$info = NULL; if (CAT_Helper_Validate::getInstance()->sanitizePost('submit')) { $val = CAT_Helper_Validate::getInstance(); $diffs = 0; foreach ($settings as $i => $set) { $field = $set['name']; if ($field == 'source') { continue; } $new = $val->sanitizePost($field); if ($new != $set['value']) { $settings[$i]['value'] = $new; $diffs++; } } if ($diffs) { $inc = file_get_contents(dirname(__FILE__) . '/data/config.inc.php'); $ainc = preg_split('~// --- do not change this manually, use the Admin Tool! ---~', $inc, NULL, PREG_SPLIT_DELIM_CAPTURE); $fh = fopen(dirname(__FILE__) . '/data/config.inc.php', 'w'); fwrite($fh, $ainc[0]); fwrite($fh, "// --- do not change this manually, use the Admin Tool! ---\n\$current = array(\n"); foreach ($settings as $i => $set) { fwrite($fh, " '" . $set['name'] . '\' => \'' . $set['value'] . '\',' . "\n"); } fwrite($fh, ');'); fclose($fh); $info = CAT_Helper_Validate::getInstance()->lang()->translate('Settings saved'); } } $parser->setPath(dirname(__FILE__) . '/templates/default'); $parser->output('tool.tpl', array('settings' => $settings, 'current' => $current, 'info' => $info));
include CAT_PATH . '/framework/class.secure.php'; } else { $root = "../"; $level = 1; while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) { $root .= "../"; $level += 1; } if (file_exists($root . '/framework/class.secure.php')) { include $root . '/framework/class.secure.php'; } else { trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR); } } $update_when_modified = true; $val = CAT_Helper_Validate::getInstance(); $user = CAT_Users::getInstance(); $backend = CAT_Backend::getInstance('Pages', 'pages_modify'); // =============== // ! Get page id // =============== $page_id = $val->get('_REQUEST', 'page_id', 'numeric'); $section_id = $val->get('_REQUEST', 'section_id', 'numeric'); if (!$page_id) { header("Location: index.php"); exit(0); } // ============= // ! Get perms // ============= if (CAT_Helper_Page::getPagePermission($page_id, 'admin') !== true) {
/** * set login error and increase number of login attempts * * @access private * @param string $msg - error message * @return void **/ private static function setLoginError($msg) { self::$loginerror = $msg; self::$lasterror = $msg; self::$errorstack[] = $msg; if (!isset($_SESSION['ATTEMPTS'])) { $_SESSION['ATTEMPTS'] = 0; } else { $_SESSION['ATTEMPTS'] = CAT_Helper_Validate::getInstance()->fromSession('ATTEMPTS') + 1; } }
/** * **/ function saveGroup($backend, $group) { global $groups; $settings = array(); $val = CAT_Helper_Validate::getInstance(); foreach ($groups[$group] as $key) { $settings[$key] = $val->sanitizePost($key); } saveSettings($settings); }
* @package CAT_Core * */ define('CAT_LOGIN_PHASE', 1); if (defined('CAT_PATH')) { include CAT_PATH . '/framework/class.secure.php'; } else { $root = "../"; $level = 1; while ($level < 10 && !file_exists($root . '/framework/class.secure.php')) { $root .= "../"; $level += 1; } if (file_exists($root . '/framework/class.secure.php')) { include $root . '/framework/class.secure.php'; } else { trigger_error(sprintf("[ <b>%s</b> ] Can't include class.secure.php!", $_SERVER['SCRIPT_NAME']), E_USER_ERROR); } } if (CAT_Helper_Validate::getInstance()->fromSession('ATTEMPTS') > MAX_ATTEMPTS) { $redirect = CAT_URL . '/templates/' . DEFAULT_THEME . '/templates/warning.html'; $ajax = array('url' => $redirect, 'success' => true, 'message' => NULL); } else { #CAT_Helper_Protect::getInstance()->enableCSRFMagic(); $redirect = CAT_Users::getInstance()->handleLogin(); $error = CAT_Users::getInstance()->loginError(); $ajax = array('url' => $redirect, 'success' => CAT_Users::getInstance()->is_authenticated(), 'message' => $redirect === false || $error ? $error : NULL); } header('Content-type: application/json'); print json_encode($ajax); exit;
$installer_uri = dirname($installer_uri); $installer_uri = str_ireplace('update', '', $installer_uri); $lang = CAT_Helper_I18n::getInstance(); $lang->addFile($lang->getLang() . '.php', dirname(__FILE__) . '/../languages'); if (!CAT_Helper_Addons::versionCompare(CAT_VERSION, '0.11.0Beta')) { pre_update_error($lang->translate('You need to have <strong>BlackCat CMS v0.11.0Beta</strong> installed to use the Update.<br />You have <strong>{{version}}</strong> installed.', array('version' => CAT_VERSION))); } // get new version from tag.txt if (file_exists(dirname(__FILE__) . '/../tag.txt')) { $tag = fopen(dirname(__FILE__) . '/../tag.txt', 'r'); list($current_version, $current_build, $current_build) = explode('#', fgets($tag)); fclose($tag); } else { pre_update_error($lang->translate('The file <pre>tag.txt</pre> is missing! Unable to upgrade!')); } if (!CAT_Helper_Validate::getInstance()->sanitizeGet('do')) { update_wizard_header(); echo ' <h1>BlackCat CMS Update Wizard</h1> <h2>' . $lang->translate('Welcome!') . '</h2> ' . $lang->translate('This wizard will help you to upgrade your current BlackCat CMS Version') . '<br /> <span style="font-weight:bold;color:#f00;">' . CAT_VERSION . '</span><br /> ' . $lang->translate('to Version') . '<br /> <span style="font-weight:bold;color:#f00;">' . $current_version . ' Build ' . $current_build . '</span> <form method="get" action="' . $installer_uri . '/update/update.php"> <input type="hidden" name="do" value="1" /> <input type="submit" value="' . $lang->translate('To start the update, please click here') . '" /> </form> '; update_wizard_footer(); }
readfile("{$filename}"); exit; } } else { echo CAT_Helper_Validate::getInstance()->lang()->translate("File not found") . ": " . str_ireplace(array(str_replace('\\', '/', CAT_PATH), '\\'), array('/abs/path/to', '/'), $file); } exit; } // remove if (CAT_Helper_Validate::sanitizePost('remove')) { $date = CAT_Helper_Validate::sanitizePost('remove'); $file = CAT_Helper_Directory::sanitizePath(CAT_PATH . '/temp/logs/log_' . $date . '.txt'); if (file_exists($file)) { unlink($file); } else { echo CAT_Helper_Validate::getInstance()->lang()->translate("File not found") . ": " . str_ireplace(array(str_replace('\\', '/', CAT_PATH), '\\'), array('/abs/path/to', '/'), $file); } exit; } // clean up log files (older than 24 hours and size 0) $files = CAT_Helper_Directory::findFiles('log_\\d{4}-\\d{2}-\\d{2}\\.txt', CAT_PATH . '/temp'); if (count($files)) { foreach ($files as $f) { if (filemtime($f) < time() - 24 * 60 * 60 && filesize($f) == 0) { unlink($f); } } } $files = CAT_Helper_Directory::findFiles('log_\\d{4}-\\d{2}-\\d{2}\\.txt', CAT_PATH . '/temp/logs'); if (count($files)) { foreach ($files as $f) {
/** * get currently used timezone string **/ public static function getTimezone() { $tz = CAT_Helper_Validate::getInstance()->fromSession('TIMEZONE_STRING'); return isset($tz) ? $tz : DEFAULT_TIMEZONE_STRING; }
/** * load JS * * @access private * @param string $for - frontend | backend * @return void **/ private static function _load_js($for = 'frontend') { global $page_id; if (count(CAT_Helper_Page::$js_search_path)) { $val = CAT_Helper_Validate::getInstance(); $seen = array(); foreach (CAT_Helper_Page::$js_search_path as $directory) { $file = CAT_Helper_Directory::sanitizePath($directory . '/' . $for . '.js'); if (!isset($seen[$file])) { if (file_exists(CAT_PATH . '/' . $file)) { CAT_Helper_Page::$js[] = '<script type="text/javascript" src="' . $val->sanitize_url(CAT_URL . $file) . '"></script>' . "\n"; } } $seen[$file] = 1; } if ($for == 'frontend') { $file = CAT_Helper_Directory::sanitizePath(CAT_Registry::get('PAGES_DIRECTORY') . '/js/' . $page_id . '.js'); if (!isset($seen[$file]) && file_exists(CAT_PATH . '/' . $file)) { CAT_Helper_Page::$js[] = '<script type="text/javascript" src="' . $val->sanitize_url(CAT_URL . $file) . '"></script>' . "\n"; $seen[$file] = 1; } } } self::$instance->log()->logDebug('JS', CAT_Helper_Page::$js); }
function Dwoo_Plugin_get_session(Dwoo $dwoo, $key, $require = NULL) { return CAT_Helper_Validate::getInstance()->fromSession($key, $require); }
/** * initialize current page **/ private static final function init($page_id) { global $parser; $parser->setGlobals('PAGE_ID', $page_id); self::$instances[$page_id]->_page_id = $page_id; $prop = self::$instances[$page_id]->getProperties(); foreach ($prop as $key => $value) { if (!$value) { continue; } if (CAT_Registry::exists(strtoupper($key))) { continue; } if (is_array($value)) { continue; } CAT_Registry::register(strtoupper($key), $value, true); $parser->setGlobals(strtoupper($key), $value); } // Work-out if any possible in-line search boxes should be shown if (SEARCH == 'public') { CAT_Registry::register('SHOW_SEARCH', true, true); } elseif (SEARCH == 'private' and VISIBILITY == 'private') { CAT_Registry::register('SHOW_SEARCH', true, true); } elseif (SEARCH == 'private' and CAT_User::getInstance()->is_authenticated() == true) { CAT_Registry::register('SHOW_SEARCH', true, true); } elseif (SEARCH == 'registered' and CAT_User::getInstance()->is_authenticated() == true) { CAT_Registry::register('SHOW_SEARCH', true, true); } else { CAT_Registry::register('SHOW_SEARCH', false, true); } $parser->setGlobals('SHOW_SEARCH', SHOW_SEARCH); // Work-out if menu should be shown if (!defined('SHOW_MENU')) { CAT_Registry::register('SHOW_MENU', true, true); } // Work-out if login menu constants should be set if (FRONTEND_LOGIN) { $constants = array('LOGIN_URL' => CAT_URL . '/account/login.php', 'LOGOUT_URL' => CAT_URL . '/account/logout.php', 'FORGOT_URL' => CAT_URL . '/account/forgot.php', 'PREFERENCES_URL' => CAT_URL . '/account/preferences.php', 'SIGNUP_URL' => CAT_URL . '/account/signup.php'); // Set login menu constants CAT_Registry::register($constants, NULL, true); $parser->setGlobals(array('username_fieldname' => CAT_Helper_Validate::getInstance()->createFieldname('username_'), 'password_fieldname' => CAT_Helper_Validate::getInstance()->createFieldname('password_'), 'redirect_url' => isset($_SESSION['HTTP_REFERER']) && $_SESSION['HTTP_REFERER'] != '' ? $_SESSION['HTTP_REFERER'] : CAT_URL)); $parser->setGlobals($constants); } }