/** * Test minimalistic getting of page parameters. */ public function test_min_optional_param() { $this->resetAfterTest(); $_GET['foo'] = 'bar'; $_GET['num'] = '1'; $_GET['xnum'] = '1aa'; $_POST['foo'] = 'rebar'; $_POST['oof'] = 'rab'; $this->assertSame('bar', min_optional_param('foo', null, 'RAW')); $this->assertSame(null, min_optional_param('foo2', null, 'RAW')); $this->assertSame('rab', min_optional_param('oof', null, 'RAW')); $this->assertSame(1, min_optional_param('num', null, 'INT')); $this->assertSame(1, min_optional_param('xnum', null, 'INT')); }
* * @package core * @subpackage lib * @copyright 2010 Petr Skoda (skodak) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ // we need just the values from config.php and minlib.php define('ABORT_AFTER_CONFIG', true); require '../config.php'; // this stops immediately at the beginning of lib/setup.php ini_set('zlib.output_compression', 'Off'); // setup include path set_include_path($CFG->libdir . '/minify/lib' . PATH_SEPARATOR . get_include_path()); require_once 'Minify.php'; $file = min_optional_param('file', '', 'RAW'); $rev = min_optional_param('rev', 0, 'INT'); // some security first - pick only files with .js extension in dirroot $jsfiles = array(); $files = explode(',', $file); foreach ($files as $fsfile) { $jsfile = realpath($CFG->dirroot . $fsfile); if ($jsfile === false) { // does not exist continue; } if ($CFG->dirroot === '/') { // Some shared hosting sites serve files directly from '/', // this is NOT supported, but at least allow JS when showing // errors and warnings. } else { if (strpos($jsfile, $CFG->dirroot . DIRECTORY_SEPARATOR) !== 0) {
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ // disable moodle specific debug messages and any errors in output, // comment out when debugging or better look into error log! define('NO_DEBUG_DISPLAY', true); // we need just the values from config.php and minlib.php define('ABORT_AFTER_CONFIG', true); require('../config.php'); // this stops immediately at the beginning of lib/setup.php if ($slashargument = min_get_slash_argument()) { $path = ltrim($slashargument, '/'); } else { $path = min_optional_param('file', '', 'SAFEPATH'); } $etag = sha1($path); $parts = explode('/', $path); $version = array_shift($parts); if ($version == 'moodle' && count($parts) >= 3) { if (!defined('ABORT_AFTER_CONFIG_CANCEL')) { define('ABORT_AFTER_CONFIG_CANCEL', true); define('NO_UPGRADE_CHECK', true); define('NO_MOODLE_COOKIES', true); require($CFG->libdir.'/setup.php'); } $frankenstyle = array_shift($parts); $module = array_shift($parts); $image = array_pop($parts);
* This file is responsible for serving of individual style sheets in designer mode. * * @package moodlecore * @copyright 2009 Petr Skoda (skodak) {@link http://skodak.org} * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ define('ABORT_AFTER_CONFIG', true); require('../config.php'); // this stops immediately at the beginning of lib/setup.php require_once($CFG->dirroot.'/lib/csslib.php'); $themename = min_optional_param('theme', 'standard', 'SAFEDIR'); $type = min_optional_param('type', '', 'SAFEDIR'); $subtype = min_optional_param('subtype', '', 'SAFEDIR'); $sheet = min_optional_param('sheet', '', 'SAFEDIR'); if (!defined('THEME_DESIGNER_CACHE_LIFETIME')) { define('THEME_DESIGNER_CACHE_LIFETIME', 4); // this can be also set in config.php } if (file_exists("$CFG->dirroot/theme/$themename/config.php")) { // exists } else if (!empty($CFG->themedir) and file_exists("$CFG->themedir/$themename/config.php")) { // exists } else { css_send_css_not_found(); } // no gzip compression when debugging
* @copyright 2009 Petr Skoda (skodak) {@link http://skodak.org} * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ // disable moodle specific debug messages and any errors in output, // comment out when debugging or better look into error log! define('NO_DEBUG_DISPLAY', true); // we need just the values from config.php and minlib.php define('ABORT_AFTER_CONFIG', true); require('../config.php'); // this stops immediately at the beginning of lib/setup.php $themename = min_optional_param('theme', 'standard', 'SAFEDIR'); $rev = min_optional_param('rev', 0, 'INT'); $type = min_optional_param('type', 'head', 'RAW'); if ($type !== 'head' and $type !== 'footer') { header('HTTP/1.0 404 not found'); die('Theme was not found, sorry.'); } if (file_exists("$CFG->dirroot/theme/$themename/config.php")) { // exists } else if (!empty($CFG->themedir) and file_exists("$CFG->themedir/$themename/config.php")) { // exists } else { header('HTTP/1.0 404 not found'); die('Theme was not found, sorry.'); }
require '../config.php'; if ($slashargument = min_get_slash_argument()) { $slashargument = ltrim($slashargument, '/'); if (substr_count($slashargument, '/') < 3) { font_not_found(); } list($themename, $component, $rev, $font) = explode('/', $slashargument, 4); $themename = min_clean_param($themename, 'SAFEDIR'); $component = min_clean_param($component, 'SAFEDIR'); $rev = min_clean_param($rev, 'INT'); $font = min_clean_param($font, 'RAW'); } else { $themename = min_optional_param('theme', 'standard', 'SAFEDIR'); $component = min_optional_param('component', 'core', 'SAFEDIR'); $rev = min_optional_param('rev', -1, 'INT'); $font = min_optional_param('font', '', 'RAW'); } if (!$font) { font_not_found(); } if (empty($component) or $component === 'moodle' or $component === 'core') { $component = 'core'; } if (preg_match('/^[a-z0-9_-]+\\.woff$/i', $font, $matches)) { // This is the real standard! $font = $matches[0]; $mimetype = 'application/font-woff'; } else { if (preg_match('/^[a-z0-9_-]+\\.ttf$/i', $font, $matches)) { $font = $matches[0]; $mimetype = 'application/x-font-ttf';
$usesvg = false; } else { $usesvg = true; } // image must be last because it may contain "/" list($themename, $component, $rev, $image) = explode('/', $slashargument, 4); $themename = min_clean_param($themename, 'SAFEDIR'); $component = min_clean_param($component, 'SAFEDIR'); $rev = min_clean_param($rev, 'INT'); $image = min_clean_param($image, 'SAFEPATH'); } else { $themename = min_optional_param('theme', 'standard', 'SAFEDIR'); $component = min_optional_param('component', 'core', 'SAFEDIR'); $rev = min_optional_param('rev', -1, 'INT'); $image = min_optional_param('image', '', 'SAFEPATH'); $usesvg = (bool) min_optional_param('svg', '1', 'INT'); } if (empty($component) or $component === 'moodle' or $component === 'core') { $component = 'core'; } if (empty($image)) { image_not_found(); } if (file_exists("{$CFG->dirroot}/theme/{$themename}/config.php")) { // exists } else { if (!empty($CFG->themedir) and file_exists("{$CFG->themedir}/{$themename}/config.php")) { // exists } else { image_not_found(); }
define('ABORT_AFTER_CONFIG', true); require '../config.php'; // this stops immediately at the beginning of lib/setup.php require_once "{$CFG->dirroot}/lib/jslib.php"; if ($slashargument = min_get_slash_argument()) { $slashargument = ltrim($slashargument, '/'); if (substr_count($slashargument, '/') < 1) { image_not_found(); } // image must be last because it may contain "/" list($rev, $file) = explode('/', $slashargument, 2); $rev = min_clean_param($rev, 'INT'); $file = '/' . min_clean_param($file, 'SAFEPATH'); } else { $rev = min_optional_param('rev', 0, 'INT'); $file = min_optional_param('jsfile', '', 'RAW'); // 'file' would collide with URL rewriting! } // some security first - pick only files with .js extension in dirroot $jsfiles = array(); $files = explode(',', $file); foreach ($files as $fsfile) { $jsfile = realpath($CFG->dirroot . $fsfile); if ($jsfile === false) { // does not exist continue; } if ($CFG->dirroot === '/') { // Some shared hosting sites serve files directly from '/', // this is NOT supported, but at least allow JS when showing // errors and warnings.
$slashargument = ltrim($slashargument, '/'); if (substr_count($slashargument, '/') < 3) { image_not_found(); } // image must be last because it may contain "/" list($themename, $component, $rev, $image) = explode('/', $slashargument, 4); $themename = min_clean_param($themename, 'SAFEDIR'); $component = min_clean_param($component, 'SAFEDIR'); $rev = min_clean_param($rev, 'INT'); $image = min_clean_param($image, 'SAFEPATH'); } else { $themename = min_optional_param('theme', 'standard', 'SAFEDIR'); $component = min_optional_param('component', 'core', 'SAFEDIR'); $rev = min_optional_param('rev', -1, 'INT'); $image = min_optional_param('image', '', 'SAFEPATH'); } if (empty($component) or $component === 'moodle' or $component === 'core') { $component = 'moodle'; } if (empty($image)) { image_not_found(); } if (file_exists("$CFG->dirroot/theme/$themename/config.php")) { // exists } else if (!empty($CFG->themedir) and file_exists("$CFG->themedir/$themename/config.php")) { // exists } else {
if ($slashargument = min_get_slash_argument()) { $slashargument = ltrim($slashargument, '/'); if (substr_count($slashargument, '/') < 2) { image_not_found(); } // image must be last because it may contain "/" list($themename, $rev, $type) = explode('/', $slashargument, 3); $themename = min_clean_param($themename, 'SAFEDIR'); $rev = min_clean_param($rev, 'INT'); $type = min_clean_param($type, 'SAFEDIR'); } else { $themename = min_optional_param('theme', 'standard', 'SAFEDIR'); $rev = min_optional_param('rev', 0, 'INT'); $type = min_optional_param('type', 'all', 'SAFEDIR'); } if (!in_array($type, array('all', 'ie', 'editor', 'plugins', 'parents', 'theme'))) { header('HTTP/1.0 404 not found'); die('Theme was not found, sorry.'); } if (file_exists("$CFG->dirroot/theme/$themename/config.php")) { // exists } else if (!empty($CFG->themedir) and file_exists("$CFG->themedir/$themename/config.php")) { // exists } else { header('HTTP/1.0 404 not found'); die('Theme was not found, sorry.'); }