PHP error_403示例

示例#1

文件： lib_api_keys_utils.php 项目： alokc83/flamework-api

function api_keys_utils_get_from_url($more = array())
{
    $defaults = array('allow_disabled' => 0, 'ensure_isown' => 1);
    $more = array_merge($defaults, $more);
    $api_key = request_str("api_key");
    # OAuth2 section 2.2 ...
    if (!$api_key) {
        $api_key = request_str("client_id");
    }
    if (!$api_key) {
        error_404();
    }
    $key_row = api_keys_get_by_key($api_key);
    if (!$key_row) {
        error_404();
    }
    if ($key_row['deleted']) {
        error_410();
    }
    if ($more['ensure_isown']) {
        if ($key_row['user_id'] != $GLOBALS['cfg']['user']['id']) {
            error_403();
        }
    }
    if (!$more['allow_disabled']) {
        if ($key_row['disabled']) {
            error_403();
        }
    }
    return $key_row;
}

示例#2

文件： user_history.php 项目： nilswalk/privatesquare

loadlib("foursquare_users");
$fsq_id = get_int32("foursquare_id");
if (!$fsq_id) {
    error_404();
}
$history_url = "user/{$fsq_id}/history/";
login_ensure_loggedin($history_url);
$fsq_user = foursquare_users_get_by_foursquare_id($fsq_id);
if (!$fsq_user) {
    error_404();
}
$owner = users_get_by_id($fsq_user['user_id']);
$is_own = $owner['id'] == $GLOBALS['cfg']['user']['id'] ? 1 : 0;
# for now...
if (!$is_own) {
    error_403();
}
$more = array();
if ($page = get_int32("page")) {
    $more['page'] = $page;
}
if ($when = get_str("when")) {
    $more['when'] = $when;
    $history_url .= urlencode($when) . "/";
    # TO DO: find some better heuristic for this number
    # besides "pull it out of my ass" (20120206/straup)
    $more['per_page'] = 100;
}
$more['inflate_locality'] = 1;
$rsp = privatesquare_checkins_for_user($owner, $more);
# TO DO: oh god...timezones :-(

示例#3

文件： phpmyid.php 项目： jaeindia/ownCloud-Enhancements

/**
 * Testing for setup
 * @global array $profile
 */
function test_mode()
{
    global $profile, $p, $g;
    if ($profile['allow_test'] != true) {
        error_403();
    }
    @ini_set('max_execution_time', 180);
    $test_expire = time() + 120;
    $test_ss_enc = 'W7hvmld2yEYdDb0fHfSkKhQX+PM=';
    $test_ss = base64_decode($test_ss_enc);
    $test_token = "alpha:bravo\ncharlie:delta\necho:foxtrot";
    $test_server_private = '11263846781670293092494395517924811173145217135753406847875706165886322533899689335716152496005807017390233667003995430954419468996805220211293016296351031812246187748601293733816011832462964410766956326501185504714561648498549481477143603650090931135412673422192550825523386522507656442905243832471167330268';
    $test_client_public = base64_decode('AL63zqI5a5p8HdXZF5hFu8p+P9GOb816HcHuvNOhqrgkKdA3fO4XEzmldlb37nv3+xqMBgWj6gxT7vfuFerEZLBvuWyVvR7IOGZmx0BAByoq3fxYd3Fpe2Coxngs015vK37otmH8e83YyyGo5Qua/NAf13yz1PVuJ5Ctk7E+YdVc');
    $res = array();
    // bcmath
    $res['bcmath'] = extension_loaded('bcmath') ? 'pass' : 'warn - not loaded';
    // gmp
    if ($profile['allow_gmp']) {
        $res['gmp'] = extension_loaded('gmp') ? 'pass' : 'warn - not loaded';
    } else {
        $res['gmp'] = 'pass - n/a';
    }
    // get_temp_dir
    $res['logfile'] = is_writable($profile['logfile']) ? 'pass' : "warn - log is not writable";
    // session & new_assoc
    user_session();
    list($test_assoc, $test_new_ss) = new_assoc($test_expire);
    $res['session'] = $test_assoc != session_id() ? 'pass' : 'fail';
    // secret
    @session_unregister('shared_secret');
    list($check, $check2) = secret($test_assoc);
    $res['secret'] = $check == $test_new_ss ? 'pass' : 'fail';
    // expire
    $res['expire'] = $check2 <= $test_expire ? 'pass' : 'fail';
    // base64
    $res['base64'] = base64_encode($test_ss) == $test_ss_enc ? 'pass' : 'fail';
    // hmac
    $test_sig = base64_decode('/VXgHvZAOdoz/OTa5+XJXzSGhjs=');
    $check = hmac($test_ss, $test_token);
    $res['hmac'] = $check == $test_sig ? 'pass' : sprintf("fail - '%s'", base64_encode($check));
    if ($profile['use_bigmath']) {
        // bigmath powmod
        $test_server_public = '102773334773637418574009974502372885384288396853657336911033649141556441102566075470916498748591002884433213640712303846640842555822818660704173387461364443541327856226098159843042567251113889701110175072389560896826887426539315893475252988846151505416694218615764823146765717947374855806613410142231092856731';
        $check = bmpowmod($g, $test_server_private, $p);
        $res['bmpowmod-1'] = $check == $test_server_public ? 'pass' : sprintf("fail - '%s'", $check);
        // long
        $test_client_long = '133926731803116519408547886573524294471756220428015419404483437186057383311250738749035616354107518232016420809434801736658109316293127101479053449990587221774635063166689561125137927607200322073086097478667514042144489248048756916881344442393090205172004842481037581607299263456852036730858519133859409417564';
        $res['long'] = long($test_client_public) == $test_client_long ? 'pass' : 'fail';
        // bigmath powmod 2
        $test_client_share = '19333275433742428703546496981182797556056709274486796259858099992516081822015362253491867310832140733686713353304595602619444380387600756677924791671971324290032515367930532292542300647858206600215875069588627551090223949962823532134061941805446571307168890255137575975911397744471376862555181588554632928402';
        $check = bmpowmod($test_client_long, $test_server_private, $p);
        $res['bmpowmod-2'] = $check == $test_client_share ? 'pass' : sprintf("fail - '%s'", $check);
        // bin
        $test_client_mac_s1 = base64_decode('G4gQQkYM6QmAzhKbVKSBahFesPL0nL3F2MREVwEtnVRRYI0ifl9zmPklwTcvURt3QTiGBd+9Dn3ESLk5qka6IO5xnILcIoBT8nnGVPiOZvTygfuzKp4tQ2mXuIATJoa7oXRGmBWtlSdFapH5Zt6NJj4B83XF/jzZiRwdYuK4HJI=');
        $check = bin($test_client_share);
        $res['bin'] = $check == $test_client_mac_s1 ? 'pass' : sprintf("fail - '%s'", base64_encode($check));
    } else {
        $res['bigmath'] = 'fail - big math functions are not available.';
    }
    // sha1_20
    $test_client_mac_s1 = base64_decode('G4gQQkYM6QmAzhKbVKSBahFesPL0nL3F2MREVwEtnVRRYI0ifl9zmPklwTcvURt3QTiGBd+9Dn3ESLk5qka6IO5xnILcIoBT8nnGVPiOZvTygfuzKp4tQ2mXuIATJoa7oXRGmBWtlSdFapH5Zt6NJj4B83XF/jzZiRwdYuK4HJI=');
    $test_client_mac_s2 = base64_decode('0Mb2t9d/HvAZyuhbARJPYdx3+v4=');
    $check = sha1_20($test_client_mac_s1);
    $res['sha1_20'] = $check == $test_client_mac_s2 ? 'pass' : sprintf("fail - '%s'", base64_encode($check));
    // x_or
    $test_client_mac_s3 = base64_decode('i36ZLYAJ1rYEx1VEHObrS8hgAg0=');
    $check = x_or($test_client_mac_s2, $test_ss);
    $res['x_or'] = $check == $test_client_mac_s3 ? 'pass' : sprintf("fail - '%s'", base64_encode($check));
    $out = "<table border=1 cellpadding=4>\n";
    foreach ($res as $test => $stat) {
        $code = substr($stat, 0, 4);
        $color = $code == 'pass' ? '#9f9' : ($code == 'warn' ? '#ff9' : '#f99');
        $out .= sprintf("<tr><th>%s</th><td style='background:%s'>%s</td></tr>\n", $test, $color, $stat);
    }
    $out .= "</table>";
    wrap_html($out);
}