public function getTokenAction()
{
$token_name = $this->request->get('token_name');
if (!$token_name) {
$token_name = 'form_token';
}
$form_token = md5(uniqid(microtime(true) * 1000) . uniqid());
$this->session->set($token_name, $form_token);
logLog('[IP:' . $_SERVER['REMOTE_ADDR'] . '][' . $token_name . ':' . $form_token . ']');
returnJSON(array('err' => 1, 'data' => $form_token));
}
function set()
{
ignore_user_abort(true);
if (function_exists('apache_setenv')) {
apache_setenv('no-gzip', 1);
}
ini_set('zlib.output_compression', 0);
if (ob_get_level() == 0) {
ob_start();
}
header('Content-encoding: none', true);
if (!empty($_GET['return']) && $_GET['return'] == 'pixel') {
returnImage();
} else {
returnJSON();
}
}
$action = m_get('action');
$userid = m_get('userid');
$url = m_get('url');
$title = m_get('title');
// Split userid into username and domain
$parts = explode('@', $userid);
if ($userid && count($parts) !== 2) {
$err = 'Invalid User ID';
} else {
if ($userid) {
$username = $parts[0];
$domain = 'http://' . $parts[1];
switch ($action) {
// Return instance info in JSON format
case 'poke':
returnJSON($username, $domain);
break;
// Redirect to the instance's posting page
// Redirect to the instance's posting page
case 'share':
share($username, $domain, $title, $url);
break;
}
}
}
/**
* $_GET wrapper
*
* Just to get rid of warnings when value isn't in array
*/
function m_get($param)
function ExtGPIO()
{
global $args;
$result = array();
$gpio = $args['gpio'];
$mode = $args['mode'];
$val = $args['val'];
check($gpio, "gpio", __FUNCTION__);
check($mode, "mode", __FUNCTION__);
check($val, "val", __FUNCTION__);
$status = SendCommand(sprintf("ExtGPIO,%s,%s,%s", $gpio, $mode, $val));
$status = explode(',', $status, 14);
if ((int) $status[1] >= 0) {
$result['status'] = 'success';
$result['result'] = $status[6];
} else {
$result['status'] = 'failed';
}
returnJSON($result);
}
/**
* 请求 POST
* @return type
*/
private function request()
{
$ret = '';
$ispost = FALSE;
if (!YApp::getConfig('YUC_CODE_IS_LOCAL')) {
$ispost = TRUE;
$client_back = $this->doPost();
$cfg = $client_back['content'];
$c_status = $client_back['status'];
YLog::Write(var_export($cfg, TRUE), YLog::DEBUG);
} else {
YucMonitor::report("REPORT_0001");
$cfg['result']['code'] = 'O_CODELOCAL_001';
$cfg['result']['details'] = '强制被本地化处理!';
YLog::Write('强制本地化验证码', YLog::DEBUG);
}
if (!YApp::getConfig('YUC_CODE_IS_LOCAL') && $c_status == 200 && is_array($cfg) && isset($cfg['service']['type']) && $cfg['service']['type'] == 1) {
YLog::Write('远程响应正常,开始处理远程服务!', YLog::DEBUG);
$this->_comparam->createdFromArray($cfg['config']);
$this->_comparam->createdFromArray($cfg['picserver']);
$this->_comparam->createdFromArray($cfg['session']);
$this->_comparam->createdFromArray($cfg['position']);
$this->_comparam->set('request_type', 1);
$this->_comparam->set('result', returnJSON($cfg['result']));
if (isset($cfg["reject"])) {
$ret .= $this->_comparam->createdJsVar(json_decode($cfg["reject"]));
}
$ret .= $cfg["js"]["extra"];
//远程和本地通信缓存交互
if ($cfg['js']['cached'] === 1) {
YLog::Write('加载本地缓存 JS Code', YLog::DEBUG);
$ret .= $this->_local->getCachedJsCode();
} else {
YLog::Write('加载远程 JS Code', YLog::DEBUG);
$ret .= $cfg['js']['jscode'];
$this->_local->setCachedJsCode($cfg['js']['jscode']);
}
posi_update($cfg['update_posi']);
//更新广告位信息
} else {
if ($ispost && $c_status != 200) {
YucMonitor::report("REPORT_0002");
YLog::Write('远程响应出现异常,开始本地服务!', YLog::DEBUG);
} else {
if (isset($cfg['service']['type']) && $cfg['service']['type'] == 1) {
YLog::Write('远程切换服务,开始本地服务!', YLog::DEBUG);
} else {
YucMonitor::report("REPORT_0003");
YLog::Write('其它原因导致,开始本地服务!', YLog::DEBUG);
}
}
$this->_comparam->set('imgsrc', '');
$this->_comparam->set('request_type', 0);
$this->_comparam->set('ssid', returnJSON($this->_local->getCreatedSsid()));
$this->_comparam->set('posiid', returnJSON($this->_local->getPosiIdTeam()));
$this->_comparam->set('show_type', returnJSON($this->_local->getShowType()));
$this->_comparam->set('result', returnJSON($cfg['result']));
$ret .= $this->loadJs('server.js');
$ret .= $this->_comparam->createdJsVar(array('ssid', 'show_type', 'posiid', 'result'));
$ret .= $this->loadJs('loadImg.js');
}
return $ret;
}
public function CreatePoiImageAction()
{
//只接受文件流
$img = uploads('temp/poi/');
logDebug(json_encode($img));
if (is_array($img) && !isset($img[0]['error']) && FALSE != $img) {
$this->di['wechat']->createPoiLogo($img);
foreach ($img as $val) {
unlink(ROOT_DIR . DIRECTORY_SEPARATOR . 'Public' . DIRECTORY_SEPARATOR . $val);
}
returnJSON(array('err' => '1', 'wechat_url' => $this->di['wechat']->url));
return;
}
returnJSON(array('err' => '0', 'errmsg' => $img[0]['error']));
return;
}
function SaveScript()
{
global $args;
global $settings;
$result = array();
if (!isset($args['data'])) {
$result['saveStatus'] = "Error, incorrect info";
returnJSON($result);
}
$data = json_decode($args['data'], true);
if (isset($data['scriptName']) && isset($data['scriptBody'])) {
$filename = $settings['scriptDirectory'] . '/' . $data['scriptName'];
$content = $data['scriptBody'];
if (file_exists($filename)) {
if (@file_put_contents($filename, $content)) {
$result['saveStatus'] = "OK";
$result['scriptName'] = $data['scriptName'];
$result['scriptBody'] = $data['scriptBody'];
} else {
$result['saveStatus'] = "Error updating file";
}
} else {
$result['saveStatus'] = "Error, file does not exist";
}
} else {
$result['saveStatus'] = "Error, missing info";
}
returnJSON($result);
}
}
returnJSON($a);
break;
case 'comment':
$context = $_GET['context'];
$wordID = $_GET['wordID'];
$user = $_GET['user'];
$text = $_GET['text'];
$q = "INSERT INTO `{$table_comments}`(context, wordID, user, text) VALUES ('{$context}', '{$wordID}', '{$user}', '{$text}')";
returnJSON(mysql_query($q) ? array('result' => true) : array('result' => mysql_error()));
break;
case 'getComments':
$wordID = $_GET['wordID'];
$q = mysql_query("SELECT * FROM `{$table_comments}` WHERE wordID='{$wordID}'");
$a = array();
while ($r = mysql_fetch_assoc($q)) {
$a[] = array('user' => $r['user'], 'text' => htmlspecialchars($r['text']));
}
returnJSON($a);
break;
}
function returnJSON($arr)
{
if (!headers_sent()) {
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-type: application/json');
}
echo json_encode($arr);
exit;
}
$clientIp = $_SERVER['REMOTE_ADDR'] == '::1' ? '00000000' : encode_ip($_SERVER['REMOTE_ADDR']);
$forumId = mysqli_real_escape_string($db, $_POST['forumId']);
$postId = mysqli_real_escape_string($db, $_POST['postId']);
$usersForumId = mysqli_real_escape_string($db, $_COOKIE['usersForumId']);
$forumUser = mysqli_real_escape_string($db, $_POST['forumUser']);
$forumMessage = mysqli_real_escape_string($db, htmlentities($_POST['forumMessage']));
$forumMessage = $emojione->toShort($forumMessage);
$postTime = time();
// Check for spam
checkSpam($clientIp, $forumUser, $forumMessage);
// Copy previous post to deleted forum
$backupSQL = "INSERT INTO `forum_posts`(`parent_id`, `forum`, `users_forum_id`, `sender`, `post_time`, `message`, `ipaddress`, `length1`, `length2`)\n SELECT `parent_id`, 0, `users_forum_id`, `sender`, `post_time`, `message`, `ipaddress`, `length1`, `length2` FROM `forum_posts` WHERE `id` = {$postId}";
$updateSQL = "UPDATE `forum_posts` SET `message` = '{$forumMessage}', `ipaddress` = '{$clientIp}' WHERE `id` = {$postId}";
if (!mysqli_query($db, $backupSQL) || !mysqli_query($db, $updateSQL)) {
$errorData = mysqli_error($db);
returnJSON('error', $errorData);
}
header("Location: forum/" . $forumId . "#" . $postId);
} else {
if ($_POST['action'] == 'updateLikeCount') {
$postId = mysqli_real_escape_string($db, $_POST['postId']);
$usersForumId = mysqli_real_escape_string($db, $_COOKIE['usersForumId']);
mysqli_query($db, "INSERT INTO forum_plusone (`message`,`cookie`) VALUES ({$postId},'{$usersForumId}')");
} else {
if ($_POST['action'] == 'sendNotifications') {
notificationEveryone();
} else {
if ($_POST['action'] == 'saveSubscription') {
$user = mysqli_real_escape_string($db, $_POST['forumUser']);
$subscriptionId = mysqli_real_escape_string($db, $_POST['subscriptionId']);
// Do nothing if the id is already in the db
function returnSuccess()
{
returnJSON(array("success" => true));
}
//
if (($x4xAjax = gp('x4xAjax')) != '') {
x4index_ajax($x4xAjax);
}
if (($x4xPage = gp('x4xPage')) != '') {
x4index_page($x4xPage);
}
if (($x4xDropdown = gp('x4xDropdown')) != '') {
x4index_dropdown($x4xDropdown);
}
if (gpExists('x4xMenu')) {
x4index_menu();
}
// Take the return values we care about and put them
// out as JSON.
echo returnJSON(returnItems());
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
// Close database connection
// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
if ($AG['dbconn']) {
@pg_close($AG['dbconn']);
}
return;
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//
// TOP-LEVEL EXECUTION NOW ENDS
//
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
// ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# don't show any errors...
error_reporting(E_ALL | E_STRICT);
# ...but do log them
session_start();
include 'config.php';
include 'utils.php';
$response_array = array();
if ($_SESSION["verify"] != "FileManager4TinyMCE") {
$response_array['status'] = 'failure';
$response_array['reason'] = 'Forbidden';
returnJSON($response_array);
}
// Check to make sure we are not traversing the filesystem
if (strpos($_POST['path'], '..') !== false) {
$response_array['status'] = 'failure';
$response_array['reason'] = 'Forbidden Path';
returnJSON($response_array);
}
// Join the path to our root paths
$path = joinPaths($root, $upload_dir, $_POST['path']);
$path_thumbs = joinPaths($root, $thumbs_dir, $_POST['path']);
// DELETE STUFF!!!
if (!(deleteDir($path) && deleteDir($path_thumbs))) {
$response_array['status'] = 'failure';
$response_array['reason'] = 'Error deleting ' . $_POST['path'];
returnJSON($response_array);
} else {
$response_array['status'] = 'success';
$response_array['reason'] = 'Deleted ' . $_POST['path'];
returnJSON($response_array);
}
