public function getTokenAction() { $token_name = $this->request->get('token_name'); if (!$token_name) { $token_name = 'form_token'; } $form_token = md5(uniqid(microtime(true) * 1000) . uniqid()); $this->session->set($token_name, $form_token); logLog('[IP:' . $_SERVER['REMOTE_ADDR'] . '][' . $token_name . ':' . $form_token . ']'); returnJSON(array('err' => 1, 'data' => $form_token)); }
function set() { ignore_user_abort(true); if (function_exists('apache_setenv')) { apache_setenv('no-gzip', 1); } ini_set('zlib.output_compression', 0); if (ob_get_level() == 0) { ob_start(); } header('Content-encoding: none', true); if (!empty($_GET['return']) && $_GET['return'] == 'pixel') { returnImage(); } else { returnJSON(); } }
$action = m_get('action'); $userid = m_get('userid'); $url = m_get('url'); $title = m_get('title'); // Split userid into username and domain $parts = explode('@', $userid); if ($userid && count($parts) !== 2) { $err = 'Invalid User ID'; } else { if ($userid) { $username = $parts[0]; $domain = 'http://' . $parts[1]; switch ($action) { // Return instance info in JSON format case 'poke': returnJSON($username, $domain); break; // Redirect to the instance's posting page // Redirect to the instance's posting page case 'share': share($username, $domain, $title, $url); break; } } } /** * $_GET wrapper * * Just to get rid of warnings when value isn't in array */ function m_get($param)
function ExtGPIO() { global $args; $result = array(); $gpio = $args['gpio']; $mode = $args['mode']; $val = $args['val']; check($gpio, "gpio", __FUNCTION__); check($mode, "mode", __FUNCTION__); check($val, "val", __FUNCTION__); $status = SendCommand(sprintf("ExtGPIO,%s,%s,%s", $gpio, $mode, $val)); $status = explode(',', $status, 14); if ((int) $status[1] >= 0) { $result['status'] = 'success'; $result['result'] = $status[6]; } else { $result['status'] = 'failed'; } returnJSON($result); }
/** * 请求 POST * @return type */ private function request() { $ret = ''; $ispost = FALSE; if (!YApp::getConfig('YUC_CODE_IS_LOCAL')) { $ispost = TRUE; $client_back = $this->doPost(); $cfg = $client_back['content']; $c_status = $client_back['status']; YLog::Write(var_export($cfg, TRUE), YLog::DEBUG); } else { YucMonitor::report("REPORT_0001"); $cfg['result']['code'] = 'O_CODELOCAL_001'; $cfg['result']['details'] = '强制被本地化处理!'; YLog::Write('强制本地化验证码', YLog::DEBUG); } if (!YApp::getConfig('YUC_CODE_IS_LOCAL') && $c_status == 200 && is_array($cfg) && isset($cfg['service']['type']) && $cfg['service']['type'] == 1) { YLog::Write('远程响应正常,开始处理远程服务!', YLog::DEBUG); $this->_comparam->createdFromArray($cfg['config']); $this->_comparam->createdFromArray($cfg['picserver']); $this->_comparam->createdFromArray($cfg['session']); $this->_comparam->createdFromArray($cfg['position']); $this->_comparam->set('request_type', 1); $this->_comparam->set('result', returnJSON($cfg['result'])); if (isset($cfg["reject"])) { $ret .= $this->_comparam->createdJsVar(json_decode($cfg["reject"])); } $ret .= $cfg["js"]["extra"]; //远程和本地通信缓存交互 if ($cfg['js']['cached'] === 1) { YLog::Write('加载本地缓存 JS Code', YLog::DEBUG); $ret .= $this->_local->getCachedJsCode(); } else { YLog::Write('加载远程 JS Code', YLog::DEBUG); $ret .= $cfg['js']['jscode']; $this->_local->setCachedJsCode($cfg['js']['jscode']); } posi_update($cfg['update_posi']); //更新广告位信息 } else { if ($ispost && $c_status != 200) { YucMonitor::report("REPORT_0002"); YLog::Write('远程响应出现异常,开始本地服务!', YLog::DEBUG); } else { if (isset($cfg['service']['type']) && $cfg['service']['type'] == 1) { YLog::Write('远程切换服务,开始本地服务!', YLog::DEBUG); } else { YucMonitor::report("REPORT_0003"); YLog::Write('其它原因导致,开始本地服务!', YLog::DEBUG); } } $this->_comparam->set('imgsrc', ''); $this->_comparam->set('request_type', 0); $this->_comparam->set('ssid', returnJSON($this->_local->getCreatedSsid())); $this->_comparam->set('posiid', returnJSON($this->_local->getPosiIdTeam())); $this->_comparam->set('show_type', returnJSON($this->_local->getShowType())); $this->_comparam->set('result', returnJSON($cfg['result'])); $ret .= $this->loadJs('server.js'); $ret .= $this->_comparam->createdJsVar(array('ssid', 'show_type', 'posiid', 'result')); $ret .= $this->loadJs('loadImg.js'); } return $ret; }
public function CreatePoiImageAction() { //只接受文件流 $img = uploads('temp/poi/'); logDebug(json_encode($img)); if (is_array($img) && !isset($img[0]['error']) && FALSE != $img) { $this->di['wechat']->createPoiLogo($img); foreach ($img as $val) { unlink(ROOT_DIR . DIRECTORY_SEPARATOR . 'Public' . DIRECTORY_SEPARATOR . $val); } returnJSON(array('err' => '1', 'wechat_url' => $this->di['wechat']->url)); return; } returnJSON(array('err' => '0', 'errmsg' => $img[0]['error'])); return; }
function SaveScript() { global $args; global $settings; $result = array(); if (!isset($args['data'])) { $result['saveStatus'] = "Error, incorrect info"; returnJSON($result); } $data = json_decode($args['data'], true); if (isset($data['scriptName']) && isset($data['scriptBody'])) { $filename = $settings['scriptDirectory'] . '/' . $data['scriptName']; $content = $data['scriptBody']; if (file_exists($filename)) { if (@file_put_contents($filename, $content)) { $result['saveStatus'] = "OK"; $result['scriptName'] = $data['scriptName']; $result['scriptBody'] = $data['scriptBody']; } else { $result['saveStatus'] = "Error updating file"; } } else { $result['saveStatus'] = "Error, file does not exist"; } } else { $result['saveStatus'] = "Error, missing info"; } returnJSON($result); }
} returnJSON($a); break; case 'comment': $context = $_GET['context']; $wordID = $_GET['wordID']; $user = $_GET['user']; $text = $_GET['text']; $q = "INSERT INTO `{$table_comments}`(context, wordID, user, text) VALUES ('{$context}', '{$wordID}', '{$user}', '{$text}')"; returnJSON(mysql_query($q) ? array('result' => true) : array('result' => mysql_error())); break; case 'getComments': $wordID = $_GET['wordID']; $q = mysql_query("SELECT * FROM `{$table_comments}` WHERE wordID='{$wordID}'"); $a = array(); while ($r = mysql_fetch_assoc($q)) { $a[] = array('user' => $r['user'], 'text' => htmlspecialchars($r['text'])); } returnJSON($a); break; } function returnJSON($arr) { if (!headers_sent()) { header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Content-type: application/json'); } echo json_encode($arr); exit; }
$clientIp = $_SERVER['REMOTE_ADDR'] == '::1' ? '00000000' : encode_ip($_SERVER['REMOTE_ADDR']); $forumId = mysqli_real_escape_string($db, $_POST['forumId']); $postId = mysqli_real_escape_string($db, $_POST['postId']); $usersForumId = mysqli_real_escape_string($db, $_COOKIE['usersForumId']); $forumUser = mysqli_real_escape_string($db, $_POST['forumUser']); $forumMessage = mysqli_real_escape_string($db, htmlentities($_POST['forumMessage'])); $forumMessage = $emojione->toShort($forumMessage); $postTime = time(); // Check for spam checkSpam($clientIp, $forumUser, $forumMessage); // Copy previous post to deleted forum $backupSQL = "INSERT INTO `forum_posts`(`parent_id`, `forum`, `users_forum_id`, `sender`, `post_time`, `message`, `ipaddress`, `length1`, `length2`)\n SELECT `parent_id`, 0, `users_forum_id`, `sender`, `post_time`, `message`, `ipaddress`, `length1`, `length2` FROM `forum_posts` WHERE `id` = {$postId}"; $updateSQL = "UPDATE `forum_posts` SET `message` = '{$forumMessage}', `ipaddress` = '{$clientIp}' WHERE `id` = {$postId}"; if (!mysqli_query($db, $backupSQL) || !mysqli_query($db, $updateSQL)) { $errorData = mysqli_error($db); returnJSON('error', $errorData); } header("Location: forum/" . $forumId . "#" . $postId); } else { if ($_POST['action'] == 'updateLikeCount') { $postId = mysqli_real_escape_string($db, $_POST['postId']); $usersForumId = mysqli_real_escape_string($db, $_COOKIE['usersForumId']); mysqli_query($db, "INSERT INTO forum_plusone (`message`,`cookie`) VALUES ({$postId},'{$usersForumId}')"); } else { if ($_POST['action'] == 'sendNotifications') { notificationEveryone(); } else { if ($_POST['action'] == 'saveSubscription') { $user = mysqli_real_escape_string($db, $_POST['forumUser']); $subscriptionId = mysqli_real_escape_string($db, $_POST['subscriptionId']); // Do nothing if the id is already in the db
function returnSuccess() { returnJSON(array("success" => true)); }
// if (($x4xAjax = gp('x4xAjax')) != '') { x4index_ajax($x4xAjax); } if (($x4xPage = gp('x4xPage')) != '') { x4index_page($x4xPage); } if (($x4xDropdown = gp('x4xDropdown')) != '') { x4index_dropdown($x4xDropdown); } if (gpExists('x4xMenu')) { x4index_menu(); } // Take the return values we care about and put them // out as JSON. echo returnJSON(returnItems()); // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - // Close database connection // - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - if ($AG['dbconn']) { @pg_close($AG['dbconn']); } return; // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ // // TOP-LEVEL EXECUTION NOW ENDS // // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ // ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ // ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# don't show any errors... error_reporting(E_ALL | E_STRICT); # ...but do log them session_start(); include 'config.php'; include 'utils.php'; $response_array = array(); if ($_SESSION["verify"] != "FileManager4TinyMCE") { $response_array['status'] = 'failure'; $response_array['reason'] = 'Forbidden'; returnJSON($response_array); } // Check to make sure we are not traversing the filesystem if (strpos($_POST['path'], '..') !== false) { $response_array['status'] = 'failure'; $response_array['reason'] = 'Forbidden Path'; returnJSON($response_array); } // Join the path to our root paths $path = joinPaths($root, $upload_dir, $_POST['path']); $path_thumbs = joinPaths($root, $thumbs_dir, $_POST['path']); // DELETE STUFF!!! if (!(deleteDir($path) && deleteDir($path_thumbs))) { $response_array['status'] = 'failure'; $response_array['reason'] = 'Error deleting ' . $_POST['path']; returnJSON($response_array); } else { $response_array['status'] = 'success'; $response_array['reason'] = 'Deleted ' . $_POST['path']; returnJSON($response_array); }