function action()
{
if (isset($_POST['action']['save'])) {
$fields = $_POST['fields'];
$permissions = $fields['permissions'];
$name = trim($fields['name']);
$page_access = $fields['page_access'];
if (strlen($name) == 0) {
$this->_errors['name'] = 'This is a required field';
return;
} elseif ($this->_driver->roleExists($name)) {
$this->_errors['name'] = 'A role with the name <code>' . $name . '</code> already exists.';
return;
}
$sql = "INSERT INTO `tbl_members_roles` VALUES (NULL, \n\t\t\t\t\t\t\t\t\t\t\t\t'{$name}', \n\t\t\t\t\t\t\t\t\t\t\t\t" . (strlen(trim($fields['email_subject'])) > 0 ? "'" . addslashes($fields['email_subject']) . "'" : 'NULL') . ", \n\t\t\t\t\t\t\t\t\t\t\t\t" . (strlen(trim($fields['email_body'])) > 0 ? "'" . addslashes($fields['email_body']) . "'" : 'NULL') . ")";
$this->_Parent->Database->query($sql);
$role_id = $this->_Parent->Database->getInsertID();
if (is_array($page_access) && !empty($page_access)) {
foreach ($page_access as $page_id) {
$this->_Parent->Database->query("INSERT INTO `tbl_members_roles_page_permissions` VALUES (NULL, {$role_id}, {$page_id}, 'yes')");
}
}
if (is_array($permissions) && !empty($permissions)) {
$sql = "INSERT INTO `tbl_members_roles_event_permissions` VALUES ";
foreach ($permissions as $event_handle => $p) {
foreach ($p as $action => $allow) {
$sql .= "(NULL, {$role_id}, '{$event_handle}', '{$action}', '{$allow}'),";
}
}
$this->_Parent->Database->query(trim($sql, ','));
}
redirect(extension_members::baseURL() . 'edit/' . $role_id . '/created/');
}
}
/**
* @return array
*/
public function toOptionArray()
{
$fields = [];
$fields[] = ['value' => '0', 'label' => '-- Please Select --'];
$apiEnabled = $this->helper->isEnabled($this->helper->getWebsite());
if ($apiEnabled) {
$savedCampaigns = $this->registry->registry('campaigns');
if (is_array($savedCampaigns)) {
$campaigns = $savedCampaigns;
} else {
//grab the datafields request and save to register
$client = $this->helper->getWebsiteApiClient();
$campaigns = $client->getCampaigns();
$this->registry->register('campaigns', $campaigns);
}
//set the api error message for the first option
if (isset($campaigns->message)) {
//message
$fields[] = ['value' => 0, 'label' => $campaigns->message];
} elseif (!empty($campaigns)) {
//loop for all campaing options
foreach ($campaigns as $campaign) {
if (isset($campaign->name)) {
//@codingStandardsIgnoreStart
$fields[] = ['value' => $campaign->id, 'label' => addslashes($campaign->name)];
//@codingStandardsIgnoreEnd
}
}
}
}
return $fields;
}
public function onAfterBackendUsersList( $listId, &$rows, &$pageNav, &$search, &$lists, $option, $selectTagAttribs ) {
global $_CB_framework;
$plugin = cbgjClass::getPlugin();
$_CB_framework->document->addHeadStyleSheet( $plugin->livePath . '/admin.' . $plugin->element . '.css' );
$url = cbgjClass::getPluginURL( array( 'users', 'edit' ), null, false );
$toolbar = '<a href="#" id="gjaddgroup" class="cbtoolbar cbtoolbaraction">'
. '<span class="cbicon-32-gjplugin" title="' . htmlspecialchars( CBTxt::T( 'Join GJ Group' ) ) . '"></span>'
. CBTxt::T( 'Join GJ Group' )
. '</a>'
. '<span class="cbtoolbarspacer" style="width:20px;"> </span>';
$js = "$( '.cbtoolbaractions' ).delegate( '#gjaddgroup', 'click', function() {"
. "var usersChecked = new Array();"
. "$( '#cbshowusersform input[name=\"cid[]\"]:checked' ).each( function() {"
. "usersChecked.push( $( this ).val() );"
. "});"
. "if ( ! usersChecked.length ) {"
. "alert( '" . addslashes( CBTxt::T( 'Please select a user from the list to add a CB GroupJive Group to.' ) ) . "' );"
. "} else {"
. "window.location = '" . addslashes( $url ) . "&users=' + usersChecked.join( '|*|' );"
. "}"
. "});"
. "$( '.cbtoolbaractions' ).prepend( '" . addslashes( $toolbar ) . "' );";
$_CB_framework->outputCbJQuery( $js );
}
function updateBilling($Billing) {
global $adb;
global $table_prefix;
$firstname = addslashes($Billing->firstname);
$lastname = addslashes($Billing->lastname);
$address = addslashes($Billing->address);
$address1 = addslashes($Billing->address1);
$city = addslashes($Billing->city);
$query="UPDATE ".$table_prefix."_tblBilling SET ".
"fldBillingLastname='$lastname',".
"fldBillingFirstName='$firstname',".
"fldBillingEmail='$Billing->email',".
"fldBillingAddress='$address',".
"fldBillingAddress1='$address1',".
"fldBillingCity='$Billing->city',".
"fldBillingState='$Billing->state',".
"fldBillingCountry='$Billing->country',".
"fldBillingZip='$Billing->zip',".
"fldBillingPhoneNo='$Billing->phone'".
" WHERE fldBillingID=$Billing->Id";
$adb->query($query);
return true;
}
/**
* @return string
*/
private function getFromTables()
{
$return = "";
foreach ($this->tables as $table) {
if (is_array($table)) {
$table = $table[0];
}
$result = $this->pdo->prepare('SELECT * FROM ' . $table);
$result->execute();
$num_fields = $result->columnCount();
$return .= 'DROP TABLE IF EXISTS ' . $table . ';';
$result2 = $this->pdo->prepare('SHOW CREATE TABLE ' . $table);
$result2->execute();
$row2 = $result2->fetch();
$return .= "\n\n" . $row2[1] . ";\n\n";
foreach ($result as $row) {
$return .= 'INSERT INTO ' . $table . ' VALUES(';
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
// $row[$j] = preg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
$return .= '"' . $row[$j] . '"';
} else {
$return .= '""';
}
if ($j < $num_fields - 1) {
$return .= ',';
}
}
$return .= ");\n";
}
$return .= "\n\n\n";
}
return $return;
}
static function send($destinataire) {
$expediteur = CBdd::select_one("SELECT email FROM user WHERE type = 2", "email");
$id_texte = CConfiguration::get_valeur('WELCOME_TEXT_ID');
$sql_texte_select = "SELECT * FROM texte WHERE id = " . $id_texte;
$texte = CBdd::select_row($sql_texte_select);
$sql_user = "******" . $destinataire . "'";
$user = CBdd::select_row($sql_user);
$message = str_replace('$NOM', $user['nom'], $texte['text']);
$message = str_replace('$PRENOM', $user['prenom'], $message);
//echo $message;
$sujet = $texte['nom'];
$sql_unicite_message = "SELECT id FROM email WHERE destinataire = '" . addslashes($destinataire) . "' AND nom = '" . addslashes($sujet) . "'";
// echo $sql_unicite_message;
if(CBdd::select_one($sql_unicite_message, 'id')) {
return 1;
}
$sql_email_insert = "INSERT INTO email(expediteur, destinataire, nom, text, etat) VALUES ('" . addslashes($expediteur) . "', '" . addslashes($destinataire) . "', '" . addslashes($sujet) . "', '" . addslashes($message) . "', '2')";
CBdd::insert($sql_email_insert);
return CMail::send_mail($destinataire, CFonction::force_stripslashes($sujet), CFonction::force_stripslashes($message), $expediteur, array(), 'Bcc: ' . $expediteur);
}
function on_submit()
{
$email_list = Url::get('email_list');
$count = 0;
if ($email_list) {
$arr = explode("\n", $email_list);
$arr_tmp = array();
$email_list = '';
if ($arr) {
foreach ($arr as $email) {
$email = str_replace(array(chr(13), chr(10)), '', stripslashes($email));
if (eregi("^[A-Z0-9._%-]+@[A-Z0-9._%-]+\\.[A-Z]{2,6}\$", $email) && !isset($arr_tmp[$email])) {
$email_list .= ($email_list ? "\n" : '') . $email;
$arr_tmp[$email] = 1;
$count++;
}
}
}
}
$this->email_list = array('email_list' => addslashes($email_list), 'time' => TIME_NOW, 'time_modify' => TIME_NOW);
$this->checkFormInput('Danh sách email', 'email_list', $email_list, 'str', true, '', 1);
if ($count > 50) {
$this->setFormError('', "Bạn đã nhập vào {$count} email, số mail nhập vào phải <=50!");
}
if (!$this->errNum) {
$id = DB::insert('spam_mail', $this->email_list);
if ($id) {
Url::redirect_current(array('cmd' => 'email_list'));
} else {
$this->setFormError('', 'Không cập nhật được CSDL!');
}
}
}
function update($new_instance, $old_instance)
{
$instance = $old_instance;
$instance['title'] = sanitize_text_field($new_instance['title']);
$instance['adsenseCode'] = wp_filter_post_kses(addslashes($new_instance['adsenseCode']));
return $instance;
}
function EditUserjs($add, $userid, $username)
{
global $empire, $dbtbpre;
$jsid = (int) $add['jsid'];
$jstempid = (int) $add['jstempid'];
if (!$jsid || !$add[jsname] || !$jstempid || !$add[jssql] || !$add[jsfilename]) {
printerror("EmptyUserJsname", "history.go(-1)");
}
$query_first = substr($add['jssql'], 0, 7);
if (!($query_first == "select " || $query_first == "SELECT ")) {
printerror("JsSqlError", "history.go(-1)");
}
//验证权限
CheckLevel($userid, $username, $classid, "userjs");
//删除旧js文件
if ($add['oldjsfilename'] != $add['jsfilename']) {
DelFiletext($add['oldjsfilename']);
}
$add[jssql] = ClearAddsData($add[jssql]);
$sql = $empire->query("update {$dbtbpre}enewsuserjs set jsname='{$add['jsname']}',jssql='" . addslashes($add[jssql]) . "',jstempid={$jstempid},jsfilename='{$add['jsfilename']}' where jsid={$jsid}");
//刷新js
$add[jssql] = addslashes($add[jssql]);
ReUserjs($add, "../");
if ($sql) {
//操作日志
insert_dolog("jsid={$jsid}&jsname={$add['jsname']}");
printerror("EditUserjsSuccess", "ListUserjs.php");
} else {
printerror("DbError", "history.go(-1)");
}
}
function save()
{
// Check for request forgeries
JRequest::checkToken() or die('COM_JOOMLEAGUE_GLOBAL_INVALID_TOKEN');
$cid = JRequest::getInt("cid", 0);
$post = JRequest::get('post');
if ($cid > 0) {
$club =& JTable::getInstance("Club", "Table");
$club->load($cid);
$club->bind($post);
$params =& JComponentHelper::getParams('com_joomleague');
if ($club->store() && $params->get('cfg_edit_club_info_update_notify') == "1") {
$db = JFactory::getDBO();
$user = JFactory::getUser();
$query = "SELECT email\n FROM #__users \n WHERE usertype = 'Super Administrator' \n OR usertype = 'Administrator'";
$db->setQuery($query);
$to = $db->loadResultArray();
$subject = addslashes(sprintf(JText::_("COM_JOOMLEAGUE_ADMIN_EDIT_CLUB_INFO_SUBJECT"), $club->name));
$message = addslashes(sprintf(JText::_("COM_JOOMLEAGUE_ADMIN_EDIT_CLUB_INFO_MESSAGE"), $user->name, $club->name));
$message .= $this->_getShowClubInfoLink();
JUtility::sendMail('', '', $to, $subject, $message);
}
}
$this->setRedirect($this->_getShowClubInfoLink());
}
function backslash(&$arr, $escape)
{
$magic_on = get_magic_quotes_gpc();
if ($escape && !$magic_on) {
foreach ($arr as $k => $v) {
switch (gettype($v)) {
case 'string':
$arr[$k] = addslashes($v);
break;
case 'array':
backslash($arr[$k], true);
}
}
}
if (!$escape && $magic_on) {
foreach ($arr as $k => $v) {
switch (gettype($v)) {
case 'string':
$arr[$k] = stripslashes($v);
break;
case 'array':
backslash($arr[$k], false);
}
}
}
}
function content_53ae6fd99a3c76_13439061($_smarty_tpl)
{
?>
<script type="text/javascript">
var favorite_products_url_add = '<?php
echo addslashes($_smarty_tpl->tpl_vars['link']->value->getModuleLink('favoriteproducts', 'actions', array('process' => 'add'), false));
?>
';
var favorite_products_url_remove = '<?php
echo addslashes($_smarty_tpl->tpl_vars['link']->value->getModuleLink('favoriteproducts', 'actions', array('process' => 'remove'), false));
?>
';
<?php
if (isset($_GET['id_product'])) {
?>
var favorite_products_id_product = '<?php
echo intval($_GET['id_product']);
?>
';
<?php
}
?>
</script>
<?php
}
function update($new_instance, $old_instance)
{
$instance = $old_instance;
$instance['title'] = sanitize_text_field($new_instance['title']);
$instance['adsenseCode'] = current_user_can('unfiltered_html') ? $new_instance['adsenseCode'] : stripslashes(wp_filter_post_kses(addslashes($new_instance['adsenseCode'])));
return $instance;
}
private function tag_options($options, $prefix = "")
{
$attributes = array();
$html_content = array();
if (is_array($options)) {
foreach ($options as $option_key => $option_value) {
if (is_array($option_value)) {
if ($option_key == "data") {
$attributes[] = $this->tag_options($option_value, $option_key . "-");
} else {
$html_content[] = $prefix . $option_key . "=" . "\"" . addslashes(json_encode($option_value)) . "\"";
}
} else {
if (is_null($option_value) || empty($option_value) || $option_value == $option_key) {
$html_content[] = $prefix . $option_key;
} elseif (is_bool($option_value) && $option_value == true) {
$html_content[] = $prefix . $option_key . "=" . "\"" . $prefix . $option_key . "\"";
} else {
$html_content[] = $prefix . $option_key . "=" . "\"" . $option_value . "\"";
}
}
}
} else {
//We have only a simple string and not an array
$html_content[] = $options;
}
return join(" ", $html_content);
}
function listFlags($params)
{
$sql = "SELECT content.migtitle,content.id FROM content WHERE content.templateid='4'";
$resultList = array();
if ($result = queryDatabase($sql)) {
while ($row = $result->fetch(PDO::FETCH_OBJ)) {
array_push($resultList, $row);
//print_r(mixed expression [, bool return])
}
}
$names = array();
foreach ($resultList as $row) {
$sql = "SELECT media.id,media.name FROM media WHERE media.name LIKE '%" . strtolower(addslashes($row->migtitle)) . "%'";
//echo $sql;
if ($result = queryDatabase($sql)) {
while ($row2 = $result->fetch(PDO::FETCH_OBJ)) {
$r = array();
$r["name"] = $row->migtitle;
$r["contentid"] = $row->id;
$r["mediaid"] = $row2->id;
$r["file"] = $row2->name;
array_push($names, $r);
}
}
}
/*
header("Content-type: application/json; charset=UTF-8");
echo json_encode($names);
*/
$sql = "INSERT INTO content_media (contentid,mediaid,statusid) VALUES ";
foreach ($names as $r) {
$sql .= "(" . $r["contentid"] . "," . $r["mediaid"] . ",4),";
}
echo $sql;
}
function updateInfo($percent, $infoText, $debug = true) {
global $command_line;
if ($debug) {
Debug::message($infoText, Debug::WARNING);
}
$percentageText = ($percent == 1)? '100': sprintf('%2.0f', $percent * 100);
if (isset($command_line) and $command_line) {
if ($percent < 0) {
$percentageText = ' * ';
} else {
$percentageText .= '%';
}
echo $percentageText, ' ', $infoText, "\n";
} else {
echo '<script>';
if ($percent >= 0) {
echo 'document.getElementById("progress-bar").style="width:' . ($percent * 100) . '%;";', "\n",
'document.getElementById("progress-bar").innerHTML ="' . $percentageText . '%";', "\n";
}
if ($percent == 1) {
echo 'document.getElementById("progress-bar").className = "progress-bar progress-bar-striped";';
}
echo 'document.getElementById("progressbar-info").innerHTML="' . addslashes($infoText) . '";</script>';
}
// This is for the buffer achieve the minimum size in order to flush data
// echo str_repeat(' ', 1024 * 64);
// Send output to browser immediately
flush();
}
function process_login()
{
$username = addslashes($_POST["admin_email"]);
$password = addslashes($_POST["admin_password"]);
$rememberme = isset($_POST["rememberme"]) ? 1 : 0;
if ($password == "") {
$password = "******";
}
$row = array("admin_email" => $username, "admin_password" => $password, "rememberme" => $rememberme);
/*if ($this->ldapLogin($username, $password)) {
$row["admin_ldap"] = 1;
}*/
//login pakai row credential
Auth::login($row);
//kalau sukses
if (Auth::isLogged()) {
//load school setting
// $ss = new Schoolsetting();
// $ss->loadToSession();
//redirect
//Account::setRedirection ();
Hook::processHook($this->login_hook);
Redirect::firstPage();
} else {
Redirect::loginFailed();
}
}
function connexion()
{
try {
//si le login et le mdp existent
if (isset($_POST["login"]) && isset($_POST["mdp"])) {
// récupération sécurisée du mdp et du login dans des variables
$login = htmlspecialchars(addslashes(trim(strtoupper($_POST['login']))));
$password = htmlspecialchars(addslashes(trim(md5($_POST['mdp']))));
$_SESSION['login'] = $login;
$query = "SELECT COL_NO, TAU_NO, COL_NOM, COL_PRENOM, COL_MNEMONIC FROM COLLABORATEUR WHERE COL_MNEMONIC='" . $login . "' AND (COL_PASSWORD='******' OR COL_PASS_ALL='" . $password . "')";
$result = $GLOBALS['connexion']->query($query);
if (mysqli_num_rows($result) == 1) {
$connection = true;
$row = $result->fetch_assoc();
$_SESSION['col_id'] = $row['COL_NO'];
$_SESSION['accreditation'] = $row['TAU_NO'];
$_SESSION['nom'] = $row['COL_NOM'];
$_SESSION['prenom'] = $row['COL_PRENOM'];
$_SESSION['mnemonic'] = $row['COL_MNEMONIC'];
header("Location: accueil.php");
//header ("Location: accueil_bloque.php");
} else {
$_SESSION = array();
session_destroy();
return '<script>alert("Identifiant et/ou mot de passe incorrect");</script>';
}
} else {
$connection = false;
}
} catch (Exception $e) {
// message en cas d'erreur
die('Erreur : ' . $e->getMessage());
}
return '';
}
function printResultPages(&$loc, $currPage, $pageCount, $sort)
{
if ($pageCount <= 1) {
return false;
}
echo $loc->getText("biblioSearchResultPages") . ": ";
$maxPg = OBIB_SEARCH_MAXPAGES + 1;
if ($currPage > 1) {
echo "<a href=\"javascript:changePage(" . H(addslashes($currPage - 1)) . ",'" . H(addslashes($sort)) . "')\">«" . $loc->getText("biblioSearchPrev") . "</a> ";
}
for ($i = 1; $i <= $pageCount; $i++) {
if ($i < $maxPg) {
if ($i == $currPage) {
echo "<b>" . H($i) . "</b> ";
} else {
echo "<a href=\"javascript:changePage(" . H(addslashes($i)) . ",'" . H(addslashes($sort)) . "')\">" . H($i) . "</a> ";
}
} elseif ($i == $maxPg) {
echo "... ";
}
}
if ($currPage < $pageCount) {
echo "<a href=\"javascript:changePage(" . ($currPage + 1) . ",'" . $sort . "')\">" . $loc->getText("biblioSearchNext") . "»</a> ";
}
}
public function loginAction()
{
if (!is_null($this->session->getCurrentUser())) {
$this->redirect('/');
}
if (is_null($this->request->getPost('user')) || is_null($this->request->getPost('password'))) {
throw new LoginException('Неверные данные формы авторизации.');
}
$user = addslashes(trim(strip_tags($this->request->getPost('user'))));
$password = addslashes(trim(strip_tags($this->request->getPost('password'))));
$usersModel = new Users();
try {
$currentUser = $usersModel->getUsersDataByLogPass($user, $password);
} catch (\Exception $e) {
throw new LoginException($e->getMessage());
}
if ($currentUser['roles_id'] == self::BANNED) {
throw new LoginException('Доступ временно запрещен. Обратитесь к администратору.');
}
unset($currentUser['password']);
$userObj = new User();
$userObj->fillData($currentUser);
$this->session->setCurrentUser($userObj);
echo json_encode(array('location' => '/'));
exit;
}
function getGraphImg($title, $graph_start, $graph_end)
{
if (empty($graph_end)) {
$graph_end = 'now';
}
$initial_params = array('--start=' . $graph_start, '--end=' . $graph_end, '--title="' . $title . ' - ' . self::$name . '"');
$defs = array('DEF:a="' . $this->getFilepath() . '":input:AVERAGE', 'DEF:b="' . $this->getFilepath() . '":output:AVERAGE', 'CDEF:cdefa=a,8,*', 'CDEF:cdefb=b,8,*');
$comments = array();
$start_date_string = $end_date_string = '';
if (is_numeric($graph_start)) {
$start_date_string = date('d/m/Y H:i', $graph_start);
$start_date_string = str_replace(':', '\\:', $start_date_string);
}
if (is_numeric($graph_end)) {
$end_date_string = date('d/m/Y H:i', $graph_end);
$end_date_string = str_replace(':', '\\:', $end_date_string);
}
if ($start_date_string && $end_date_string) {
$comments = array('COMMENT:"From ' . $start_date_string . ' To ' . addslashes($end_date_string) . '\\c"', 'COMMENT:" \\n"');
}
$style = array('--vertical-label="bytes per second"', 'AREA:a#EACC00FF:"Inbound"', 'GPRINT:cdefa:LAST:" Current\\:%8.2lf %sbps"', 'GPRINT:cdefa:AVERAGE:"Average\\:%8.2lf %sbps"', 'GPRINT:cdefa:MAX:"Maximum\\:%8.2lf %sbps\\n"', 'LINE1:b#002A97FF:"Outbound"', 'GPRINT:cdefb:LAST:"Current\\:%8.2lf %sbps"', 'GPRINT:cdefb:AVERAGE:"Average\\:%8.2lf %sbps"', 'GPRINT:cdefb:MAX:"Maximum\\:%8.2lf %sbps\\n"');
$opts = array('--start=-1h', '--vertical-label="Bytes second"', 'DEF:inoctets="' . $this->getFilepath() . '":input:AVERAGE', 'DEF:outoctets="' . $this->getFilepath() . '":output:AVERAGE', 'AREA:inoctets#00FF00:"In traffic"', 'LINE1:outoctets#0000FF:"Out traffic"', 'CDEF:inbits=inoctets,8,*', 'CDEF:outbits=outoctets', 'COMMENT:" \\n"', 'GPRINT:inbits:AVERAGE:"Avg In traffic\\: %6.2lf %sbps"', 'COMMENT:" \\n"', 'GPRINT:inbits:MAX:"Max In traffic\\: %6.2lf %sbps"', 'GPRINT:outbits:AVERAGE:"Avg Out traffic\\: %6.2lf %sbps"', 'COMMENT:" \\n"', 'GPRINT:outbits:MAX:"Max Out traffic\\: %6.2lf %sbps"');
//
// AREA:a#00CF00FF:"Inbound" \
//GPRINT:a:LAST:" Current\:%8.2lf %s" \
//GPRINT:a:AVERAGE:"Average\:%8.2lf %s" \
//GPRINT:a:MAX:"Maximum\:%8.2lf %s\n" \
//LINE1:b#002A97FF:"Outbound" \
//GPRINT:b:LAST:"Current\:%8.2lf %s" \
//GPRINT:b:AVERAGE:"Average\:%8.2lf %s" \
//GPRINT:b:MAX:"Maximum\:%8.2lf %s\n"
$default_opts = parent::getDefault_graph_opts();
$params = array_merge($initial_params, $default_opts, $defs, $comments, $style);
return $this->build_graph($params);
}
/**
* Smarty unescape modifier plugin
* Type: modifier<br>
* Name: unescape<br>
* Purpose: unescape html entities
*
* @author Rodney Rehm
*
* @param array $params parameters
*
* @return string with compiled code
*/
function smarty_modifiercompiler_unescape($params)
{
if (!isset($params[1])) {
$params[1] = 'html';
}
if (!isset($params[2])) {
$params[2] = '\'' . addslashes(Smarty::$_CHARSET) . '\'';
} else {
$params[2] = "'" . $params[2] . "'";
}
switch (trim($params[1], '"\'')) {
case 'entity':
case 'htmlall':
if (Smarty::$_MBSTRING) {
return 'mb_convert_encoding(' . $params[0] . ', ' . $params[2] . ', \'HTML-ENTITIES\')';
}
return 'html_entity_decode(' . $params[0] . ', ENT_NOQUOTES, ' . $params[2] . ')';
case 'html':
return 'htmlspecialchars_decode(' . $params[0] . ', ENT_QUOTES)';
case 'url':
return 'rawurldecode(' . $params[0] . ')';
default:
return $params[0];
}
}
function post_location_request($url, $data)
{
/* $data_str = urlencode(http_build_query($data));
header("Host: $host\r\n");
header("POST $path HTTP/1.1\r\n");
header("Content-type: application/x-www-form-urlencoded\r\n");
header("Content-length: " . strlen($data_str) . "\r\n");
header("Connection: close\r\n\r\n");
header($data_str);
exit();*/
$CI =& get_instance();
$params = explode("&", urldecode(http_build_query($data)));
$retHTML = '';
if (!$CI->is_pjax) {
$retHTML .= "<html>\n<body onLoad=\"document.send_form.submit();\">\n";
}
$retHTML .= '<form method="post" name="send_form" id="send_form" action="' . $url . '">';
foreach ($params as $string) {
list($key, $value) = explode("=", $string);
$retHTML .= "<input type=\"hidden\" name=\"" . $key . "\" value=\"" . addslashes($value) . "\">\n";
}
if ($CI->is_pjax) {
$retHTML .= '</form><script>document.getElementById("send_form").submit();</script>';
} else {
$retHTML .= "</form>\n</body>\n</html>";
}
print $retHTML;
exit;
}
function postparse($verify = false, $subval = false)
{
if ($subval) {
$var = $_POST[$subval];
} else {
$var = $_POST;
}
reset($var);
$sql = "";
$keys = "";
$vals = "";
$i = 0;
while (list($key, $val) = each($var)) {
if ($verify === false || isset($verify[$key])) {
if (is_array($val)) {
$val = addslashes(serialize($val));
}
$sql .= ($i > 0 ? "," : "") . "{$key}='{$val}'";
$keys .= ($i > 0 ? "," : "") . "{$key}";
$vals .= ($i > 0 ? "," : "") . "'{$val}'";
$i++;
}
}
return array($sql, $keys, $vals);
}
function add($operation, $getdata = '', $postdata = '', $appids = array(), $pri = 0)
{
$extra = $varextra = '';
$appadd = $varadd = array();
foreach ((array) $this->apps as $appid => $app) {
$appid = $app['appid'];
if ($appid == intval($appid)) {
if ($appids && !in_array($appid, $appids)) {
$appadd[] = 'app' . $appid . "='1'";
} else {
$varadd[] = "('noteexists{$appid}', '1')";
}
}
}
if ($appadd) {
$extra = implode(',', $appadd);
$extra = $extra ? ', ' . $extra : '';
}
if ($varadd) {
$varextra = implode(', ', $varadd);
$varextra = $varextra ? ', ' . $varextra : '';
}
$getdata = addslashes($getdata);
$postdata = addslashes($postdata);
$this->db->query("INSERT INTO " . UC_DBTABLEPRE . "notelist SET getdata='{$getdata}', operation='{$operation}', pri='{$pri}', postdata='{$postdata}'{$extra}");
$insert_id = $this->db->insert_id();
$insert_id && $this->db->query("REPLACE INTO " . UC_DBTABLEPRE . "vars (name, value) VALUES ('noteexists', '1'){$varextra}");
return $insert_id;
}
function escape($string) {
return addslashes( $string ); // Disable rest for now, causing problems
if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' )
return mysql_escape_string( $string );
else
return mysql_real_escape_string( $string, $this->dbh );
}
function stripStr($str)
{
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return addslashes(htmlspecialchars($str, ENT_QUOTES, 'UTF-8'));
}
/**
* @param string $value
*/
public function render($value = null)
{
if ($value == null) {
$value = $this->renderChildren();
}
return addslashes($value);
}
function installLanguage2($f, $l, $m)
{
global $php;
$patt = '/^([A-Z0-9_]+)[\\s]{0,}=[\\s]{0,}[\'"](.*)[\'"];$/';
foreach (file($f) as $item) {
$item = trim($item);
if ($item != '') {
if (preg_match($patt, $item, $match)) {
if (isset($php[$match[1]])) {
$php[$match[1]][$l] = addslashes($match[2]);
} else {
$save = array();
if (preg_match('/^[0-9]+$/', $value)) {
$save['type'] = 'int';
} else {
$save['type'] = 'text';
}
$save['key'] = $match[1];
$save['owner'] = $m;
$save[$l] = addslashes($match[2]);
$save['js'] = 1;
$php[$match[1]] = $save;
}
}
}
}
}
function fetchDisplay()
{
global $visionneuse_path;
//le document
$this->driver->cleanCache();
if (!$this->driver->isInCache($this->doc->id)) {
$this->driver->setInCache($this->doc->id, $this->driver->openCurrentDoc());
}
$ebook = new epubData($this->driver->get_cached_filename($this->doc->id));
//le titre
$this->toDisplay["titre"] = $this->doc->titre;
//la visionneuse
$this->toDisplay["doc"] = "\n \t<div id='divEpub' style='display:block;margin:auto'>\n \t\t<div id='ePubFrameTocViewer' style='height:100%;width:25%;border:1px solid #000000;float:left;text-align:left;overflow:auto'>\n \t\t";
$identPrecedent = -1;
foreach ($ebook->toc as $tocItem) {
if ($tocItem["level"] == 0 && $identPrecedent >= 0) {
$this->toDisplay["doc"] .= "<br>";
}
$this->toDisplay["doc"] .= "<div style='text-indent:" . $tocItem["level"] * 10 . "px'>\n \t\t\t\t\t\t\t\t\t\t<a onclick='goPageToc(\"" . addslashes($tocItem["content"]) . "\");return false;' href='#'>\n \t\t\t\t\t\t\t\t\t\t\t" . $tocItem["text"] . "\n \t\t\t\t\t\t\t\t\t\t</a>\n \t\t\t\t\t\t\t\t\t</div>";
$identPrecedent = $tocItem["level"];
}
$this->toDisplay["doc"] .= "\n \t\t</div>\n \t\t<iframe id='ePubFrameViewer' name='ePubFrameViewer' style='height:100%;width:70%'></iframe> \n \t\t<div style='text-align:center'>\n \t\t\t<img src='" . $visionneuse_path . "/images/zoom_plus.gif' alt='zoom_plus' border='0' onClick='zoomIn();return false;' style='display:inline;'/>\n \t\t\t \n\t\t\t\t<img src='" . $visionneuse_path . "/images/zoom_moins.gif' alt='zoom_moins' border='0' onClick='zoomOut();return false;' style='display:inline;'/>\n \t\t\t \n \t\t\t<img src='" . $visionneuse_path . "/images/first.gif' alt='first' border='0' onClick=\"pageCours=0;goPage(pages[pageCours]['href']);return false;\" style='display:inline;'/>\n \t\t\t \n\t \t<img src='" . $visionneuse_path . "/images/prev.gif' alt='previous' border='0' onClick=\"changePage('-');\" style='display:inline;'/>\n\t \t \n\t \tpage <input type='text' id='pageNum' name='pageNum' value='0' size='1'/ onChange='appelPage();'> / " . count($ebook->pages) . "\n\t\t\t\t \n \t\t\t<img src='" . $visionneuse_path . "/images/next.gif' alt='next' border='0' onClick=\"changePage('+');\" style='display:inline;'/>\n \t\t\t \n \t\t\t<img src='" . $visionneuse_path . "/images/last.gif' alt='last' border='0' onClick=\"pageCours=" . (count($ebook->pages) - 1) . ";goPage(pages[pageCours]['href']);return false;\" style='display:inline;'/>\n \t\t</div>\t\t\n \t</div> \n \t<div class='row'></div> \t\n \t<script type='text/javascript'>\n \t\tvar pages = " . json_encode($ebook->pages) . ";\n \t\tvar pageCours = 0;\n \t\tvar idiv= document.getElementById('divEpub');\n \t\tvar iframe= document.getElementById('ePubFrameViewer');\n \t\tvar pageNumText = document.getElementById('pageNum');\n \t\tvar fontSize = 1;\n \t\tvar fichierActuel = ''; \t\t\n\n \t\tfunction changePage(sens) {\n\t\t\t\tvar ok = true;\n\t\t\t\tif (sens == '+') {\n\t\t\t\t\tif (pages[pageCours+1]) {\n\t\t\t\t\t\tpageCours++;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tok = false;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (sens == '-') {\n\t\t\t\t\tif (pages[pageCours-1]) {\n\t\t\t\t\t\tpageCours--;\n\t\t\t\t\t} else {\n\t\t\t\t\t\tok = false;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (ok) {\n\t\t\t\t\tgoPage(pages[pageCours]['href']);\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\tfunction goPage(page) {\n\t\t\t\t//On charge la page\n\t\t\t\tiframe.src='visionneuse.php/" . $this->driver->driver_name . "/" . $this->doc->id . "/'+page;\n\t\t\t}\n\t\t\t\t\t\t\n\t\t\tfunction appelPage() {\n\t\t\t\tvar maPage = pageNumText.value;\n\t\t\t\tmaPage = parseInt(maPage);\n\t\t\t\tif (isNaN(maPage)) {\n\t\t\t\t\talert('Numéro de page non valide');\n\t\t\t\t} else {\n\t\t\t\t\tmaPage--; //Le tableau commence à l'indice 0\n\t\t\t\t\tif (pages[maPage]) {\n\t\t\t\t\t\tpageCours = maPage;\n\t\t\t\t\t\tgoPage(pages[pageCours]['href']);\n\t\t\t\t\t} else {\n\t\t\t\t\t\talert('Numéro de page non valide');\n\t\t\t\t\t}\t\t\t\t\t\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tfunction goPageToc(page) {\n\t\t\t\tfor (var i= 0; i < pages.length; i++) {\n\t\t\t\t if (page == pages[i]['href']) {\n\t\t\t\t \tpageCours = i;\n\t\t\t\t \tbreak;\n\t\t\t\t }\n\t\t\t\t}\n\t\t\t\tgoPage(page);\n\t\t\t}\n\t\t\t\n\t\t\tfunction resizeDivConteneur () {\n\t\t\t\tidiv.style.width = '" . $this->parameters["size_x"] . "%';\n\t\t\t\tidiv.style.height = ((getFrameHeight()-40-80)*" . $this->parameters["size_y"] / 100 . ")+'px';\n\t\t\t}\n\t\t\t\n\t\t\tfunction zoomIn() {\n\t\t\t\tfontSize += 0.1;\n\t\t\t\tiframe.contentDocument.body.style.fontSize = fontSize + 'em';\n\t\t\t}\n\t\t\t\n\t\t\tfunction zoomOut() {\n\t\t\t\tif (fontSize > 0.11) {\n\t\t\t\t\tfontSize -= 0.1;\n\t\t\t\t\tiframe.contentDocument.body.style.fontSize = fontSize + 'em';\n\t\t\t\t}\n\t\t\t}\n\t\t\t\n\t\t\tfunction trouvePageNum() {\n\t\t\t\tvar ancre = new Array();\n\t\t\t\tnb_key = 0;\n\t\t\t\tfor (var i in pages) {\n\t\t\t\t\tpg = pages[i]['href'].split('#');\n\t\t\t\t\tif (pg[0] == fichierActuel) {\n\t\t\t\t\t\tvar ancreTmp = new Array();\n\t\t\t\t\t\tancreTmp['numPage'] = i;\n\t\t\t\t\t\tancreTmp['ancre'] = pg[1];\n\t\t\t\t\t\tancre.push(ancreTmp);\n\t\t\t\t\t\tnb_key++;\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tif (nb_key == 1) {\n\t\t\t\t\tpageCours = parseInt(ancre[0]['numPage']);\n\t\t\t\t} else {\n\t\t\t\t\tvar doc = iframe.contentDocument;\t\t\t\t\t\n\t\t\t\t\tvar scroll = doc.documentElement.scrollTop;\n\t\t\t\t\tif (typeof(iframe.innerHeight) == 'number') {\n\t\t\t\t\t\tvar hauteurFrame = iframe.innerHeight;\n\t\t\t\t\t} else if(doc.documentElement && doc.documentElement.clientHeight) {\n\t\t\t\t\t\tvar hauteurFrame = doc.documentElement.clientHeight;\n\t\t\t\t\t}\n\t\t\t\t\tfor (var i=0; i<ancre.length; i++) {\t\t\t\t\t\t\n\t\t\t\t\t\tif (doc.getElementById(ancre[i]['ancre'])) {\n\t\t\t\t\t\t\tvar y = doc.getElementById(ancre[i]['ancre']).offsetTop - scroll;\n\t\t\t\t\t\t\tif (y >= 0 && y < (hauteurFrame/10)) {\n\t\t\t\t\t\t\t\tpageCours = parseInt(ancre[i]['numPage']);\n\t\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t\t} else if (y >= 0 && y > (hauteurFrame/10)) {\n\t\t\t\t\t\t\t\tpageCours = parseInt(ancre[i]['numPage'])-1;\n\t\t\t\t\t\t\t\tbreak;\n\t\t\t\t\t\t\t} else if(i==(ancre.length-1)) {\n\t\t\t\t\t\t\t\t//on est sur la dernière ancre, rien de détecté : elle est au dessus\n\t\t\t\t\t\t\t\tpageCours = parseInt(ancre[i]['numPage']);\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t\tpageNumText.value = pageCours+1;\t\t\t\t\n\t\t\t}\n\t\t\t\n\t\t\tfunction monInit() {\n\t\t\t\t//div conteneur\n\t\t\t\tresizeDivConteneur();\n\t\t\t\t//docnum\n\t\t\t\tgoPage(pages[pageCours]['href']);\n\t\t\t}\n \t\t\n\t\t\tfunction pageChargee() {\n\t\t\t\t//Fichier actuel\n\t\t\t\tvar tmpFrameSrc = frames['ePubFrameViewer'].location.href.split('/');\n\t\t\t\tvar frameSrc = tmpFrameSrc[(tmpFrameSrc.length-1)];\n\t\t\t\ttmpFrameSrc = frameSrc.split('#');\n\t\t\t\tfichierActuel = tmpFrameSrc[0];\n\n\t\t\t\t//Numéro de page en cours\n\t\t\t\ttrouvePageNum();\n\t\t\t\t\n\t\t\t\t//On reprend le dernier niveau de zoom\n\t\t\t\ttry {\n\t\t\t\t\tiframe.contentWindow.body.style.fontSize = fontSize + 'em';\n\t\t\t\t}catch(err){\n\t\t\t\t\tiframe.contentDocument.body.style.fontSize = fontSize + 'em';\n\t\t\t\t}\n\t\t\t\t\n\t\t\t\t//on met à jour sur scroll\n\t \t\ttry {\n\t\t\t\t\tiframe.contentWindow.onscroll=function(){\n\t\t \t\t\ttrouvePageNum();\n\t\t \t\t}\n\t\t\t\t}catch(err){\n\t\t\t\t\tiframe.contentDocument.onscroll=function(){\n\t\t \t\t\ttrouvePageNum();\n\t\t \t\t}\n\t\t\t\t}\t \t\t\n\t\t\t}\n\n \t\tif (window.attachEvent) {\n \t\t\twindow.attachEvent('onload', monInit);\n \t\t} else {\n \t\t\twindow.addEventListener('load', monInit, false);\n \t\t}\n \t\t\n \t\tif (iframe.attachEvent) {\n \t\t\tiframe.attachEvent('onload', pageChargee);\n \t\t} else {\n \t\t\tiframe.addEventListener('load', pageChargee, false);\n \t\t}\n \t\t\n \t</script>\n \t";
//la description
$this->toDisplay["desc"] = $this->doc->desc;
return $this->toDisplay;
}