 'salt'))) { if ($user->pass == sha1($password . $user->salt) || core::$nicks[$nick]['ircop'] && services::user_exists($nick, true, array('display', 'identified')) !== false) { ircd::kill(core::$config->nickserv->nick, $unick, 'GHOST command used by ' . core::get_full_hostname($nick)); core::alog(core::$config->nickserv->nick . ': GHOST command used on ' . $unick . ' by ' . core::get_full_hostname($nick)); } else { services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_INVALID_PASSWORD); // password isn't correct } } else { services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_ISNT_REGISTERED, array('nick' => $unick)); return false; // doesn't even exist.. } }
function process($controller) { $this->_prepareFilter($controller); $ret = array(); if (isset($controller->request->data)) { //Loop for models foreach ($controller->request->data as $key => $value) { if (isset($controller->{$key})) { $columns = $controller->{$key}->getColumnTypes(); foreach ($value as $k => $v) { if ($v != '') { //Trim the value $v = trim($v); //Check if there are some fieldFormatting set if (isset($this->fieldFormatting[$columns[$k]])) { $ret[sprintf($this->fieldFormatting[$columns[$k]][0], $key . '.' . $k, $v)] = sprintf($this->fieldFormatting[$columns[$k]][1], $key . '.' . $k, $v); } else { $ret[$key . '.' . $k] = $v; } } } //unsetting the empty forms if (count($value) == 0) { unset($controller->data[$key]); } } } } return $ret; }
/** * validate a string * * @param mixed $str the value to evaluate as a string * * @throws \InvalidArgumentException if the submitted data can not be converted to string * * @return string */ protected function validateString($str) { if (is_object($str) && method_exists($str, '__toString') || is_string($str)) { return trim($str); } throw new InvalidArgumentException('The data received is not OR can not be converted into a string'); }
function installLanguage2($f, $l, $m) { global $php; $patt = '/^([A-Z0-9_]+)[\\s]{0,}=[\\s]{0,}[\'"](.*)[\'"];$/'; foreach (file($f) as $item) { $item = trim($item); if ($item != '') { if (preg_match($patt, $item, $match)) { if (isset($php[$match[1]])) { $php[$match[1]][$l] = addslashes($match[2]); } else { $save = array(); if (preg_match('/^[0-9]+$/', $value)) { $save['type'] = 'int'; } else { $save['type'] = 'text'; } $save['key'] = $match[1]; $save['owner'] = $m; $save[$l] = addslashes($match[2]); $save['js'] = 1; $php[$match[1]] = $save; } } } } }
private function get_dependencies() { preg_match_all('/#dependency (.*)/', $this->output, $dependencies); foreach ($dependencies[1] as $dependency) { $this->dependencies[] = trim($dependency); } }
function getPublicKeyFromServer($server, $email) { /* refactor to $command = "gpg --keyserver ".escapeshellarg($server)." --search-keys ".escapeshellarg($email).""; echo "$command\n\n"; //execute the gnupg command exec($command, $result); */ $curl = new curl(); // get Fingerprint $data = $curl->get("http://" . $server . ":11371/pks/lookup?search=" . urlencode($email) . "&op=index&fingerprint=on&exact=on"); $data = $data['FILE']; preg_match_all("/<pre>([\\s\\S]*?)<\\/pre>/", $data, $matches); //$pub = $matches[1][1]; preg_match_all("/<a href=\"(.*?)\">(\\w*)<\\/a>/", $matches[1][1], $matches); $url = $matches[1][0]; $keyID = $matches[2][0]; // get Public Key $data = $curl->get("http://" . $server . ":11371" . $url); $data = $data['FILE']; preg_match_all("/<pre>([\\s\\S]*?)<\\/pre>/", $data, $matches); $pub_key = trim($matches[1][0]); return array("keyID" => $keyID, "public_key" => $pub_key); }
protected function doDisplay(array $context, array $blocks = array()) { $__internal_2fff3160042f23d812f76a57f2d794df9c0021a111c64efc06751bf3f7b16428 = $this->env->getExtension("native_profiler"); $__internal_2fff3160042f23d812f76a57f2d794df9c0021a111c64efc06751bf3f7b16428->enter($__internal_2fff3160042f23d812f76a57f2d794df9c0021a111c64efc06751bf3f7b16428_prof = new Twig_Profiler_Profile($this->getTemplateName(), "template", "TwigBundle:Exception:traces_text.html.twig")); // line 1 echo "<div class=\"block\">\n <h2>\n Stack Trace (Plain Text) \n "; // line 4 ob_start(); // line 5 echo " <a href=\"#\" onclick=\"toggle('traces-text'); switchIcons('icon-traces-text-open', 'icon-traces-text-close'); return false;\">\n <img class=\"toggle\" id=\"icon-traces-text-close\" alt=\"-\" src=\"data:image/gif;base64,R0lGODlhEgASAMQSANft94TG57Hb8GS44ez1+mC24IvK6ePx+Wa44dXs92+942e54o3L6W2844/M6dnu+P/+/l614P///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAABIALAAAAAASABIAQAVCoCQBTBOd6Kk4gJhGBCTPxysJb44K0qD/ER/wlxjmisZkMqBEBW5NHrMZmVKvv9hMVsO+hE0EoNAstEYGxG9heIhCADs=\" style=\"display: none\" />\n <img class=\"toggle\" id=\"icon-traces-text-open\" alt=\"+\" src=\"data:image/gif;base64,R0lGODlhEgASAMQTANft99/v+Ga44bHb8ITG52S44dXs9+z1+uPx+YvK6WC24G+944/M6W28443L6dnu+Ge54v/+/l614P///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAABMALAAAAAASABIAQAVS4DQBTiOd6LkwgJgeUSzHSDoNaZ4PU6FLgYBA5/vFID/DbylRGiNIZu74I0h1hNsVxbNuUV4d9SsZM2EzWe1qThVzwWFOAFCQFa1RQq6DJB4iIQA7\" style=\"display: inline\" />\n </a>\n "; echo trim(preg_replace('/>\\s+</', '><', ob_get_clean())); // line 10 echo " </h2>\n\n <div id=\"traces-text\" class=\"trace\" style=\"display: none;\">\n<pre>"; // line 13 $context['_parent'] = $context; $context['_seq'] = twig_ensure_traversable($this->getAttribute(isset($context["exception"]) ? $context["exception"] : $this->getContext($context, "exception"), "toarray", array())); foreach ($context['_seq'] as $context["i"] => $context["e"]) { // line 14 echo "["; echo twig_escape_filter($this->env, $context["i"] + 1, "html", null, true); echo "] "; echo twig_escape_filter($this->env, $this->getAttribute($context["e"], "class", array()), "html", null, true); echo ": "; echo twig_escape_filter($this->env, $this->getAttribute($context["e"], "message", array()), "html", null, true); echo "\n"; // line 15 $this->loadTemplate("TwigBundle:Exception:traces.txt.twig", "TwigBundle:Exception:traces_text.html.twig", 15)->display(array("exception" => $context["e"])); } $_parent = $context['_parent']; unset($context['_seq'], $context['_iterated'], $context['i'], $context['e'], $context['_parent'], $context['loop']); $context = array_intersect_key($context, $_parent) + $_parent; // line 16 echo "</pre>\n </div>\n</div>\n"; $__internal_2fff3160042f23d812f76a57f2d794df9c0021a111c64efc06751bf3f7b16428->leave($__internal_2fff3160042f23d812f76a57f2d794df9c0021a111c64efc06751bf3f7b16428_prof); }
function index() { $path = \GCore\C::get('GCORE_ADMIN_PATH') . 'extensions' . DS . 'chronoforms' . DS; $files = \GCore\Libs\Folder::getFiles($path, true); $strings = array(); //function to prepare strings $prepare = function ($str) { /*$path = \GCore\C::get('GCORE_FRONT_PATH'); if(strpos($str, $path) !== false AND strpos($str, $path) == 0){ return '//'.str_replace($path, '', $str); }*/ $val = !empty(\GCore\Libs\Lang::$translations[$str]) ? \GCore\Libs\Lang::$translations[$str] : ''; return 'const ' . trim($str) . ' = "' . str_replace("\n", '\\n', $val) . '";'; }; foreach ($files as $file) { if (substr($file, -4, 4) == '.php') { // AND strpos($file, DS.'extensions'.DS) === TRUE){ //$strings[] = $file; $file_code = file_get_contents($file); preg_match_all('/l_\\(("|\')([^(\\))]*?)("|\')\\)/i', $file_code, $langs); if (!empty($langs[2])) { $strings = array_merge($strings, $langs[2]); } } } $strings = array_unique($strings); $strings = array_map($prepare, $strings); echo '<textarea rows="20" cols="80">' . implode("\n", $strings) . '</textarea>'; }
function db_table_schema($db, $tablename = '') { $result = $db->fetch("SHOW TABLE STATUS LIKE '" . trim($db->tablename($tablename), '`') . "'"); if (empty($result)) { return array(); } $ret['tablename'] = $result['Name']; $ret['charset'] = $result['Collation']; $ret['engine'] = $result['Engine']; $ret['increment'] = $result['Auto_increment']; $result = $db->fetchall("SHOW FULL COLUMNS FROM " . $db->tablename($tablename)); foreach ($result as $value) { $temp = array(); $type = explode(" ", $value['Type'], 2); $temp['name'] = $value['Field']; $pieces = explode('(', $type[0], 2); $temp['type'] = $pieces[0]; $temp['length'] = rtrim($pieces[1], ')'); $temp['null'] = $value['Null'] != 'NO'; $temp['signed'] = empty($type[1]); $temp['increment'] = $value['Extra'] == 'auto_increment'; $ret['fields'][$value['Field']] = $temp; } $result = $db->fetchall("SHOW INDEX FROM " . $db->tablename($tablename)); foreach ($result as $value) { $ret['indexes'][$value['Key_name']]['name'] = $value['Key_name']; $ret['indexes'][$value['Key_name']]['type'] = $value['Key_name'] == 'PRIMARY' ? 'primary' : ($value['Non_unique'] == 0 ? 'unique' : 'index'); $ret['indexes'][$value['Key_name']]['fields'][] = $value['Column_name']; } return $ret; }
/** * Check that the user has sufficient permissions, or die in error * */ private function _checkPermissions() { // Is frontend backup enabled? $febEnabled = Platform::getInstance()->get_platform_configuration_option('failure_frontend_enable', 0) != 0; // Is the Secret Key strong enough? $validKey = Platform::getInstance()->get_platform_configuration_option('frontend_secret_word', ''); if (!\Akeeba\Engine\Util\Complexify::isStrongEnough($validKey, false)) { $febEnabled = false; } if (!$febEnabled) { @ob_end_clean(); echo '403 ' . JText::_('ERROR_NOT_ENABLED'); flush(); JFactory::getApplication()->close(); } // Is the key good? $key = $this->input->get('key', '', 'none', 2); $validKeyTrim = trim($validKey); if ($key != $validKey || empty($validKeyTrim)) { @ob_end_clean(); echo '403 ' . JText::_('ERROR_INVALID_KEY'); flush(); JFactory::getApplication()->close(); } }
public function create_column($column) { $column['column_name'] = strtolower($column['column_name']); $column['data_type'] = strtolower(preg_replace('/\\(.*?\\)/', '', $column['data_type'])); if ($column['data_default'] !== null) { $column['data_default'] = trim($column['data_default'], "' "); } if ($column['data_type'] == 'number') { if ($column['data_scale'] > 0) { $column['data_type'] = 'decimal'; } elseif ($column['data_scale'] == 0) { $column['data_type'] = 'int'; } } $c = new Column(); $c->inflected_name = Inflector::instance()->variablize($column['column_name']); $c->name = $column['column_name']; $c->nullable = $column['nullable'] == 'Y' ? true : false; $c->pk = $column['pk'] == 'P' ? true : false; $c->length = $column['data_length']; if ($column['data_type'] == 'timestamp') { $c->raw_type = 'datetime'; } else { $c->raw_type = $column['data_type']; } $c->map_raw_type(); $c->default = $c->cast($column['data_default']); return $c; }
/** * Detect HTML in the first KB to prevent against potential security issue with * IE/Safari/Opera file type auto detection bug. * Returns true if file contain insecure HTML code at the beginning. * * @param string $filePath absolute path to file * @return boolean */ function DetectHtml($filePath) { $fp = fopen($filePath, 'rb'); $chunk = fread($fp, 1024); fclose($fp); $chunk = strtolower($chunk); if (!$chunk) { return false; } $chunk = trim($chunk); if (preg_match("/<!DOCTYPE\\W*X?HTML/sim", $chunk)) { return true; } $tags = array('<body', '<head', '<html', '<img', '<pre', '<script', '<table', '<title'); foreach ($tags as $tag) { if (false !== strpos($chunk, $tag)) { return true; } } //type = javascript if (preg_match('!type\\s*=\\s*[\'"]?\\s*(?:\\w*/)?(?:ecma|java)!sim', $chunk)) { return true; } //href = javascript //src = javascript //data = javascript if (preg_match('!(?:href|src|data)\\s*=\\s*[\'"]?\\s*(?:ecma|java)script:!sim', $chunk)) { return true; } //url(javascript if (preg_match('!url\\s*\\(\\s*[\'"]?\\s*(?:ecma|java)script:!sim', $chunk)) { return true; } return false; }
/** * On modifie les URLS des images dans le corps de l'article */ function filtre_picture($content, $url, $id) { $matches = array(); $processing_pictures = array(); // list of processing image to avoid processing the same pictures twice preg_match_all('#<\\s*(img)[^>]+src="([^"]*)"[^>]*>#Si', $content, $matches, PREG_SET_ORDER); foreach ($matches as $i => $link) { $link[1] = trim($link[1]); if (!preg_match('#^(([a-z]+://)|(\\#))#', $link[1])) { $absolute_path = get_absolute_link($link[2], $url); $filename = basename(parse_url($absolute_path, PHP_URL_PATH)); $directory = create_assets_directory($id); $fullpath = $directory . '/' . $filename; if (in_array($absolute_path, $processing_pictures) === true) { // replace picture's URL only if processing is OK : already processing -> go to next picture continue; } if (download_pictures($absolute_path, $fullpath) === true) { $content = str_replace($matches[$i][2], $fullpath, $content); } $processing_pictures[] = $absolute_path; } } return $content; }
/** *用户ID方式登录 */ public function getQuestionListAction() { //基础元素,必须参与验证 $Config['Time'] = abs(intval($this->request->Time)); $Config['ReturnType'] = $this->request->ReturnType ? $this->request->ReturnType : 2; //URL验证码 $sign = trim($this->request->sign); //私钥,以后要移开到数据库存储 $p_sign = 'lm'; $sign_to_check = Base_common::check_sign($Config, $p_sign); //不参与验证的元素 //验证URL是否来自可信的发信方 if ($sign_to_check == $sign) { //验证时间戳,时差超过600秒即认为非法 if (abs($Config['Time'] - time()) <= 600) { $QuestionList = $this->oSecurityAnswer->getAll(); $result = array('return' => 1, 'QuestionList' => $QuestionList); } else { $result = array('return' => 0, 'comment' => "时间有误"); } } else { $result = array('return' => 0, 'comment' => "验证失败,请检查URL"); } if ($Config['ReturnType']) { echo json_encode($result); } else { // $r = $result['return']."|".iconv('UTF-8','GBK',$result['comment']);; // if($result['return']==1) // { // $r = $r."|".$result['LoginId']."|".$result['adult']; // } // echo $r; } }
function valida_valor($valor, $aceita_float) { // valida valor if ($valor == null) { // informa que nao e um valor return false; } // remove a virgula se houver $valor = str_replace(",", ".", $valor); // remove espaco vazio no meio se houver $valor = str_replace(" ", null, $valor); // remove o espaco em branco $valor = trim($valor); // valida se e numero, e se e numero positivo if (is_numeric($valor) == false or $valor < 0) { // informa que nao e um numero return false; } // arredonda valor se nao aceitar float if ($aceita_float == false) { // arredonda $valor = round($valor, 0); } // se aceitar float, e for float entao arredonda if ($aceita_float == true) { // arredonda $valor = round($valor, 2); } // retorno return $valor; }
public static function isAdmin($formID, $username = NULL) { if (isnull($username)) { $username = sessionGet("username"); } return self::getCount($formID, $username, mfcs::AUTH_ADMIN) || trim(strtolower(users::user('status', 'user'))) == 'systems'; }
/** * Extract directive parameters * * Extract the image directive parameters from a media object or inline * media object node in the Docbook document. Returns an array with * named keys containing the directive parameters. * * @param ezcDocumentElementVisitorConverter $converter * @param DOMElement $node * @return array */ protected function getDirectiveParameters(ezcDocumentElementVisitorConverter $converter, DOMElement $node) { // Get image resource $resource = $node->getElementsBytagName('imagedata')->item(0); $parameter = $resource->getAttribute('fileref'); $options = array(); $content = null; // Transform attributes $attributes = array('width' => 'width', 'depth' => 'height'); foreach ($attributes as $src => $dst) { if ($resource->hasAttribute($src)) { $options[$dst] = $resource->getAttribute($src); } } // Check if the image has a description if (($textobject = $node->getElementsBytagName('textobject')) && $textobject->length > 0) { $options['alt'] = trim($textobject->item(0)->textContent); } // Check if the image has additional description assigned. In such a // case we wrap the image and the text inside another block. if (($textobject = $node->getElementsBytagName('caption')) && $textobject->length > 0) { $textobject = $textobject->item(0); // Decorate the childs of the caption node recursively, as it might // contain additional markup. $content = $converter->visitChildren($textobject, ''); } // If the directive has explicit content, we render it as a figure // instead of an image. $type = $content !== null ? 'figure' : 'image'; return array('type' => $type, 'parameter' => $parameter, 'options' => $options, 'content' => $content); }
/** * 修复http响应拆分漏洞(php < 5.4 ?)。暂时按照360网站安全检测的建议方案进行修正,虽然感觉strip_tags并非必须。 * @link http://thread.gmane.org/gmane.comp.php.devel/70584 * @link https://bugs.php.net/bug.php?id=60227 * @author Horse Luke * @version 0.1 build 20131021 */ function fix_http_header_inject($str) { if (empty($str)) { return $str; } return trim(strip_tags(preg_replace('/( |\\t|\\r|\\n|\')/', '', $str))); }