function getrss() { uses('Sanitize'); Configure::write('debug', '0'); //turn debugging off; debugging breaks ajax $this->layout = 'ajax'; $mrClean = new Sanitize(); $limit = 5; $start = 0; if (empty($this->params['form']['url'])) { die('Incorrect use'); } $url = $this->params['form']['url']; if (!empty($this->params['form']['limit'])) { $limit = $mrClean->paranoid($this->params['form']['limit']); } if (!empty($this->params['form']['start'])) { $start = $mrClean->paranoid($this->params['form']['start']); } $feed = $this->Simplepie->feed_paginate($url, (int) $start, (int) $limit); $out['totalCount'] = $feed['quantity']; $out['title'] = $feed['title']; $out['image_url'] = $feed['image_url']; $out['image_width'] = $feed['image_width']; $out['image_height'] = $feed['image_height']; foreach ($feed['items'] as $item) { $tmp['title'] = strip_tags($item->get_title()); $tmp['url'] = strip_tags($item->get_permalink()); $tmp['description'] = strip_tags($item->get_description(), '<p><br><img><a><b>'); $tmp['date'] = strip_tags($item->get_date('d/m/Y')); $out['items'][] = $tmp; } $this->set('json', $out); }
function index() { $solid = $this->Session->read('sol'); $this->Webymsg->recursive = -1; $filter = array('Webymsg.sol_id' => $solid); // host selezionato $host_id = $this->Session->read('host_id'); if (!empty($host_id) && $host_id["host"] != 0) { $filter['Webymsg.source_id'] = $host_id["host"]; } $srch = null; if ($this->Session->check('srch_webmsn')) { $srch = $this->Session->read('srch_webmsn'); } if (!empty($this->data)) { $srch = $this->data['Search']['label']; $srch = Sanitize::paranoid($srch); } if (!empty($srch)) { $filter['Webymsg.friend LIKE'] = "%{$srch}%"; } $msgs = $this->paginate('Webymsg', $filter); $this->Session->write('srch_webmsn', $srch); $this->set('chats', $msgs); $this->set('srchd', $srch); $this->set('menu_left', $this->Xplico->leftmenuarray(6)); }
/** *@desc Funcion para poder cambiar el password del Usuario */ function pass() { $this->Usuario->recursive = 0; if (!empty($this->data)) { $id_usuario = $this->Session->read('id_usuario'); $usuario = $this->Usuario->findByIdUsuario($id_usuario); $save = true; if ($this->data['Usuario']['pass1'] != $this->data['Usuario']['pass2']) { $this->Usuario->validationErrors['pass1'] = 'La nueva contraseña debe coincidir con la repetición'; $save = false; } elseif (!$this->revisarPass($this->data['Usuario']['pass1'])) { $this->Usuario->validationErrors['pass1'] = 'La contraseña debe tener por lo menos 3 letras y no usar ñ o espacios'; $save = false; } if (md5($this->data['Usuario']['pass']) != $usuario['Usuario']['pass']) { $this->Usuario->validationErrors['pass'] = '******'; $save = false; } if ($save) { $this->Usuario->id = $id_usuario; $this->data['Usuario']['pass'] = md5(Sanitize::paranoid($this->data['Usuario']['pass1'])); if ($this->Usuario->save($this->data['Usuario'])) { $this->Session->setFlash('Su contraseña ha sido correctamente actualizada'); $this->redirect("/"); exit; } $this->data['Usuario']['pass'] = ''; $this->data['Usuario']['pass1'] = ''; $this->data['Usuario']['pass2'] = ''; } } }
/** * undocumented function * * @param string $filedata * @param string $uploadPath * @param string $filename * @return void * @access public */ function upload($filedata = null, $uploadPath = null, $mimeRules = array(), $isImage = true) { if ($filedata != null) { $this->filedata = $filedata; } if ($uploadPath != null) { $this->uploadPath = $uploadPath; } if (!empty($mimeRules)) { $passesMime = false; foreach ($mimeRules as $rule) { if ($this->filedata['type'] == $rule) { $passesMime = true; break; } } } if (!$passesMime) { return 'mime-error'; } if (!$this->validate()) { return false; } App::import('Core', 'Sanitize'); $this->filedata['name'] = Sanitize::paranoid($this->filedata['name'], array('.', '-', '_')); $this->filename = $this->makeUniqueName() . '_' . $this->filedata['name']; $destFile = $this->uploadPath . $this->filename; if ($isImage === true && method_exists($this, 'defaultImageHandler')) { $this->defaultImageHandler(); } if (move_uploaded_file($this->filedata['tmp_name'], $destFile)) { return $destFile; } return false; }
function index($id = null) { $this->cacheAction = "10000 hours"; //$this->layout = 'image'; $albumData = array(); App::import('Sanitize'); $id = (int) Sanitize::paranoid($id); $albumData = $this->Image->Album->read(null, $id); //debug($albumData); if (!$id || $albumData == false || !isset($albumData['Album']['image_count']) || $albumData['Album']['image_count'] == 0) { $this->Session->setFlash('Вы не выбрали альбом'); $this->redirect(array('controller' => 'albums', 'action' => 'index'), null, true); } $this->paginate['Image'] = array('conditions' => array('Image.album_id' => $id), 'contain' => array('Album.name'), 'order' => array('Image.id' => 'DESC'), 'limit' => 12); $images = $this->paginate(); foreach ($images as $image) { $imagesId[] = $image['Image']['id']; } $imagesTotal = $this->Image->find('all', array('conditions' => array('Image.album_id' => $id), 'contain' => false)); foreach ($imagesTotal as $imageT) { $imagesId2[] = $imageT['Image']['id']; } $diff = array_diff($imagesId2, $imagesId); $restImgs = $this->Image->find('all', array('conditions' => array('Image.album_id' => $id, 'Image.id' => $diff), 'contain' => false)); $this->set('restImgs', $restImgs); $this->set('images', $images); }
/** * Authenticates the identity contained in a request. Will use the `settings.userModel`, and `settings.fields` * to find POST data that is used to find a matching record in the `settings.userModel`. Will return false if * there is no post data, either username or password is missing, of if the scope conditions have not been met. * @author DaiNT * @date: 2013/05/23 * @param CakeRequest $request The request that contains login information. * @param CakeResponse $response Unused response object. * @return mixed. False on login failure. An array of User data on success. */ public function authenticate(CakeRequest $request, CakeResponse $response) { if (isset($request->data['type'])) { $type = $request->data['type']; if (!isset($this->settings['types'][$type])) { throw new Exception(__('Type %s login not setting', $type)); } $types = $this->settings['types']; $this->settings = array_merge(array('types' => $types), $types[$type]); } // if not set model in from then reset to request if (AppUtility::checkIsMobile()) { $this->settings['fields']['password'] = '******'; } $fields = $this->settings['fields']; $model = $this->settings['userModel']; $userName = Sanitize::paranoid($request->data[$model][$fields['username']]); $password = Sanitize::paranoid($request->data[$model][$fields['password']]); if (empty($request->data[$model])) { $request->data[$model] = array($fields['username'] => isset($userName) ? $userName : null, $fields['password'] => isset($password) ? $password : null); } $user = parent::authenticate($request, $response); if (!empty($user) && is_array($user) && isset($request->data[$model]['system_permission'])) { $user['system_permission'] = $request->data[$model]['system_permission']; } return $user; }
function purchase_product() { // Clean up the post uses('sanitize'); $clean = new Sanitize(); $clean->paranoid($_POST); // Check if we have an active cart, if there is no order_id set, then lets create one. if (!isset($_SESSION['Customer']['order_id'])) { $new_order = array(); $new_order['Order']['order_status_id'] = 0; // Get default shipping & payment methods and assign them to the order $default_payment = $this->Order->PaymentMethod->find(array('default' => '1')); $new_order['Order']['payment_method_id'] = $default_payment['PaymentMethod']['id']; $default_shipping = $this->Order->ShippingMethod->find(array('default' => '1')); $new_order['Order']['shipping_method_id'] = $default_shipping['ShippingMethod']['id']; // Save the order $this->Order->save($new_order); $order_id = $this->Order->getLastInsertId(); $_SESSION['Customer']['order_id'] = $order_id; global $order; $order = $new_order; } // Add the product to the order from the component $this->OrderBase->add_product($_POST['product_id'], $_POST['product_quantity']); global $config; $content = $this->Content->read(null, $_POST['product_id']); $this->redirect('/product/' . $content['Content']['alias'] . $config['URL_EXTENSION']); }
/** * Class constructor. * * @param string $method Method producing the error * @param array $messages Error messages */ function __construct($method, $messages) { App::import('Core', 'Sanitize'); $this->controller =& new CakeErrorController(); $allow = array('.', '/', '_', ' ', '-', '~'); if (substr(PHP_OS, 0, 3) == "WIN") { $allow = array_merge($allow, array('\\', ':')); } $messages = Sanitize::paranoid($messages, $allow); if (!isset($messages[0])) { $messages = array($messages); } if (method_exists($this->controller, 'apperror')) { return $this->controller->appError($method, $messages); } if (!in_array(strtolower($method), array_map('strtolower', get_class_methods($this)))) { $method = 'error'; } if ($method !== 'error') { if (Configure::read() == 0) { $method = 'error404'; if (isset($code) && $code == 500) { $method = 'error500'; } } } $this->dispatchMethod($method, $messages); $this->_stop(); }
/** * Vote * @author vovich * @param unknown_type $model * @param unknown_type $modelId * @param unknown_type $point * @return JSON */ function voting($model, $modelId, $delta) { Configure::write('debug', 0); $this->layout = false; $result = array("error" => "", "sum" => 0, "votes_plus" => 0, "votes_minus" => 0); $userId = $this->Access->getLoggedUserID(); if (!$this->RequestHandler->isAjax()) { $this->redirect($_SERVER['HTTP_REFERER']); } if ($userId == VISITOR_USER || !$userId) { $result['error'] = "Access error, please login."; } elseif (!$this->Access->getAccess('Vote_' . $model, 'c')) { $result['error'] = "You can not vote for this " . $model . "<BR> please logg in "; } else { $result['error'] = $this->Vote->canVote($model, $modelId, $userId); } $data['model'] = Sanitize::paranoid($model); $data['model_id'] = Sanitize::paranoid($modelId); $data['user_id'] = $userId; $data['delta'] = $delta; if (Sanitize::paranoid($model) == 'Image') { Cache::delete('last_images'); } elseif (Sanitize::paranoid($model) == 'Video') { Cache::delete('last_images'); } if (empty($result['error'])) { $points = $this->Vote->add($data); $result['votes_plus'] = $points['votes_plus']; $result['votes_minus'] = $points['votes_minus']; $result['sum'] = $points['votes_plus'] - $points['votes_minus']; } exit($this->Json->encode($result)); }
function paranoid($vars) { foreach ($vars as &$var) { $var = Sanitize::paranoid($var, array('.', '-', '=')); } return $vars; }
public function view() { parent::view(); $id = Sanitize::paranoid($this->params->id); $id = (int) $id; $content = file_get_contents('http://resources.sejmometr.pl/sejm_komunikaty/content/' . $id . '.html'); $this->set('content', $content); }
function search() { $this->pageTitle = __('USERS_SEARCH_TITLE', true); // objekt pre escapovanie // uses('sanitize'); $sanit = new Sanitize(); // // nastav condition na zaklade zaslaneho hladania // $condition = array('"User"."username" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\' OR ' . '"User"."first_name" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\' OR ' . '"User"."middle_name" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\' OR ' . '"User"."last_name" LIKE \'%' . $sanit->paranoid(@$_POST['name']) . '%\''); // // find & paginate it $this->set('name', $sanit->paranoid(@$_POST['name'])); $this->paginate['User']['limit'] = 20; $this->set('users', $this->paginate('User', $condition)); $this->render('index'); }
function index() { $this->cacheAction = "10000 hours"; App::import('Sanitize'); /** *In this module we setting the path to the current Brand logo. */ $brand = array(); if (isset($this->params['named']['brand']) && (int) Sanitize::paranoid($this->params['named']['brand']) != null) { $brand = $this->SubCategory->BrandsCategory->Brand->find('first', array('conditions' => array('Brand.id' => $this->params['named']['brand']), 'fields' => array('Brand.id', 'Brand.logo', 'Brand.body', 'Brand.name'), 'contain' => false)); if ($brand != array()) { $this->set('brand', $brand); } else { $this->Session->setFlash('Brand wasn\'t found in database'); $this->redirect('/', null, true); } } else { $this->Session->setFlash('Brand wasn\'t found in database'); $this->redirect('/', null, true); } /** *In this module we setting the set of the subcategories. */ $category = array(); if (isset($this->params['named']['category']) && (int) Sanitize::paranoid($this->params['named']['category']) != null) { $subCats = $this->SubCategory->BrandsCategory->find('first', array('conditions' => array('category_id' => $this->params['named']['category'], 'brand_id' => $this->params['named']['brand']), 'fields' => array(), 'contain' => array('Banner' => array('fields' => array('Banner.id', 'Banner.logo', 'Banner.url'), 'order' => array('BannersBrandsCategory.id' => 'DESC')), 'SubCategory' => array('fields' => array('name', 'id', 'product_count'), 'conditions' => array('SubCategory.product_count <>' => null)), 'Category' => array('fields' => array('Category.id', 'Category.type', 'Category.name'))))); if ($subCats != array()) { $this->set('subCats', $subCats); } else { $this->Session->setFlash('SubCat wasn\'t found in database'); $this->redirect('/', null, true); } } else { $this->Session->setFlash('SubCat wasn\'t found in database'); $this->redirect('/', null, true); } /** *In this module we setting the set of the products. */ $products = array(); if (isset($this->params['named']['subcat']) && (int) Sanitize::paranoid($this->params['named']['subcat']) != null) { $products = $this->SubCategory->find('first', array('conditions' => array('SubCategory.id' => $this->params['named']['subcat']), 'fields' => array('name'), 'contain' => array('Product' => array('fields' => array('Product.name', 'Product.logo', 'Product.logo1', 'Product.content1'), 'order' => array('Product.id' => 'DESC'))))); $this->set('products', $products); if ($subCats['Category']['type'] == 3) { $this->render('indexType3'); } } elseif (!isset($this->params['named']['subcat'])) { //$brandInfo= $this->SubCategory->Brand->find('first', array('conditions' => array('SubCategory.id' => $subCat['0']['SubCategory']['id']), 'contain' => array('Product') ) ); } if (isset($products['Product']) && $products['Product'] == array()) { $this->Session->setFlash('В данном разделе отсутствуют товары', 'default', array('class' => "error")); } }
function reset_password($userId, $data) { $user_id = Sanitize::paranoid($user_id); if ($this->comparePassword($data['User']['password'], $data['User']['password_confirm'])) { pr('password comparison passed!'); $password = $this->hashPasswords($data['User']['password'], true); $sql = "UPDATE users SET users.password = '******' WHERE users.id = {$userId}"; $this->query($sql); return true; } else { pr('password comparison failed!'); return false; } }
function index() { global $Itemid; $cat_id = null; $conditions = array(); $joins = array(); $order = array(); $menu_id = ''; // Read module params $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params, 'section'); $cat_id = Sanitize::getString($this->params['module'], 'cat'); $criteria_id = Sanitize::getString($this->params['module'], 'criteria'); $itemid_options = Sanitize::getString($this->params['module'], 'itemid_options'); $itemid_hc = Sanitize::getInt($this->params['module'], 'hc_itemid'); $field = Sanitize::paranoid(Sanitize::getString($this->params['module'], 'field'), array('_')); $option_length = Sanitize::getInt($this->params['module'], 'fieldoption_length'); $custom_params = Sanitize::getString($this->params['module'], 'custom_params'); $sort = Sanitize::paranoid(Sanitize::getString($this->params['module'], 'fieldoption_order')); # Set menu id switch ($itemid_options) { case 'none': $menu_id = ''; break; case 'current': break; case 'hardcode': $menu_id = $itemid_hc; break; } # Category auto detect if (Sanitize::getInt($this->params['module'], 'catauto')) { $ids = CommonController::_discoverIDs($this); extract($ids); } $this->FieldOption->modelUnbind(array('FieldOption.value AS `FieldOption.value`', 'FieldOption.fieldid AS `FieldOption.fieldid`', 'FieldOption.image AS `FieldOption.image`', 'FieldOption.ordering AS `FieldOption.ordering`', 'FieldOption.optionid AS `FieldOption.optionid`', 'FieldOption.text AS `FieldOption.text`')); $fields[] = 'FieldOption.optionid AS `FieldOption.optionid`'; $fields[] = 'FieldOption.value AS `FieldOption.value`'; if ($option_length) { $fields[] = 'IF(CHAR_LENGTH(FieldOption.text)>' . $option_length . ',CONCAT(SUBSTR(FieldOption.text,1,' . $option_length . '),"..."),FieldOption.text) AS `FieldOption.text`'; } else { $fields[] = 'FieldOption.text AS `FieldOption.text`'; } $joins[] = 'INNER JOIN #__jreviews_fields AS Field ON Field.fieldid = FieldOption.fieldid'; $order[] = 'FieldOption.' . $sort; $field_options = $this->FieldOption->findAll(array('fields' => $fields, 'conditions' => 'Field.name = ' . $this->quote($field), 'joins' => $joins, 'order' => $order)); # Send variables to view template $this->set(array('field' => $field, 'field_options' => $field_options, 'section_ids' => $section_id, 'category_ids' => $cat_id, 'criteria_id' => $criteria_id, 'menu_id' => $menu_id, 'custom_params' => $custom_params)); return $this->render('modules', 'fields'); }
public function add($uid, $data) { //Create and save the new event in the table. //Event type is set to editable - because this is a user event. $this->create(); $data['Event']['title'] = Sanitize::paranoid($data['Event']['title'], array('!', '\'', '?', '_', '.', ' ', '-')); if (!isset($data['Event']['editable'])) { $data['Event']['editable'] = true; } $data['Event']['user_id'] = $uid; if ($this->save($data)) { return $this->id; } else { return false; } }
public function search($term = null) { if (!empty($this->data[$this->modelClass]['search'])) { $url = array('action' => 'search', Sanitize::paranoid($this->data[$this->modelClass]['search']), 'global_category_id' => !empty($this->data[$this->modelClass]['global_category_id']) ? $this->data[$this->modelClass]['global_category_id'] : null); $this->redirect($url); } $category = !empty($this->request->params['named']['global_category_id']) ? $this->request->params['named']['global_category_id'] : null; try { $this->Paginator->settings = array('search', Sanitize::paranoid($term), $category); $this->set('search', $this->Paginator->paginate()); } catch (Exception $e) { $this->notice(__d('contents', $e->getMessage()), array('redirect' => false, 'level' => 'warning')); } $this->request->data[$this->modelClass]['global_category_id'] = $category; $this->set('globalCategories', array_merge(array(null => __d('contents', 'All')), $this->{$this->modelClass}->find('categoryList'))); }
function search($search) { $tutorial_ids = array(); $new_search = true; foreach ($this->allowedSearches as $key => $allowed) { $tutorial_id_results = array(); if (array_key_exists($key, $search)) { if ($allowed['type'] == 'intArray') { $association_ids = explode('|', $search[$key]); $association_ids = array_filter($association_ids, 'is_numeric'); if (!empty($association_ids)) { $associatedModel = $this->hasAndBelongsToMany[Inflector::camelize($key)]; $joinModel = $associatedModel['with']; $foreign_key = $associatedModel['foreignKey']; $association_foreign_key = $associatedModel['associationForeignKey']; $search_results = $this->{$joinModel}->find('all', array('fields' => array($foreign_key), 'group' => $foreign_key . ' HAVING count(DISTINCT ' . $association_foreign_key . ') = ' . count($association_ids), 'conditions' => array($key . '_id IN (' . join(',', $association_ids) . ')'))); $tutorial_id_results = Set::classicExtract($search_results, "{n}.{$joinModel}.{$foreign_key}"); } } elseif ($allowed['type'] == 'text') { $text = Sanitize::paranoid($search[$key], array(' ')); $individual_terms = explode(' ', $text); $term_results = array(); $first_term = true; foreach ($individual_terms as $term) { $search_results = $this->find('all', array('fields' => array('id'), 'conditions' => array('or' => array('title LIKE ' => '% ' . $term . ' %', 'description LIKE ' => '% ' . $term . ' %')))); $tag_search_results = $this->Tag->find('all', array('fields' => array('id', 'name'), 'conditions' => array('name LIKE' => '% ' . $term . ' %'), 'contain' => array('Tagged' => array('conditions' => array('model' => 'Tutorial'))))); $term_results = array_unique(array_merge(Set::extract("/Tutorial/id", $search_results), Set::extract("/Tagged/foreign_key", $tag_search_results))); if ($first_term) { $tutorial_id_results = $term_results; $first_term = false; } else { $tutorial_id_results = array_intersect($tutorial_id_results, $term_results); } } } if ($new_search) { $tutorial_ids = $tutorial_id_results; $new_search = false; } else { $tutorial_ids = array_intersect($tutorial_ids, $tutorial_id_results); } } } return $tutorial_ids; }
public function getParameterByPostParanoid($name, $defultValue = "", $allow = null) { //当从请求中取不到值 //取到的值为 '' //会得到 $defultValue 的值 $parameter = $defultValue; if ($this->request->is('post')) { if (array_key_exists($name, $_POST)) { $parameter = $this->request->data[$name]; if ($allow != null) { $parameter = Sanitize::paranoid($parameter, $allow); } else { $parameter = Sanitize::paranoid($parameter); } } } return $parameter; }
public function saveToDb($serviceName, $uid, $accessToken, $method, $expires = null) { // see if the user has already done this, if they have, we'll overwrite what we've got stored, if not, create a new record $service = $this->find('first', array('conditions' => array('user_id' => $uid, 'service' => ucfirst(strtolower($serviceName))))); $expires = is_null($expires) ? null : strtotime('+' . $expires . ' minutes'); // ensure 'method' is clean, lowercase, and what we expect it to be $method = strtolower(Sanitize::paranoid($method)); if ($method != 'read' && $method != 'write') { $method = 'read'; } // if service above returned false, we need to make a new one, otherwise just overwrite the 'object' field if (!$service) { $this->create(); $data = array('Oauth' => array('user_id' => $uid, 'service' => ucfirst(strtolower($serviceName)), 'object' => serialize($accessToken), 'method' => $method, 'expires' => $expires)); $this->save($data); } else { $this->id = $service['Oauth']['id']; $this->saveField('object', serialize($accessToken)); } }
function _checkAndUploadFile($folder, $file, $filename = null) { App::import('Sanitize'); if (!is_array($file)) { return $file; } elseif ($file['size']) { if ($filename) { $file['name'] = $filename; } else { $file['name'] = basename(Sanitize::paranoid($file['name'], array('.', '-', '_'))); } if (!file_exists('files/' . $folder)) { $pathToCreate = 'files/' . $folder; mkdir($pathToCreate, 0777, true); } move_uploaded_file($file['tmp_name'], 'files/' . $folder . '/' . $file['name']); return '/files/' . $folder . '/' . $file['name']; } else { return NULL; } }
private function checkRss($user_id, $hash) { if (is_null($user_id) || is_null($hash)) { return false; } if (!$this->controller->WallPost) { $this->controller->loadModel('WallPost'); } if ($this->controller->RequestHandler->isRss()) { Configure::write('debug', 0); // this just checks that the hash is valid for the specified user $this->controller->WallPost->User->recursive = -1; $user = $this->controller->WallPost->User->find('first', array('conditions' => array('User.id' => $user_id, 'User.rss_hash' => Sanitize::paranoid($hash)))); $this->controller->RequestHandler->setContent('rss'); if (!$user) { return false; } else { return $user['User']['id']; } } }
function add() { App::import('Sanitize'); $order = array(); if (!empty($this->params['pass'][0])) { //param with the gift id $param = Sanitize::paranoid($this->params['pass'][0]); $paramChecked = $this->Gift->find('first', array('conditions' => array('Gift.id' => $param), 'fields' => array('Gift.id', 'Gift.code', 'Gift.price'), 'contain' => false)); //debug($paramChecked); if (isset($paramChecked['Gift']['id']) && $paramChecked['Gift']['id'] != null && $paramChecked['Gift']['price'] != null) { $this->shopping->sessionShopping($paramChecked['Gift']['id'], $paramChecked['Gift']['code'], $paramChecked['Gift']['price']); $this->redirect($this->referer()); //User want to user param dierctly and wrong param. f**k him/her. } else { $this->Session->setFlash('Данный товар в настоящее время отсутствует', 'default', array('class' => null)); $this->redirect($this->referer()); } } else { $this->redirect('/'); } }
function view($id = null) { $CategoryPass = array(); $id = Sanitize::paranoid($id); $gifts = $this->Gift->read(null, (int) $id); if (!$id || $gifts == array()) { //$this->Session->setFlash(__('Invalid Gift.', true)); $this->redirect('/'); } else { //debug($this->Gift->read(null, $id) ); if (isset($gifts['Category'])) { foreach ($gifts['Category'] as $giftCat) { $CategoryPass[] = $this->Category->getpath($giftCat['id'], array('id', 'name', 'description')); //debug($CategoryPass); } } $this->set('CategoryPass', $CategoryPass); $this->set('gift', $gifts); $this->set('referer', $this->referer()); } }
function send_email() { // Clean up the post uses('sanitize'); $clean = new Sanitize(); $clean->paranoid($_POST); $config = $this->ConfigurationBase->load_configuration(); // Send to admin if ($config['SEND_CONTACT_US_EMAIL'] != '') { // Set up mail $this->Email->init(); $this->Email->From = $_POST['email']; $this->Email->FromName = $_POST['name']; $this->Email->AddAddress($config['SEND_CONTACT_US_EMAIL']); $this->Email->Subject = $config['SITE_NAME'] . ' - ' . __('Contact Us', true); // Email Body $this->Email->Body = $_POST['message']; // Sending mail $this->Email->send(); } $this->redirect('/'); }
private function get_address($zipcode) { App::uses('Sanitize', 'Utility'); $zipcode = Sanitize::paranoid($zipcode); App::uses('HttpSocket', 'Network/Http'); $HttpSocket = new HttpSocket(); $post['cepEntrada'] = $zipcode; $post['tipoCep'] = ''; $post['cepTemp'] = ''; $post['metodo'] = 'buscarCep'; $resposta = $HttpSocket->post("http://m.correios.com.br/movel/buscaCepConfirma.do", $post); $resposta = str_replace("\n", "", $resposta); $resposta = str_replace("\r", "", $resposta); $resposta = str_replace("\t", "", $resposta); preg_match_all('/<span class="respostadestaque">([^<]+)<\\/span>/i', $resposta, $match); if (isset($match[1][0])) { $endereco = utf8_encode(trim($match[1][0])); if (stripos($endereco, '- até') !== false) { preg_match_all('/(.*)(- até)(.*)/i', $endereco, $matchRua); $endereco = $matchRua[1][0]; } else { if (stripos($endereco, '- de') !== false) { preg_match_all('/(.*)(- de)(.*)/i', $endereco, $matchRua); $endereco = $matchRua[1][0]; } else { if (stripos($endereco, '- lado') !== false) { preg_match_all('/(.*)(- lado)(.*)/i', $endereco, $matchRua); $endereco = $matchRua[1][0]; } } } $this->request->data['Zipcode']['logradouro'] = trim($endereco); $this->request->data['Zipcode']['bairro'] = utf8_encode(trim($match[1][1])); $cidadeUF = explode('/', $match[1][2]); $this->request->data['Zipcode']['cidade'] = utf8_encode(trim($cidadeUF[0])); $this->request->data['Zipcode']['estado'] = trim($cidadeUF[1]); } return json_encode($this->request->data); }
/** * Class constructor. * * @param string $method * @param array $messages * @return unknown */ function __construct($method, $messages) { parent::__construct(); static $__previousError = null; $allow = array('.', '/', '_', ' ', '-', '~'); if (substr(PHP_OS, 0, 3) == "WIN") { $allow = array_merge($allow, array('\\', ':')); } $clean = new Sanitize(); $messages = $clean->paranoid($messages, $allow); if (!class_exists('Dispatcher')) { require CAKE . 'dispatcher.php'; } $this->__dispatch =& new Dispatcher(); if ($__previousError != array($method, $messages)) { $__previousError = array($method, $messages); if (!class_exists('AppController')) { loadController(null); } $this->controller =& new AppController(); if (!empty($this->controller->uses)) { $this->controller->constructClasses(); } $this->controller->_initComponents(); $this->controller->cacheAction = false; $this->__dispatch->start($this->controller); if (method_exists($this->controller, 'apperror')) { return $this->controller->appError($method, $messages); } } else { $this->controller =& new Controller(); $this->controller->cacheAction = false; } if (Configure::read() > 0 || $method == 'error') { call_user_func_array(array(&$this, $method), $messages); } else { call_user_func_array(array(&$this, 'error404'), $messages); } }
function remove($step_id = null, $code = null) { // Remove a step if ($this->RequestHandler->isGet()) { return; } $step_id = intval($step_id); App::import('Sanitize'); $code = Sanitize::paranoid($code); // Get Step $this->Step =& ClassRegistry::init('Step'); $this->Step->contain(array('State.Project')); $conditions = array('Step.id' => $step_id, 'Step.live' => 1); $step = $this->Step->find('first', compact('conditions')); if (empty($step)) { $this->_Flash('Unable to find Step', 'mean', $this->referer('/')); } // Must be my Step if ($step['State']['Project']['user_id'] != $this->DarkAuth->id) { $this->_Flash('Not your Step', 'mean', $this->referer('/')); } // Verify Code $expected_code = md5('test' . $step['Step']['id'] . 'test'); if ($code != $expected_code) { //$this->_Flash('Codes did not match','mean',$this->referer('/')); } // Move to live=0 $step['Step']['live'] = 0; // Re-order // - necessary? Just keep deleting shit (lol) if (!$this->Step->save($step['Step'], false, array('id', 'live'))) { $this->_Flash('Failed removing Step', 'mean', null); return; } // Changes saved echo jsonSuccess(); exit; $this->_Flash('Changes saved', 'nice', $this->referer('/')); }
function index() { global $Itemid; $cat_id = null; $conditions = array(); $joins = array(); $order = array(); $menu_id = ''; // Read module params $itemid_options = Sanitize::getString($this->params['module'], 'itemid_options'); $itemid_hc = Sanitize::getInt($this->params['module'], 'hc_itemid'); $field = Sanitize::paranoid(Sanitize::getString($this->params['module'], 'field'), array('_')); $custom_params = Sanitize::getString($this->params['module'], 'custom_params'); $dir_id = Sanitize::getString($this->params['module'], 'dir'); $section_id = Sanitize::getString($this->params, 'section'); $cat_id = Sanitize::getString($this->params['module'], 'cat'); $criteria_id = Sanitize::getString($this->params['module'], 'criteria'); # Set menu id switch ($itemid_options) { case 'none': $menu_id = ''; break; case 'current': break; case 'hardcode': $menu_id = $itemid_hc; break; } # Category auto detect if (Sanitize::getInt($this->params['module'], 'catauto')) { $ids = CommonController::_discoverIDs($this); extract($ids); } # Send variables to view template $this->set(array('field' => $field, 'dir_id' => $dir_id, 'section_ids' => $section_id, 'category_ids' => $cat_id, 'criteria_id' => $criteria_id, 'menu_id' => $menu_id, 'custom_params' => $custom_params)); return $this->render('modules', 'range'); }
function search() { $this->Session->write('current_menu', 'search'); $allowed = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9'); $this->pageTitle = __('Search for the partner', true); //print_r($this->passedArgs); if (isset($this->params['url']['language']) || !empty($this->passedArgs)) { $page = 1; if (isset($this->passedArgs['page'])) { $page = $this->passedArgs['page']; } if (isset($this->params['url']['language'])) { $language_id = Sanitize::paranoid($this->params['url']['language'], $allowed); } else { $language_id = 0; } if (isset($this->params['url']['country'])) { $country_id = Sanitize::paranoid($this->params['url']['country'], $allowed); } else { $country_id = 0; } if (isset($this->params['url']['city'])) { $city_id = Sanitize::paranoid($this->params['url']['city'], $allowed); } else { $city_id = 0; } // if (isset($this->passedArgs['language'])) // { // $language_id = $this->passedArgs['language']; // $country_id= $this->passedArgs['country']; // $city_id = $this->passedArgs['city']; // } // else // { // //if (isset($this->params['url']['language'])) // //{ // $language_id = $this->params['url']['language']; // //} // //elseif (isset($this->data['User']['language'])) // //{ // //$languages = $this->data['User']['language']; // //} // // get information about countries // $country_id = $this->params['url']['country']; // // if (isset($this->data['country'])) // // { // // $countries = $this->data['country']; // // } // // elseif (isset($this->data['User']['country'])) // // { // // $countries = $this->data['User']['country']; // // } // // get information about city // $city_id = $this->params['url']['city']; // // if (isset($this->data['city'])) // // { // // $cities = $this->data['city']; // // } // // elseif (isset($this->data['User']['city'])) // // { // // $cities = $this->data['User']['city']; // // } // // if (isset($languages) && isset($countries) && isset($cities)) // // { // // $language_id = $languages[0]; // // $country_id = $countries[0]; // // $city_id = $cities[0]; // // } // // else // // { // // $this->Session->setFlash(__('No idndices', true)); // // return; //TODO: // // } // } $this->User->bindModel(array('hasOne' => array('LanguagesUsers')), false); $conditions = array('LanguagesUsers.offer' => 1, 'LanguagesUsers.language_id' => $language_id); if (strcmp($country_id, '0') != 0) { $conditions = array_merge($conditions, array('Country.id' => $country_id)); } if (strcmp($city_id, '0') != 0) { $conditions = array_merge($conditions, array('City.id' => $city_id)); } //print_r($conditions); $this->User->recursive = 1; $users = $this->paginate($conditions); //print_r($users); $this->set('users', $users); } else { //$this->redirect('/'); } }