$x = unserialize(file_get_contents($f)); if ($x['eval']) { eval($x['eval']); } if ($x['vars']) { extract($x['vars']); } //todo:nettoyer l'evaluation de code pour éviter hacking par pré-chargement de fichiers.. #notice:comportement individuel par fichier en inscrivant dedans : #$_ENV['vars']=Array($_ENV=>Array('bob'=1),'racine'=>'autre');$_ENV['eval']="\$var=1;function bidon($x){return $x*2;}"; } #Keep:$a['SCRIPT_FILENAME #URI=http+host+url #clenaup vars $x = explode(',', "MIBDIRS,MYSQL_HOME,OPENSSL_CONF,PHP_PEAR_SYSCONF_DIR,PHPRC,CONTEXT_DOCUMENT_ROOT,TMP,SystemRoot,COMSPEC,PATHEXT,WINDIR,REMOTE_PORT,PHP_AUTH_USER,PHP_AUTH_PW,SERVER_ADDR,SERVER_ADMIN,SERVER_NAME,SERVER_PORT,SERVER_PROTOCOL,SERVER_SOFTWARE,AUTH_TYPE,GATEWAY_INTERFACE,HTTP_ACCEPT,HTTP_ACCEPT_ENCODING,HTTP_ACCEPT_LANGUAGE,HTTP_CACHE_CONTROL,HTTP_CONNECTION,HTTP_DNT,PATH,REMOTE_USER,QUERY_STRING,REDIRECT_STATUS,REMOTE_ADDR,REMOTE_HOST,DOCUMENT_ROOT,HTTP_HOST,HTTP_USER_AGENT,REQUEST_METHOD,REQUEST_TIME,HTTP_COOKIE,SERVER_SIGNATURE,argv,argc,preload,vars,HTTP_X_FIRELOGGER,HTTP_X_INSIGHT,SCRIPT_URI,SCRIPT_URL,rk17,ip,server,HTTP_REFERER"); $x = Array_flip($x); $a = array_diff_key($a, $x); ### foreach ($a as $k => $v) { if (strpos($k, 'EDIRECT_')) { $a[str_replace('REDIRECT_', '', $k)] = $v; unset($a[$k], $_SERVER[$v]); } if (!$v) { unset($a[$k]); } } $D = $k = $v = $x = $root = $rt = $sqluser = $sqlpass = $sqlhost = $tmp = $logs = $a['rk17'] = null; #REDIRECT_URL,on purge les variable non intéressantes if (RQS && RQS != Q) { $x = explode('&', RQS);
public static function javo_search_form_callback($atts, $content = '') { self::$load_script = true; $javo_query = new javo_ARRAY($_GET); extract(shortcode_atts(array('action' => '', 'hide_field' => array(), 'display_border' => ''), $atts)); $javo_redirect = home_url(); if ((int) $action > 0 && !is_archive() && !is_search()) { $javo_redirect = apply_filters('javo_wpml_link', $action); } $javo_hide_el = (array) @explode(',', $hide_field); $javo_hide_el = (object) Array_flip($javo_hide_el); $javo_display_border = $display_border === 'hide' || is_search() || is_archive() ? ' border-none' : null; ob_start(); ?> <div class="container search-type-a-wrap"> <form role="form" data-javo-search-form class="search-type-a-form" method="get"> <div class="search-type-a-inner<?php echo $javo_display_border; ?> "> <?php if (!isset($javo_hide_el->keyword)) { ?> <div class="search-box-inline"> <input type = "text" class = "search-a-items form-control" name = "s" placeholder = "<?php _e('Keyword', 'javo_fr'); ?> " value = "<?php echo $javo_query->get('keyword', null); ?> " > </div><!-- /.search-box-inline --> <?php } ?> <?php if (!isset($javo_hide_el->category)) { ?> <div class="search-box-inline"> <select name="filter[item_category]" class="form-control"> <option value=""><?php _e('Category', 'javo_fr'); ?> </option> <?php echo apply_filters('javo_get_selbox_child_term_lists', 'item_category', null, 'select', $javo_query->get('category', 0), 0, 0); ?> </select> </div><!-- /.search-box-inline --> <?php } ?> <?php if (!isset($javo_hide_el->location)) { ?> <div class="search-box-inline"> <select name="filter[item_location]" class="form-control"> <option value=""><?php _e('Location', 'javo_fr'); ?> </option> <?php echo apply_filters('javo_get_selbox_child_term_lists', 'item_location', null, 'select', $javo_query->get('location', 0), 0, 0); ?> </select> </div><!-- /.search-box-inline --> <?php } ?> <?php if (!isset($javo_hide_el->google) && !is_archive() && !is_search()) { ?> <div class="search-box-inline javo-search-form-geoloc"> <input type="text" name="geoloc" class="form-control jv-search-location-input" > <i class="fa fa-map-marker javo-geoloc-trigger"></i> </div><!-- /.col-md-2 --> <?php } ?> <div class="search-box-inline"> <button type="submit" class="jv-submit-button btn btn-primary admin-color-setting" > <i class="fa fa-search"></i> <?php _e('Search', 'javo_fr'); ?> </button> </div><!-- /.col-md-2 --> </div> <!-- search-type-a-inner --> <fieldset> <input type = "hidden" value = "<?php echo (int) $action > 0 ? apply_filters('javo_wpml_link', $action) : null; ?> " javo-search-target > </fieldset> </form> <form class = "hidden" role="search"> <input type="hidden" name="post_type" value="item"> <input type="hidden" name="category"> <input type="hidden" name="location"> <input type="hidden" name="keyword"> <input type="hidden" name="geolocation"> <input type="hidden" name="radius_key"> <input type="hidden" name="s"> </form> </div> <!-- container search-type-a-wrap --> <script type="text/javascript"> jQuery( function( $ ) { var javo_search_form_func = function() { this.elements = { origin : 'form[data-javo-search-form]' , result : '[data-javo-patch-form-for-result]' , template : '[data-javo-patch-form-for-template]' , type : '[data-javo-search-form-action-type]' , geo_trig : '.javo-geoloc-trigger' } if( ! window.__JSF__INSTANCE__ ) { window.__JSF__INSTANCE__ = true; this .init() .methods(); } } javo_search_form_func.prototype = { constructor: javo_search_form_func , init : function() { this.setAutoCompleteObject(); return this; } , setAutoCompleteObject : function() { var form = $( this.elements.origin ); var term_elements = form.find( "select[name^='filter']" ); var geo_elment = form.find( "[name='geoloc']" )[0]; term_elements.chosen({ search_contains: 1 }); if( geo_elment ) new google.maps.places.Autocomplete( geo_elment ); } , methods : function() { $( document ) .on( 'submit' , this.elements.origin, this.submit ) .on( 'click' , this.elements.geo_trig, this.trigger_geo ); return this; } , trigger_geo : function( e ) { e.preventDefault(); var _form = $( this ).closest( 'form' ); var form = _form.next(); _form .find( '*' ) .addClass( 'disabled' ) .attr( 'disabled', true ); $( this ).addClass( 'fa-spin' ); form.find( "[name='geolocation']" ).val(1); _form.submit(); } , submit : function( e ) { e.preventDefault(); var _form = $( this ); var form = _form.next(); var __TAR__ = _form.find( '[javo-search-target]' ).val(); if( __TAR__ ) { // Template form .prop({ action : __TAR__, method: 'post' }) .find( "[name='s'], [name='post_type']" ) .remove(); } else { // Search Result form.prop({ action : '', method : 'get' }); } ; form .find( "[name='category']") .val( _form.find( "select[name='filter[item_category]']" ).val() ) ; form .find( "[name='location']") .val( _form.find( "select[name='filter[item_location]']" ).val() ) ; form .find( "[name='s'], [name='keyword']") .val( _form.find( "input[name='s']" ).val() ) ; form .find( "[name='radius_key']") .val( _form.find( "input[name='geoloc']" ).val() ) form.submit(); } }; new javo_search_form_func; }); </script> <?php return ob_get_clean(); }