/**
  * Checks messaging anti-spam
  *
  * @param  boolean      $autoBack     TRUE: returns code 403 and attempts a "back" in browser with Javascript, FALSE: Returns error text
  * @param  boolean      $allowPublic  TRUE: Also checks for guests, FALSE: Only for registered and logged-in users
  * @return null|string                NULL: Ok, String: translated error text
  */
 function cbAntiSpamCheck($autoBack = true, $allowPublic = false)
 {
     global $_POST;
     $validateValuePost = cbGetParam($_POST, 'cbvssps', '');
     cbimport('cb.session');
     $validateValueCookie = CBCookie::getcookie('cbvs');
     $parts0 = explode('_', $validateValuePost);
     $parts1 = explode('_', $validateValueCookie);
     $match = false;
     if (count($parts0) == 3 && count($parts1) == 3) {
         $validate = cbGetAntiSpams($parts0[2], $parts1[2], $allowPublic);
         $match = $validateValuePost === $validate[0] || $validateValueCookie === $validate[1];
     }
     if (!$match) {
         if ($autoBack) {
             _cbExpiredSessionJSterminate();
         } else {
             return CBTxt::Th('UE_SESSION_EXPIRED', 'Session expired or cookies are not enabled in your browser. Please press "reload page" in your browser, and enable cookies in your browser.') . ' ' . CBTxt::Th('UE_PLEASE_REFRESH', 'Please refresh/reload page before filling-in.');
         }
     }
     return null;
 }
function cbAntiSpamCheck($autoBack = true)
{
    global $_POST;
    $validateValuePost = cbGetParam($_POST, 'cbvssps', '');
    cbimport('cb.session');
    $validateValueCookie = CBCookie::getcookie('cbvs');
    $parts0 = explode('_', $validateValuePost);
    $parts1 = explode('_', $validateValueCookie);
    if (count($parts0) == 3 && count($parts1) == 3) {
        $validate = cbGetAntiSpams($parts0[2], $parts1[2]);
    }
    if (count($parts0) != 3 || count($parts1) != 3 || $validateValuePost !== $validate[0] || $validateValueCookie !== $validate[1]) {
        if ($autoBack) {
            _cbExpiredSessionJSterminate();
        } else {
            return _UE_SESSION_EXPIRED . ' ' . _UE_PLEASE_REFRESH;
        }
    }
    return null;
}
Пример #3
0
	/**
	 * Sends out the session cookies
	 * @access private
	 *
	 * @return boolean  FALSE if headers already sent.
	 */
	function _sendSessionCookies() {
		global $_SERVER;

		$isHttps			=	(isset($_SERVER['HTTPS']) && ( !empty( $_SERVER['HTTPS'] ) ) && ($_SERVER['HTTPS'] != 'off') );
		return CBCookie::setcookie( $this->_cookie_name, $this->_session_id, false, null, null, $isHttps, true );
	}
 /**
  * Gets a cleaned value from a PHP global
  *
  * @param  string $arn
  * @param  string $name
  * @param  mixed  $def
  * @return mixed
  */
 protected static function _globalConv($arn, $name, $def = null)
 {
     switch ($arn) {
         case 'request':
             global $_REQUEST;
             $value = cbGetParam($_REQUEST, $name, $def);
             break;
         case 'get':
             global $_GET;
             $value = cbGetParam($_GET, $name, $def);
             break;
         case 'post':
             global $_POST;
             $value = cbGetParam($_POST, $name, $def);
             break;
         case 'cookie':
             global $_COOKIE;
             $value = cbGetParam($_COOKIE, $name, $def);
             break;
         case 'cbcookie':
             cbimport('cb.session');
             $value = CBCookie::getcookie($name, $def);
             break;
         case 'session':
             global $_SESSION;
             $value = cbGetParam($_SESSION, $name, $def);
             break;
         case 'server':
             global $_SERVER;
             $value = cbGetParam($_SERVER, $name, $def);
             break;
         case 'env':
             global $_ENV;
             $value = cbGetParam($_ENV, $name, $def);
             break;
         default:
             trigger_error(sprintf('SQLXML::globalconv error: unknown type %s for %s.', $arn, $name), E_USER_NOTICE);
             $value = null;
             break;
     }
     return stripslashes($value);
 }