示例#1
0
function gpc_strip_slashes($p_var)
{
    if (0 == get_magic_quotes_gpc()) {
        return $p_var;
    } else {
        if (!is_array($p_var)) {
            return stripslashes($p_var);
        } else {
            foreach ($p_var as $key => $value) {
                $p_var[$key] = gpc_strip_slashes($value);
            }
            return $p_var;
        }
    }
}
示例#2
0
function gpc_get($p_var_name, $p_default = null)
{
    global $_POST, $_GET;
    if (isset($_POST[$p_var_name])) {
        $t_result = gpc_strip_slashes($_POST[$p_var_name]);
    } else {
        if (isset($_GET[$p_var_name])) {
            $t_result = gpc_strip_slashes($_GET[$p_var_name]);
        } else {
            if (func_num_args() > 1) {
                #check for a default passed in (allowing null)
                $t_result = $p_default;
            } else {
                error_parameters($p_var_name);
                trigger_error(ERROR_GPC_VAR_NOT_FOUND, ERROR);
                $t_result = null;
            }
        }
    }
    return $t_result;
}
示例#3
0
function helper_ensure_confirmed($p_message, $p_button_label)
{
    if (true == gpc_get_bool('_confirmed')) {
        return true;
    }
    html_page_top1();
    html_page_top2();
    # @@@ we need to improve this formatting.  I'd like the text to only
    #  be about 50% the width of the screen so that it doesn't become to hard
    #  to read.
    print "<br />\n<div align=\"center\">\n";
    print_hr();
    print "\n{$p_message}\n";
    print '<form method="post" action="' . $_SERVER['PHP_SELF'] . "\">\n";
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    print "<input type=\"hidden\" name=\"_confirmed\" value=\"1\" />\n";
    print '<br /><br /><input type="submit" class="button" value="' . $p_button_label . '" />';
    print "\n</form>\n";
    print_hr();
    print "</div>\n";
    html_page_bottom1();
    exit;
}
示例#4
0
/**
 * Check whether the user has confirmed this action.
 *
 * If the user has not confirmed the action, generate a page which asks
 * the user to confirm and then submits a form back to the current page
 * with all the GET and POST data and an additional field called _confirmed
 * to indicate that confirmation has been done.
 * @param string $p_message
 * @param string $p_button_label
 * @return bool
 * @todo improve this formatting - to only be about 50% of the screen width so that it doesn't become hard to read.
 */
function helper_ensure_confirmed($p_message, $p_button_label)
{
    if (true == gpc_get_bool('_confirmed')) {
        return true;
    }
    html_page_top();
    echo "<br />\n<div class=\"center\">\n<hr />";
    echo "\n{$p_message}\n";
    echo '<form method="post" action="">' . "\n";
    # CSRF protection not required here - user needs to confirm action
    # before the form is accepted.
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    echo "<input type=\"hidden\" name=\"_confirmed\" value=\"1\" />\n";
    echo '<br /><br /><input type="submit" class="button" value="' . $p_button_label . '" />';
    echo "\n</form>\n";
    echo "<hr /></div>\n";
    html_page_bottom();
    exit;
}
示例#5
0
/**
 * Generate the intermediate authentication page.
 * @param integer User ID
 * @param string Username
 * @return bool
 * @access public
 */
function auth_reauthenticate_page($p_user_id, $p_username)
{
    $t_error = false;
    if (true == gpc_get_bool('_authenticate')) {
        $f_password = gpc_get_string('password', '');
        if (auth_attempt_login($p_username, $f_password)) {
            auth_set_tokens($p_user_id);
            return true;
        } else {
            $t_error = true;
        }
    }
    html_page_top();
    ?>
<div align="center">
<p>
<?php 
    echo lang_get('reauthenticate_message');
    if ($t_error != false) {
        echo '<br/><font color="red">', lang_get('login_error'), '</font>';
    }
    ?>
</p>
<form name="reauth_form" method="post" action="<?php 
    echo form_action_self();
    ?>
">
<?php 
    # CSRF protection not required here - user needs to enter password
    # (confirmation step) before the form is accepted.
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    ?>

<input type="hidden" name="_authenticate" value="1" />

<table class="width50 center">
<tr>
	<td class="form-title" colspan="2"><?php 
    echo lang_get('reauthenticate_title');
    ?>
</td>
</tr>

<tr class="row-1">
	<th class="category"><?php 
    echo lang_get('username');
    ?>
</th>
	<td><input type="text" disabled="disabled" size="32" maxlength="<?php 
    echo USERLEN;
    ?>
" value="<?php 
    echo string_attribute($p_username);
    ?>
" /></td>
</tr>

<tr class="row-2">
	<th class="category"><?php 
    echo lang_get('password');
    ?>
</th>
	<td><input type="password" name="password" size="16" maxlength="<?php 
    echo PASSLEN;
    ?>
" class="autofocus" /></td>
</tr>

<tr>
	<td class="center" colspan="2"><input type="submit" class="button" value="<?php 
    echo lang_get('login_button');
    ?>
" /></td>
</tr>
</table>

</form>
</div>

<?php 
    html_page_bottom();
    exit;
}
示例#6
0
function gpc_get_cookie($p_var_name, $p_default = null)
{
    # simulate auto-globals from PHP v4.1.0 (see also code in php_api.php)
    if (!php_version_at_least('4.1.0')) {
        global $_COOKIE;
    }
    if (isset($_COOKIE[$p_var_name])) {
        $t_result = gpc_strip_slashes($_COOKIE[$p_var_name]);
    } else {
        if (func_num_args() > 1) {
            #check for a default passed in (allowing null)
            $t_result = $p_default;
        } else {
            #trigger_error(ERROR_GPC_VAR_NOT_FOUND, ERROR);
            echo "Variable '{$p_var_name}' not found";
            $t_result = null;
        }
    }
    return $t_result;
}
示例#7
0
/**
 * Generate the intermediate authentication page.
 * @param integer User ID
 * @param string Username
 */
function auth_reauthenticate_page($p_user_id, $p_username)
{
    $t_error = false;
    if (true == gpc_get_bool('_authenticate')) {
        $f_password = gpc_get_string('password', '');
        if (auth_attempt_login($p_username, $f_password)) {
            auth_set_tokens($p_user_id);
            return true;
        } else {
            $t_error = true;
        }
    }
    html_page_top1();
    html_page_top2();
    ?>
<div align="center">
<p>
<?php 
    echo lang_get('reauthenticate_message');
    if ($t_error != false) {
        echo '<br/><font color="red">', lang_get('login_error'), '</font>';
    }
    ?>
</p>
<form method="post" action="<?php 
    echo $_SERVER['PHP_SELF'];
    ?>
">

<?php 
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    ?>

<input type="hidden" name="_authenticate" value="1" />

<table class="width50 center">
<tr>
	<td class="form-title"><?php 
    echo lang_get('reauthenticate_title');
    ?>
</td>
</tr>

<tr class="row-1">
	<td class="category"><?php 
    echo lang_get('username');
    ?>
</td>
	<td><input type="text" disabled="disabled" size="32" maxlength="32" value="<?php 
    echo $p_username;
    ?>
" /></td>
</tr>

<tr class="row-2">
	<td class="category"><?php 
    echo lang_get('password');
    ?>
</td>
	<td><input type="password" name="password" size="16" maxlength="32" /></td>
</tr>

<tr>
	<td class="center" colspan="2"><input type="submit" class="button" value="<?php 
    echo lang_get('login_button');
    ?>
" /></td>
</tr>
</table>

</form>
</div>

		<?php 
    html_page_bottom1();
    exit;
}
示例#8
0
/**
 * Generate the intermediate authentication page.
 * @param integer User ID
 * @param string Username
 * @return bool
 * @access public
 */
function auth_reauthenticate_page($p_user_id, $p_username)
{
    $t_error = false;
    if (true == gpc_get_bool('_authenticate')) {
        $f_password = gpc_get_string('password', '');
        if (auth_attempt_login($p_username, $f_password)) {
            auth_set_tokens($p_user_id);
            return true;
        } else {
            $t_error = true;
        }
    }
    html_page_top();
    ?>
<div class="important-msg">
<?php 
    echo lang_get('reauthenticate_message');
    if ($t_error != false) {
        echo '<br /><span class="error-msg">', lang_get('login_error'), '</span>';
    }
    ?>
</div>
<div id="reauth-div" class="form-container">
	<form id="reauth-form" method="post" action="">
		<fieldset>
			<legend><span><?php 
    echo lang_get('reauthenticate_title');
    ?>
</span></legend>

		<?php 
    # CSRF protection not required here - user needs to enter password
    # (confirmation step) before the form is accepted.
    print_hidden_inputs(gpc_strip_slashes($_POST));
    print_hidden_inputs(gpc_strip_slashes($_GET));
    ?>

			<input type="hidden" name="_authenticate" value="1" />
			<div class="field-container <?php 
    echo helper_alternate_class_no_attribute();
    ?>
">
				<label for="username"><span><?php 
    echo lang_get('username');
    ?>
</span></label>
				<span class="input"><input id="username" type="text" disabled="disabled" size="32" maxlength="<?php 
    echo DB_FIELD_SIZE_USERNAME;
    ?>
" value="<?php 
    echo string_attribute($p_username);
    ?>
" /></span>
				<span class="label-style"></span>
			</div>
			<div class="field-container <?php 
    echo helper_alternate_class_no_attribute();
    ?>
">
				<label for="password"><span><?php 
    echo lang_get('password');
    ?>
</span></label>
				<span class="input"><input id="password" type="password" name="password" size="32" maxlength="<?php 
    echo auth_get_password_max_size();
    ?>
" class="autofocus" /></span>
				<span class="label-style"></span>
			</div>
			<span class="submit-button"><input type="submit" class="button" value="<?php 
    echo lang_get('login_button');
    ?>
" /></span>
		</fieldset>
	</form>
</div>

<?php 
    html_page_bottom();
    exit;
}