protected function SendResponse($answer) { header('Content-type: application/json'); $json_string = json_encode($answer, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); $last_er = json_last_error(); if ($last_er != JSON_ERROR_NONE) { SendError(new Exception("Error has occurred during serialization in JSON. " . GetJsonErrorExplanation($last_er))); } echo $json_string; }
function DoResponse() { global $Config; if (!isset($_GET)) { global $_GET; } if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) { return; } // Get the main request informaiton. $sCommand = $_GET['Command']; $sResourceType = $_GET['Type']; $sCurrentFolder = GetCurrentFolder(); // Check if it is an allowed command if (!IsAllowedCommand($sCommand)) { SendError(1, 'Команда "' . $sCommand . '" недоступна'); } // Check if it is an allowed type. if (!IsAllowedType($sResourceType)) { SendError(1, 'Неверный тип'); } // File Upload doesn't have to Return XML, so it must be intercepted before anything. if ($sCommand == 'FileUpload') { FileUpload($sResourceType, $sCurrentFolder, $sCommand); return; } CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder); // Execute the required command. switch ($sCommand) { case 'GetFolders': GetFolders($sResourceType, $sCurrentFolder); break; case 'GetFoldersAndFiles': GetFoldersAndFiles($sResourceType, $sCurrentFolder); break; case 'CreateFolder': CreateFolder($sResourceType, $sCurrentFolder); break; case 'FileDelete': if ($Config['Delete']) { FileDelete($sResourceType, $sCurrentFolder, $sCommand); } break; case 'FolderDelete': if ($Config['Delete']) { FolderDelete($sResourceType, $sCurrentFolder, $sCommand); } break; } CreateXmlFooter(); exit; }
function DoResponse() { if (!isset($_GET)) { global $_GET; } if ( !isset( $_GET['Command'] ) || !isset( $_GET['Type'] ) || !isset( $_GET['CurrentFolder'] ) ) return ; // Get the main request informaiton. $sCommand = $_GET['Command'] ; $sResourceType = $_GET['Type'] ; $sCurrentFolder = GetCurrentFolder() ; // Check if it is an allowed command if ( ! IsAllowedCommand( $sCommand ) ) SendError( 1, 'The "' . $sCommand . '" command isn\'t allowed' ) ; // Check if it is an allowed type. if ( !IsAllowedType( $sResourceType ) ) SendError( 1, 'Invalid type specified' ) ; // File Upload doesn't have to Return XML, so it must be intercepted before anything. if ( $sCommand == 'FileUpload' ) { FileUpload( $sResourceType, $sCurrentFolder, $sCommand ) ; return ; } CreateXmlHeader( $sCommand, $sResourceType, $sCurrentFolder ) ; // Execute the required command. switch ( $sCommand ) { case 'GetFolders' : GetFolders( $sResourceType, $sCurrentFolder ) ; break ; case 'GetFoldersAndFiles' : GetFoldersAndFiles( $sResourceType, $sCurrentFolder ) ; break ; case 'CreateFolder' : CreateFolder( $sResourceType, $sCurrentFolder ) ; break ; } CreateXmlFooter() ; exit ; }
function DoResponse() { if (!isset($_GET)) { global $_GET; } if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) { return; } // Get the main request informaiton. $sCommand = urlencode($_GET['Command']); $sResourceType = urlencode($_GET['Type']); $sCurrentFolder = GetCurrentFolder(); // Check if it is an allowed command if (!IsAllowedCommand($sCommand)) { SendError(1, 'FileBrowserError_Command' . ';;' . $sCommand); } // Check if it is an allowed type. if (!IsAllowedType($sResourceType)) { SendError(1, 'FileBrowserError_Type' . ';;' . $sResourceType); } // File Upload doesn't have to Return XML, so it must be intercepted before anything. if ($sCommand == 'FileUpload') { FileUpload($sResourceType, $sCurrentFolder, $sCommand); return; } if ($sCommand == 'GetDwfckNs') { GetDwfckNs(); return; } CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder); // Execute the required command. switch ($sCommand) { case 'GetFolders': GetFolders($sResourceType, $sCurrentFolder); break; case 'GetFoldersAndFiles': GetFoldersAndFiles($sResourceType, $sCurrentFolder); break; case 'CreateFolder': CreateFolder($sResourceType, $sCurrentFolder); break; case 'UnlinkFile': UnlinkFile($sResourceType, $sCurrentFolder, $sCommand, $_GET['file']); break; } CreateXmlFooter(); exit; }
return $sErrorMsg; } } if (!file_exists($folderPath)) { // Turn off all error reporting. error_reporting(0); // Enable error tracking to catch the error. ini_set('track_errors', '1'); // To create the folder with 0777 permissions, we need to set umask to zero. $oldumask = umask(0); mkdir($folderPath, 0777); umask($oldumask); $sErrorMsg = $php_errormsg; // Restore the configurations. ini_restore('track_errors'); ini_restore('error_reporting');
function DoResponse() { if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) { return; } // Get the main request informaiton. $sCommand = $_GET['Command']; $sResourceType = $_GET['Type']; $sCurrentFolder = $_GET['CurrentFolder']; // Check if it is an allowed type. if (!in_array($sResourceType, array('File', 'Image', 'Flash', 'Media'))) { return; } // Check the current folder syntax (must begin and start with a slash). if (!ereg('/$', $sCurrentFolder)) { $sCurrentFolder .= '/'; } if (strpos($sCurrentFolder, '/') !== 0) { $sCurrentFolder = '/' . $sCurrentFolder; } // Check for invalid folder paths (..) if (strpos($sCurrentFolder, '..')) { SendError(102, ""); } // File Upload doesn't have to Return XML, so it must be intercepted before anything. if ($sCommand == 'FileUpload') { FileUpload($sResourceType, $sCurrentFolder); return; } CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder); // Execute the required command. switch ($sCommand) { case 'GetFolders': GetFolders($sResourceType, $sCurrentFolder); break; case 'GetFoldersAndFiles': GetFoldersAndFiles($sResourceType, $sCurrentFolder); break; case 'CreateFolder': CreateFolder($sResourceType, $sCurrentFolder); break; } CreateXmlFooter(); exit; }
function DoResponse() { if (!isset($_GET)) { global $_GET; } if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) { return; } //require_once(GetRootPath() . '\\conlive_8_12\\site\\config\\project.php'); //$con = new Project(); $f = fopen("cok2.txt", "w"); fprintf($f, $_SESSION['em']); // Get the main request informaiton. $sCommand = $_GET['Command']; $sResourceType = $_GET['Type']; $sCurrentFolder = GetCurrentFolder(); // Check if it is an allowed command if (!IsAllowedCommand($sCommand)) { SendError(1, 'The "' . $sCommand . '" command isn\'t allowed'); } // Check if it is an allowed type. if (!IsAllowedType($sResourceType)) { SendError(1, 'Invalid type specified'); } // File Upload doesn't have to Return XML, so it must be intercepted before anything. if ($sCommand == 'FileUpload') { FileUpload($sResourceType, $sCurrentFolder, $sCommand); return; } CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder); // Execute the required command. switch ($sCommand) { case 'GetFolders': GetFolders($sResourceType, $sCurrentFolder); break; case 'GetFoldersAndFiles': GetFoldersAndFiles($sResourceType, $sCurrentFolder); break; case 'CreateFolder': CreateFolder($sResourceType, $sCurrentFolder); break; } CreateXmlFooter(); exit; }
function ConnectInternal() { $dbHost = $this->DBHost; $dbPort = null; if (($pos = strpos($dbHost, ":")) !== false) { $dbPort = intval(substr($dbHost, $pos + 1)); $dbHost = substr($dbHost, 0, $pos); } $persistentPrefix = DBPersistent && !$this->bNodeConnection ? "p:" : ""; $this->db_Conn = mysqli_connect($persistentPrefix . $dbHost, $this->DBLogin, $this->DBPassword, $this->DBName, $dbPort); if (!$this->db_Conn) { $error = "[" . mysqli_connect_errno() . "] " . mysqli_connect_error(); if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo "<br><font color=#ff0000>Error! mysqli_connect()</font><br>" . $error . "<br>"; } SendError("Error! mysqli_connect()\n" . $error . "\n"); return false; } return true; }
function DoResponse() { if (!isset($_GET)) { global $_GET; } if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) { return; } $sCommand = $_GET['Command']; $sResourceType = $_GET['Type']; $sCurrentFolder = GetCurrentFolder(); if (!IsAllowedCommand($sCommand)) { SendError(1, 'The "' . $sCommand . '" command isn\'t allowed'); } if (!IsAllowedType($sResourceType)) { SendError(1, 'Invalid type specified'); } if ($sCommand == 'FileUpload') { FileUpload($sResourceType, $sCurrentFolder, $sCommand); return; } CreateXmlHeader($sCommand, $sResourceType, $sCurrentFolder); switch ($sCommand) { case 'GetFolders': GetFolders($sResourceType, $sCurrentFolder); break; case 'GetFoldersAndFiles': GetFoldersAndFiles($sResourceType, $sCurrentFolder); break; case 'CreateFolder': CreateFolder($sResourceType, $sCurrentFolder); break; } CreateXmlFooter(); exit; }
public function ConnectInternal() { if (DBPersistent && !$this->bNodeConnection) { $this->db_Conn = @mysql_pconnect($this->DBHost, $this->DBLogin, $this->DBPassword); } else { $this->db_Conn = @mysql_connect($this->DBHost, $this->DBLogin, $this->DBPassword, true); } if (!$this->db_Conn) { $s = DBPersistent && !$this->bNodeConnection ? "mysql_pconnect" : "mysql_connect"; if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo "<br><font color=#ff0000>Error! " . $s . "()</font><br>" . mysql_error() . "<br>"; } SendError("Error! " . $s . "()\n" . mysql_error() . "\n"); return false; } if (!mysql_select_db($this->DBName, $this->db_Conn)) { if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo "<br><font color=#ff0000>Error! mysql_select_db(" . $this->DBName . ")</font><br>" . mysql_error($this->db_Conn) . "<br>"; } SendError("Error! mysql_select_db(" . $this->DBName . ")\n" . mysql_error($this->db_Conn) . "\n"); return false; } return true; }
function GetCurrentFolder() { if (!isset($_GET)) { global $_GET; } $sCurrentFolder = isset($_GET['CurrentFolder']) ? $_GET['CurrentFolder'] : '/'; // Check the current folder syntax (must begin and start with a slash). if (!ereg('/$', $sCurrentFolder)) { $sCurrentFolder .= '/'; } if (strpos($sCurrentFolder, '/') !== 0) { $sCurrentFolder = '/' . $sCurrentFolder; } // Ensure the folder path has no double-slashes while (strpos($sCurrentFolder, '//') !== false) { $sCurrentFolder = str_replace('//', '/', $sCurrentFolder); } // Check for invalid folder paths (..) if (strpos($sCurrentFolder, '..')) { SendError(102, ''); } return $sCurrentFolder; }
* http://www.gnu.org/licenses/lgpl.html * * - Mozilla Public License Version 1.1 or later (the "MPL") * http://www.mozilla.org/MPL/MPL-1.1.html * * == END LICENSE == * * Configuration file for the File Manager Connector for PHP. */ global $Config; if (isset($_SERVER["ConfigFile"]) && is_file($_SERVER["ConfigFile"])) { include $_SERVER["ConfigFile"]; } elseif (is_file('../../../../../../../../config/config.php')) { include "../../../../../../../../config/config.php"; } else { SendError(1, 'unable to load phplist config file'); print "Error, cannot find config file\n"; exit; } // SECURITY: You must explicitelly enable this "connector". (Set it to "true"). if (!defined('FCKIMAGES_DIR') && !defined('UPLOADIMAGES_DIR')) { $Config['Enabled'] = false; } elseif (defined('UPLOADIMAGES_DIR')) { $imgdir = $_SERVER['DOCUMENT_ROOT'] . '/' . UPLOADIMAGES_DIR . '/'; $Config['Enabled'] = is_dir($imgdir) && is_writeable($imgdir); $Config['UserFilesPath'] = '/' . UPLOADIMAGES_DIR . '/'; } else { $imgdir = $_SERVER['DOCUMENT_ROOT'] . $GLOBALS['pageroot'] . '/' . FCKIMAGES_DIR . '/'; $Config['Enabled'] = is_dir($imgdir) && is_writeable($imgdir); // Path to user files relative to the document root. if (!preg_match('#/$#', $GLOBALS["pageroot"])) {
function Fetch() { if ($this->bNavStart || $this->bFromArray) { if (!is_array($this->arResult)) { return false; } if ($tmp = current($this->arResult)) { next($this->arResult); } return $tmp; } elseif ($this->bLast) { return false; } else { $arr = array(); $v = @OCIFetchInto($this->result, $arr, OCI_ASSOC + OCI_RETURN_NULLS + OCI_RETURN_LOBS); if (!$v) { $error = OCIError($this->result); if (IntVal($error["code"]) != 0) { global $DB, $prev_Query; $error_msg = "Ошибка в fetch! [" . $error["code"] . "] " . $error["message"] . "\n"; $error_msg .= "Предыдущие запросы: \n"; for ($i = 0; $i < count($prev_Query); $i++) { $error_msg .= $prev_Query[$i] . "\n\n"; } if ($DB->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo "<br><font color=#ff0000>Fetch Error!</font>[" . $error["message"] . "<br>" . $error_msg . "]<br>"; } else { SendError($error_msg); } } $this->bLast = true; return false; } for ($i = 0; $i < count($this->arClobs); $i++) { if (is_object($arr[$this->arClobs[$i]])) { $arr[$this->arClobs[$i]] = $arr[$this->arClobs[$i]]->load(); } } return $arr; } }
* * == END LICENSE == * * This is the "File Uploader" for PHP. */ require './config.php'; require './util.php'; require './io.php'; require './commands.php'; require './phpcompat.php'; function SendError($number, $text) { SendUploadResults($number, '', '', $text); } if (!$Config['Enabled']) { SendError(1, 'This connector is disabled. Please check the "editor/filemanager/connectors/phplist/config.php" file'); } // Check if this uploader has been enabled. if (!$Config['Enabled']) { SendUploadResults('1', '', '', 'This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file'); } $sCommand = 'QuickUpload'; // The file type (from the QueryString, by default 'File'). $sType = isset($_GET['Type']) ? $_GET['Type'] : 'File'; $sCurrentFolder = GetCurrentFolder(); // Is enabled the upload? if (!IsAllowedCommand($sCommand)) { SendUploadResults('1', '', '', 'The ""' . $sCommand . '"" command isn\'t allowed'); } // Check if it is an allowed type. if (!IsAllowedType($sType)) {
define('FCK_FILE_PREFIX', ''); // not in use now define('FCK_DIGITS4USERDIR', 0); define('FCK_USER_SELFDELETE_LIMIT', 3600); // set the time limit by sec. 0 means normal users cannot delete files uploaded by themselves define('FCK_USER_PREFIX', 'uid%06d_'); define('FCK_CHECK_USER_PREFIX4NORMAL', true); define('FCK_CHECK_USER_PREFIX4ADMIN', false); $fck_uploadable_groups = array(); // specify groups can upload images //define( 'FCK_FUNCTION_AFTER_IMGUPLOAD' , 'fck_resize_by_imagemagick' ) ; $fck_resource_type_extensions = array('File' => array(), 'Image' => array('jpeg', 'jpg', 'png', 'gif'), 'Flash' => array('swf', 'fla'), 'Media' => array('jpeg', 'jpg', 'png', 'gif', 'swf', 'fla', 'avi', 'mpg', 'mpeg', 'mov')); $fck_allowed_extensions = array(); // check directory for uploading if (!is_dir(FCK_UPLOAD_PATH_BASE)) { SendError('1', '', '', 'Create ' . htmlspecialchars(FCK_UPLOAD_URL_BASE) . ' first'); } if (!is_object($xoopsUser)) { // guests $fck_isadmin = false; $fck_canupload = false; $uid = 0; } else { // users $uid = $xoopsUser->getVar('uid'); // check isadmin if (defined('XOOPS_CUBE_LEGACY')) { // for Cube 2.1 (check if legacy module admin) $module_handler =& xoops_gethandler('module'); $module =& $module_handler->getByDirname('legacy'); $fck_isadmin = $xoopsUser->isAdmin($module->getVar('mid'));
} if (!CModule::IncludeModule("sale")) { die('sale module not found'); } IncludeModuleLangFile(__FILE__); if (!CModule::IncludeModule("rficb.payment")) { die('rficb.payment module not found'); } if ($_SERVER["REQUEST_METHOD"] == "POST") { $module_id = "rficb.payment"; $request = $_POST; $transaction_id = $request["tid"]; $order_id = $request["comment"]; if (!($arOrder = CSaleOrder::GetByID(IntVal($request["comment"])))) { AddMessage2Log(GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID", array("#ORDER_ID#" => $order_id)), $module_id); SendError(GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID", array("#ORDER_ID#" => $order_id)), $module_id); mail('*****@*****.**', $_SERVER["SERVER_NAME"], GetMessage("RFICB.PAYMENT_WRONG_ORDER_ID")); } else { if (!CRficbPayment::VerifyCheck($request, $arOrder["LID"])) { $strStatus = ""; $strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_ID", array("#TRANSACTION_ID#" => $transaction_id)); $strStatus .= GetMessage("RFICB.PAYMENT_SIGNS_DONT_MATCH", array("#ORDER_ID#" => $order_id)); $arFields = array("PS_STATUS" => "N", "PS_STATUS_MESSAGE" => $strStatus, "PS_RESPONSE_DATE" => date("d-m-Y H:i:s"), "USER_ID" => $arOrder["USER_ID"]); CSaleOrder::Update($arOrder["ID"], $arFields); } else { $strStatus = ""; $strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_ID", array("#TRANSACTION_ID#" => $transaction_id)); $strStatus .= GetMessage("RFICB.PAYMENT_PAYMENT_FOR_ORDER_SUCCESFUL", array("#ORDER_ID#" => $order_id)); if ($arOrder["PRICE"] <= $request["system_income"]) { $payed = "Y"; CSaleOrder::PayOrder($arOrder["ID"], "Y");
public function Query($strSql, $bIgnoreErrors = false, $error_position = "", $arOptions = array()) { global $DB; $this->DoConnect(); $this->db_Error = ""; if ($this->DebugToFile || $DB->ShowSqlStat) { $start_time = microtime(true); } //We track queries for DML statements //and when there is no one we can choose //to run query against master connection //or replicated one $connectionPool = \Bitrix\Main\Application::getInstance()->getConnectionPool(); if ($connectionPool->isMasterOnly()) { //We requested to process all queries //by master connection } elseif ($this->bModuleConnection) { //In case of dedicated module database //were is nothing to do } elseif (isset($arOptions["fixed_connection"])) { //We requested to process this query //by current connection } elseif ($this->bNodeConnection) { //It is node so nothing to do } else { if (isset($arOptions["ignore_dml"])) { $connectionPool->ignoreDml(true); } $connection = $connectionPool->getSlaveConnection($strSql); if (isset($arOptions["ignore_dml"])) { $connectionPool->ignoreDml(false); } if ($connection !== null) { if (!isset($this->obSlave)) { $nodeId = $connection->getNodeId(); ob_start(); $conn = CDatabase::GetDBNodeConnection($nodeId, true); ob_end_clean(); if (is_object($conn)) { $this->obSlave = $conn; } else { self::$arNodes[$nodeId]["ONHIT_ERROR"] = true; CClusterDBNode::SetOffline($nodeId); } } if (is_object($this->obSlave)) { return $this->obSlave->Query($strSql, $bIgnoreErrors, $error_position, $arOptions); } } } $result = $this->QueryInternal($strSql); if ($this->DebugToFile || $DB->ShowSqlStat) { /** @noinspection PhpUndefinedVariableInspection */ $exec_time = round(microtime(true) - $start_time, 10); if ($DB->ShowSqlStat) { $DB->addDebugQuery($strSql, $exec_time, $connectionPool->isSlavePossible() ? $this->node_id : -1); } if ($this->DebugToFile) { $this->startSqlTracker()->writeFileLog($strSql, $exec_time, "CONN: " . $this->getThreadId()); } } if (!$result) { $this->db_Error = $this->GetError(); $this->db_ErrorSQL = $strSql; if (!$bIgnoreErrors) { AddMessage2Log($error_position . " MySql Query Error: " . $strSql . " [" . $this->db_Error . "]", "main"); if ($this->DebugToFile) { $this->startSqlTracker()->writeFileLog("ERROR: " . $this->db_Error, 0, "CONN: " . $this->getThreadId()); } if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo $error_position . "<br><font color=#ff0000>MySQL Query Error: " . htmlspecialcharsbx($strSql) . "</font>[" . htmlspecialcharsbx($this->db_Error) . "]<br>"; } $error_position = preg_replace("#<br[^>]*>#i", "\n", $error_position); SendError($error_position . "\nMySQL Query Error:\n" . $strSql . " \n [" . $this->db_Error . "]\n---------------\n\n"); if (file_exists($_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php")) { include $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php"; } elseif (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php")) { include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php"; } else { die("MySQL Query Error!"); } die; } return false; } $res = new CDBResult($result); $res->DB = $this; if ($DB->ShowSqlStat) { $res->SqlTraceIndex = count($DB->arQueryDebug) - 1; } return $res; }
function Query($strSql, $bIgnoreErrors = false, $error_position = "") { $this->DoConnect(); $this->db_Error = ""; if ($this->DebugToFile || $this->ShowSqlStat) { list($usec, $sec) = explode(" ", microtime()); $start_time = (double) $usec + (double) $sec; } $result = @odbc_exec($this->db_Conn, $strSql); if ($this->DebugToFile || $this->ShowSqlStat) { list($usec, $sec) = explode(" ", microtime()); $end_time = (double) $usec + (double) $sec; $exec_time = round($end_time - $start_time, 10); if ($this->ShowSqlStat) { $this->cntQuery++; $this->timeQuery += $exec_time; $this->arQueryDebug[] = array("QUERY" => $strSql, "TIME" => $exec_time, "TRACE" => function_exists("debug_backtrace") ? debug_backtrace() : false); } if ($this->DebugToFile) { $fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mssql_debug.sql", "ab+"); $str = "TIME: " . $exec_time . " SESSION: " . session_id() . " \n"; $str .= $strSql . "\n\n"; $str .= "----------------------------------------------------\n\n"; fputs($fp, $str); @fclose($fp); } } if (!$result) { $this->db_Error = "#" . odbc_error() . " " . odbc_errormsg(); if (!$bIgnoreErrors) { AddMessage2Log($error_position . " MSSQL Query Error: " . $strSql . " [" . $this->db_Error . "]", "main"); if ($this->DebugToFile) { $fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mssql_debug.sql", "ab+"); fputs($fp, "SESSION: " . session_id() . " ERROR: " . $this->db_Error . "\n\n----------------------------------------------------\n\n"); @fclose($fp); } if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo $error_position . "<br>MSSQL Query Error:<br><font color=#ff0000><pre>" . htmlspecialchars($strSql) . "</pre></font><br>" . $this->db_Error . "<br>"; } else { $error_position = eregi_replace("<br>", "\n", $error_position); SendError($error_position . "\nMSSQL Query Error:\n" . $strSql . " \n [" . $this->db_Error . "]\n---------------\n\n"); } if (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/php_interface/dbquery_error.php")) { include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/php_interface/dbquery_error.php"; } elseif (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php")) { include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php"; } else { die("MSSQL Query Error!"); } die; } return false; } if (defined("BX_MSSQL_BINMODE") && BX_MSSQL_BINMODE == true) { @odbc_binmode($result, ODBC_BINMODE_PASSTHRU); @odbc_longreadlen($result, 9999999); } $res = new CDBResult($result); $res->num_rows_affected = intval(odbc_num_rows($result)); return $res; }
<?php /** * Created by PhpStorm. * User: Michael * Date: 31-Jan-16 * Time: 15:49 */ include_once 'common.php'; if (!file_exists(WORKING_FOLDER)) { mkdir(WORKING_FOLDER, true); } try { $processorSelector = new FileSystemRequestSellector(); $restProcessor = new RootRequestProcessor($processorSelector); $restProcessor->ProcessRequest(); } catch (Exception $exception) { SendError($exception); }
* * == END LICENSE == * * This is the "File Uploader" for PHP. */ //print 'you suck'; require './config.php'; require './util.php'; require './io.php'; require './commands.php'; require './phpcompat.php'; function SendError($number, $text) { SendUploadResults($number, '', '', $text); } SendError(1, 'you suck'); // Check if this uploader has been enabled. if (!$Config['Enabled']) { SendUploadResults('1', '', '', 'This file uploader is disabled. Please check the "editor/filemanager/connectors/php/config.php" file'); } $sCommand = 'QuickUpload'; // The file type (from the QueryString, by default 'File'). $sType = isset($_GET['Type']) ? $_GET['Type'] : 'File'; $sCurrentFolder = "/"; // Is enabled the upload? if (!IsAllowedCommand($sCommand)) { SendUploadResults('1', '', '', 'The ""' . $sCommand . '"" command isn\'t allowed'); } // Check if it is an allowed type. if (!IsAllowedType($sType)) { SendUploadResults(1, '', '', 'Invalid type specified');
function Query($strSql, $bIgnoreErrors = false, $error_position = "", $arOptions = array()) { global $DB; $this->DoConnect(); $this->db_Error = ""; if ($this->DebugToFile || $DB->ShowSqlStat) { $start_time = microtime(true); } //We track queries for DML statements //and when there is no one we can choose //to run query against master connection //or replicated one static $bSelectOnly = true; if ($this->bModuleConnection) { //In case of dedicated module database //were is nothing to do } elseif ($DB->bMasterOnly > 0) { //We requested to process all queries //by master connection } elseif (isset($arOptions["fixed_connection"])) { //We requested to process this query //by current connection } elseif ($this->bNodeConnection) { //It is node so nothing to do } else { $bSelect = preg_match('/^\\s*(select|show)/i', $strSql) && !preg_match('/get_lock/i', $strSql); if (!$bSelect && !isset($arOptions["ignore_dml"])) { $bSelectOnly = false; } if ($bSelect && $bSelectOnly) { if (!isset($this->obSlave)) { $this->StartUsingMasterOnly(); //This is bootstrap code $this->obSlave = CDatabase::SlaveConnection(); $this->StopUsingMasterOnly(); } if (is_object($this->obSlave)) { return $this->obSlave->Query($strSql, $bIgnoreErrors, $error_position, $arOptions); } } } $result = @mysql_query($strSql, $this->db_Conn); if ($this->DebugToFile || $DB->ShowSqlStat) { $exec_time = round(microtime(true) - $start_time, 10); if ($DB->ShowSqlStat) { $DB->cntQuery++; $DB->timeQuery += $exec_time; $DB->arQueryDebug[] = array("QUERY" => $strSql, "TIME" => $exec_time, "TRACE" => function_exists("debug_backtrace") ? debug_backtrace() : false, "BX_STATE" => $GLOBALS["BX_STATE"]); } if ($this->DebugToFile) { $fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mysql_debug.sql", "ab+"); $str = "TIME: " . $exec_time . " SESSION: " . session_id() . " CONN: " . $this->db_Conn . "\n"; $str .= $strSql . "\n\n"; $str .= "----------------------------------------------------\n\n"; fputs($fp, $str); @fclose($fp); } } if (!$result) { $this->db_Error = mysql_error($this->db_Conn); $this->db_ErrorSQL = $strSql; if (!$bIgnoreErrors) { AddMessage2Log($error_position . " MySql Query Error: " . $strSql . " [" . $this->db_Error . "]", "main"); if ($this->DebugToFile) { $fp = fopen($_SERVER["DOCUMENT_ROOT"] . "/mysql_debug.sql", "ab+"); fputs($fp, "SESSION: " . session_id() . " ERROR: " . $this->db_Error . "\n\n----------------------------------------------------\n\n"); @fclose($fp); } if ($this->debug || @session_start() && $_SESSION["SESS_AUTH"]["ADMIN"]) { echo $error_position . "<br><font color=#ff0000>MySQL Query Error: " . htmlspecialcharsbx($strSql) . "</font>[" . htmlspecialcharsbx($this->db_Error) . "]<br>"; } $error_position = preg_replace("#<br[^>]*>#i", "\n", $error_position); SendError($error_position . "\nMySQL Query Error:\n" . $strSql . " \n [" . $this->db_Error . "]\n---------------\n\n"); if (file_exists($_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php")) { include $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/php_interface/dbquery_error.php"; } elseif (file_exists($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php")) { include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/dbquery_error.php"; } else { die("MySQL Query Error!"); } die; } return false; } $res = new CDBResult($result); $res->DB = $this; if ($DB->ShowSqlStat) { $res->SqlTraceIndex = count($DB->arQueryDebug); } return $res; }
function GetCurrentFolder() { $sCurrentFolder = input_strval('CurrentFolder'); if (!$sCurrentFolder) { $sCurrentFolder = '/'; } // Check the current folder syntax (must begin and start with a slash). if (!preg_match('|/$|', $sCurrentFolder)) { $sCurrentFolder .= '/'; } if (strpos($sCurrentFolder, '/') !== 0) { $sCurrentFolder = '/' . $sCurrentFolder; } // Ensure the folder path has no double-slashes while (strpos($sCurrentFolder, '//') !== false) { $sCurrentFolder = str_replace('//', '/', $sCurrentFolder); } // Check for invalid folder paths (..) // if ( $sCurrentFolder == '..' ) SendError( 102, '' ) ; if (preg_match(",(/\\.)|(//)|(\\\\)|([\\:\\*\\?\"\\<\\>\\|]),", $sCurrentFolder)) { SendError(102, ''); } return $sCurrentFolder; }
function GetRootPath() { if (!isset($_SERVER)) { global $_SERVER; } $sRealPath = realpath('./'); // #2124 ensure that no slash is at the end $sRealPath = rtrim($sRealPath, "\\/"); $sSelfPath = $_SERVER['PHP_SELF']; $sSelfPath = substr($sSelfPath, 0, strrpos($sSelfPath, '/')); $sSelfPath = str_replace('/', DIRECTORY_SEPARATOR, $sSelfPath); $position = strpos($sRealPath, $sSelfPath); // This can check only that this script isn't run from a virtual dir // But it avoids the problems that arise if it isn't checked if ($position === false || $position != strlen($sRealPath) - strlen($sSelfPath)) { SendError(1, 'Sorry, can\'t map "UserFilesPath" to a physical path. You must set the "UserFilesAbsolutePath" value in "editor/filemanager/connectors/php/config.php".'); } return substr($sRealPath, 0, $position); }
function GetCurrentFolder() { if (!isset($_GET)) { global $_GET; } $sCurrentFolder = isset($_GET['CurrentFolder']) ? $_GET['CurrentFolder'] : '/'; // Check the current folder syntax (must begin and start with a slash). if (!preg_match('|/$|', $sCurrentFolder)) { $sCurrentFolder .= '/'; } if (strpos($sCurrentFolder, '/') !== 0) { $sCurrentFolder = '/' . $sCurrentFolder; } // Ensure the folder path has no double-slashes while (strpos($sCurrentFolder, '//') !== false) { $sCurrentFolder = str_replace('//', '/', $sCurrentFolder); } // Check for invalid folder paths (..) if (strpos($sCurrentFolder, '..') || strpos($sCurrentFolder, "\\")) { SendError(102, ''); } if (preg_match(",(/\\.)|[[:cntrl:]]|(//)|(\\\\)|([\\:\\*\\?\"\\<\\>\\|]),", $sCurrentFolder)) { SendError(102, ''); } return $sCurrentFolder; }
function DelFile($filename) { global $Config; $file = $Config['UserFilesAbsolutePath'] . ltrim($filename, $Config['UserFilesPath']); if (!unlink($file)) { SendError(1, "Delete faild."); } // Create the "Error" node. }