public function posted() { if (isset($_POST) && isset($_POST['formaction']) && $_POST['formaction'] == $this->name) { // check csrf token if (isset($_POST['token']) && $_POST['token'] != '' && $_POST['token'] == $this->csrf_token) { // generate new token $this->csrf_token = md5(uniqid('csrf', true)); PerchSession::set('csrf_token', $this->csrf_token); $this->display_only(false); if (isset($_POST['_perch_ajax']) && $_POST['_perch_ajax'] == '1') { $this->submitted_via_ajax = true; } return true; } } return false; }
if ($current_index === false) { $expand_list[] = $actionID; } } if (isset($_GET['cl']) && $_GET['cl'] != '') { // close $actionID = (int) $_GET['cl']; $current_index = array_search($actionID, $expand_list); if ($current_index !== false) { unset($expand_list[$current_index]); // find any expanded children $child_ids = $Pages->find_child_page_ids($actionID); $expand_list = array_diff($expand_list, $child_ids); } } PerchSession::set('content_expand_list', $expand_list); $pages = $Pages->get_page_tree_collapsed($expand_list); } else { switch ($filter) { case 'new': $pages = $Pages->get_page_tree_filtered('new'); break; case 'template': $pages = $Pages->get_page_tree_filtered('template', $template_to_filter); break; default: $pages = $Pages->get_page_tree(); if (PERCH_RUNWAY && PerchUtil::count($pages) == 0) { $Pages->create_defaults($CurrentUser); $pages = $Pages->get_page_tree_collapsed(array(0)); }
$Asset->update(array('resourceTitle' => $_POST['miu_image_upload_title'])); } $Asset->reindex(); if (PerchUtil::count($ids)) { if (!PerchSession::is_set('resourceIDs')) { $logged_ids = array(); PerchSession::set('resourceIDs', $logged_ids); } else { $logged_ids = PerchSession::get('resourceIDs'); } foreach ($ids as $assetID) { if (!in_array($assetID, $logged_ids)) { $logged_ids[] = $assetID; } } PerchSession::set('resourceIDs', $logged_ids); } if ($is_image) { $result = $Assets->get_resize_profile($Asset->id(), $width, $height, $crop ? '1' : '0', false, $density); if ($result) { echo $result['web_path']; } else { echo $Asset->web_path(); } exit; } else { echo $Asset->web_path(); exit; } } }
public function recover() { if (PerchSession::is_set('userID')) { $sql = 'SELECT u.*, r.* FROM ' . $this->table . ' u, ' . PERCH_DB_PREFIX . 'user_roles r WHERE u.roleID=r.roleID AND u.userEnabled=1 AND u.userID=' . $this->db->pdb((int) PerchSession::get('userID')) . ' AND u.userHash=' . $this->db->pdb(PerchSession::get('userHash')) . ' LIMIT 1'; $result = $this->db->get_row($sql); if (is_array($result)) { $this->set_details($result); $data = array(); $data['userHash'] = md5(uniqid()); $this->update($data); $this->result['userHash'] = $data['userHash']; $this->set_details($result); PerchSession::set('userHash', $data['userHash']); $this->logged_in = true; $this->_load_privileges(); return true; } } $this->logged_in = false; $this->privileges = array(); return false; }
$req['userEmail'] = "Required"; $req['userUsername'] = "******"; $req['userPassword'] = "******"; $req['loginpath'] = "Required"; $req['db_server'] = "Required"; $req['db_database'] = "Required"; $req['db_username'] = "******"; #$req['db_password'] = "******"; $Form->set_required($req); $validation = array(); $validation['userPassword'] = array("password", "Your passwords must match"); $Form->set_validation($validation); if ($Form->posted() && $Form->validate()) { $postvars = array('userGivenName', 'userFamilyName', 'userEmail', 'userUsername', 'userPassword'); $user = $Form->receive($postvars); PerchSession::set('user', $user); $postvars = array('loginpath', 'db_server', 'db_database', 'db_username', 'db_password', 'licenseKey', 'tz'); $conf = $Form->receive($postvars); if (!isset($conf['db_password'])) { $conf['db_password'] = ''; } $conf['loginpath'] = rtrim($conf['loginpath'], '/'); $config_file = file_get_contents('config.sample.php'); $config_file = preg_replace_callback('/\\$(\\w+)/', "substitute_vars", $config_file); $config_file_path = PerchUtil::file_path(realpath('../config') . '/config.php'); if (is_writable($config_file_path)) { file_put_contents($config_file_path, $config_file); $test_contents = file_get_contents($config_file_path); if ($test_contents == $config_file) { PerchUtil::redirect('index.php?install=1&auto=1'); }
If this is the first chunk, check the file name is unique. If it's not unique, generate a unique one. Then store the file name in the session for future chunks to reference. */ if ($chunk === 0) { if (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) { $ext = strrpos($fileName, '.'); $fileName_a = substr($fileName, 0, $ext); $fileName_b = strtolower(substr($fileName, $ext)); $count = 1; while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '-' . $count . $fileName_b)) { $count++; } $fileName = $fileName_a . '-' . $count . $fileName_b; } PerchSession::set($originalFileName, $fileName); } else { $fileName = PerchSession::get($originalFileName); } // add a _uploading_ prefix while we're uploading. We'll remove it later. $fileName = '_uploading_' . $fileName; // Look for the content type header if (isset($_SERVER["HTTP_CONTENT_TYPE"])) { $contentType = $_SERVER["HTTP_CONTENT_TYPE"]; } if (isset($_SERVER["CONTENT_TYPE"])) { $contentType = $_SERVER["CONTENT_TYPE"]; } // Handle non multipart uploads older WebKit versions didn't support multipart in HTML5 if (strpos($contentType, "multipart") !== false) { if (isset($_FILES['file']['tmp_name']) && is_uploaded_file($_FILES['file']['tmp_name'])) {