function togglestate() { global $apx, $db, $set; $id = (int) $_REQUEST['id']; $status = (int) $_REQUEST['status']; if (!$id) { terminate(); } $open = $apx->session->get('news_cat_open'); $open = array_map('intval', dash_unserialize($open)); if (!is_array($open)) { $open = array(); } if ($status) { if (!in_array($id, $open)) { $open[] = $id; } } else { $index = array_search($id, $open); if ($index !== false) { unset($open[$index]); } } $apx->session->set('news_cat_open', dash_serialize($open)); }
/** * Displays the text for clear Ajax output. * * @param string $outstream The text to output * * @return Bengine_Game_Account_Ajax */ protected function display($outstream) { if (!$this->silence) { terminate($outstream); } return $this; }
/** * Sends a remote request. * * @param string $url Universe url * @param string $username Username * @param string $email E-Mail address * * @return Bengine_Comm_Controller_Password */ protected function _sendRemoteRequest($url, $username, $email) { $url .= Core::getLang()->getOpt("langcode") . "/password/request"; $request = new Recipe_HTTP_Request($url, "Curl"); $request->getSession()->setRequestType("POST")->setPostArgs(array("username" => $username, "email" => $email)); terminate($request->getResponse()); return $this; }
/** * */ public function requestParser($template) { if (!user_allowed_to('backup works')) { return $template; } $merged_post_get = array_merge($_GET, $_POST); if (!isset($merged_post_get['module']) || $merged_post_get['module'] != 'backup') { return $template; } $input_filter = array('backup_name' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9_\\-]+(|\\.zip)$~ui')), 'backup_description' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9_\\s\\-а-яА-Я.:;"]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^(create|restore|delete|download)+$~ui')), 'result' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z_]+$~ui'))); $_INPUT = get_filtered_input($input_filter); $result_text = 'Неизвестное действие'; $result_class = 'backup_result_bad'; switch ($_INPUT['action']) { case 'create': if ($_INPUT['backup_name'] == '') { popup_message_add('Некорректное имя файла', JCMS_MESSAGE_ERROR); break; } // force extension if (substr($_INPUT['backup_name'], -4) != '.zip') { $_INPUT['backup_name'] .= '.zip'; } if (($result = $this->createBackup($_INPUT['backup_name'], $_INPUT['backup_description'])) === true) { popup_message_add('Резервная копия создана', JCMS_MESSAGE_OK); } else { popup_message_add('Не удалось создать резервную копию', JCMS_MESSAGE_ERROR); } terminate('', 'Location: ./?module=backup&action=manage', 302); break; case 'restore': if (($result = $this->restoreBackup($_INPUT['backup_name'])) === true) { popup_message_add('Резервная копия восстановлена', JCMS_MESSAGE_OK); } else { popup_message_add('Не удалось восстановить резервную копию (' . $result . ')', JCMS_MESSAGE_ERROR); } terminate('', 'Location: ./?module=backup&action=manage', 302); break; case 'delete': if ($this->deleteBackup($_INPUT['backup_name'])) { popup_message_add('Резервная копия удалена', JCMS_MESSAGE_OK); } else { popup_message_add('Не удалось удалить резервную копию (' . $result . ')', JCMS_MESSAGE_ERROR); } terminate('', 'Location: ./?module=backup&action=manage', 302); break; case 'download': header('HTTP/1.1 200 OK'); header('Content-Length: ' . filesize(__DIR__ . '/data/' . $_INPUT['backup_name'])); header('Content-Type: octet/stream'); header('Content-Transfer-Encoding: 8bit'); header('Content-Disposition: attachment; filename*=UTF-8\'\'' . str_replace('+', '%20', urlencode(iconv('windows-1251', 'utf-8', $_INPUT['backup_name']))) . ''); readfile(__DIR__ . '/data/' . $_INPUT['backup_name']); exit; break; } return $template; }
/** * Popup login box * * @access public * @return void */ function showLoginBox() { $realm = $GLOBALS['app']->Registry->fetch('realm', 'Settings'); header('WWW-Authenticate: Basic realm="' . $realm . '"'); header('HTTP/1.0 401 Unauthorized'); // This code is only executed if the user hits the cancel button // or in some browsers user enters wrong data 3 times. $data = _t('GLOBAL_ERROR_ACCESS_DENIED'); terminate($data, 401); }
/** * Redirect to referrer page * * @access public * @return void */ static function Referrer() { if (isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])) { $url = $_SERVER['HTTP_REFERER']; } else { $url = $GLOBALS['app']->getSiteURL('/'); } $data = null; terminate($data, 302, $url); }
function getObj(&$query, $ERR_NODATA = false, $ERR_MANYDATA = false) { if ($query->num_rows == 0) { //NO $ERR_NODATA ? terminate(ERR::QUERY_NORESULT, $ERR_NODATA) : terminate(ERR::QUERY_NORESULT); } else { if ($query->num_rows == 1) { return $query->fetch_object(); } else { $ERR_MANYDATA ? terminate(ERR::QUERY_RESULT_LENGTH, $ERR_MANYDATA) : terminate(ERR::QUERY_RESULT_LENGTH); } } }
function handle_error($errno, $errstr, $errfile, $errline, $errcontext) { // timestamp for the error entry $dt = date("Y-m-d H:i:s"); // Make log entries $errortype = array(E_ERROR => 'Error', E_WARNING => 'Warning', E_PARSE => 'Parsing Error', E_NOTICE => 'Notice', E_CORE_ERROR => 'Core Error', E_CORE_WARNING => 'Core Warning', E_COMPILE_ERROR => 'Compile Error', E_COMPILE_WARNING => 'Compile Warning', E_USER_ERROR => 'User Error', E_USER_WARNING => 'User Warning', E_USER_NOTICE => 'User Notice', E_STRICT => 'Runtime Notice', E_RECOVERABLE_ERROR => 'Catchable Fatal Error'); $error_msg = array("DT" => $dt, "E_NO" => $errno, "T" => $errortype, "E" => $errstr, "F" => $errfile, "L" => $errline); //$error_msg = "[$dt] $errortype[$errno] $errstr in $errfile at $errline"; errorLog("{$error_msg}\n"); //Critical errors $critical_errors = array(E_ERROR, E_PARSE, E_CORE_ERROR, E_USER_ERROR); if (in_array($errno, $critical_errors)) { error_log($error_msg, 1, "*****@*****.**"); terminate($error_msg); } }
/** * Includes the appropriate php script * to process the request * * @param string $http_verb the HTTP verb * @param array $parameters the list of parameters passed with the request */ function processRequest($http_verb, $parameters) { if ($http_verb == "GET" && $parameters[0] == "parking" && $parameters[1] == "zone") { include "parking/zone.php"; } else { if ($http_verb == "GET" && $parameters[0] == "parking" && $parameters[1] == "id") { include "parking/id.php"; } else { if ($http_verb == "POST" && $parameters[0] == "parking" && $parameters[1] == "add") { include "parking/add.php"; } else { if ($http_verb == "GET" && $parameters[0] == "feature" && $parameters[1] == "list") { include "feature/list.php"; } else { terminate("unrecognized request"); } } } } }
CMS login/logout routines. Note that it doesn't intersect auth module */ function login_logout() { // display login page instead any content, if requested if (isset($_GET['login']) && (!isset($_SESSION['CMS_AUTH_USER']) || $_SESSION['CMS_AUTH_USER'] == '')) { readfile('lib/login.html'); terminate(); } // check login/password if any if (isset($_POST['action']) && $_POST['action'] == 'checklogin') { if (@$_POST['userlogin'] == 'admin' && @$_POST['userpassword'] == CMS_ADMIN_PASSWORD) { $_SESSION['CMS_AUTH_USER'] = '******'; } } // or logout? if (isset($_GET['logout'])) { $_SESSION['CMS_AUTH_USER'] = ''; unset($_SESSION['CMS_AUTH_USER']); terminate('', 'Location: ./', 302);
return $template; } /** * */ function AJAXHandler() { if (!user_allowed_to('manage files')) { terminate('Forbidden', '', 403); } // also suck something from config $userfiles_dirs = $this->getDirectoriesDescription(); $response = 'bad request'; switch ($_GET['action']) { case 'edit_elem': // check input if (!isset($_GET['file'])) { return 'file not set'; } $filename = $_GET['file']; // check extension if (!($alias = array_search($this->getUserFolderParams($filename), $userfiles_dirs))) { return 'bad extension'; } // some directories are not editable if (in_array($alias, array('files', 'images'))) { return 'not editable content'; } $content = file_get_contents($filename); $xml = new DOMDocument('1.0', 'utf-8'); $xml->preserveWhiteSpace = true; $xml->formatOutput = true; $root = $xml->createElement('root'); $root->appendChild($xml->createElement('category'))->nodeValue = $alias; $root->appendChild($xml->createElement('filename'))->nodeValue = $filename; $root->appendChild($xml->createElement('content'))->appendChild($xml->createCDATASection($content)); $response = XSLTransform($xml->saveXML($root), __DIR__ . '/edit_form.xsl');
<?php // maybe allow some more leeway? $mandatoryParameters = array('name', 'slots', 'openedFrom', 'closedAt', 'entrance', 'exit', 'walking', 'payment', 'latitude', 'longitude', 'features'); // checking that no parameter is missing for ($i = 0; $i < count($mandatoryParameters); $i++) { if (!isset($_POST[$mandatoryParameters[$i]])) { terminate("missing parameter " . $mandatoryParameters[$i]); } } $name = $_POST['name']; $slots = $_POST['slots']; $openingHour = $_POST['openedFrom']; $closingHour = $_POST['closedAt']; $entrance = $_POST['entrance']; $exit = $_POST['exit']; $walking = $_POST['walking']; $payment = $_POST['payment']; $lat = $_POST['latitude']; $lng = $_POST['longitude']; $features = $_POST['features']; $tmp = explode(',', $entrance); $city = trim($tmp[sizeof($tmp) - 1], " "); // default values if (empty($openingHour)) { $openingHour = '00:00:00'; } if (empty($closingHour)) { $closingHour = '23:59:59'; } if (empty($slots)) {
/** * Sends attached file to output * * @param array $input parameters * @param array $return metadata parameters * @param resource $DB database connection to use * @return string 'OK' or some error text */ public static function commentsGetAttached($input, &$return_metadata, $DB) { // check ID first if (($object_id = $input['row_id']) == '') { $return_metadata = array('status' => 'ERROR'); terminate('', 'Bad row ID', 400); } // check if comment exists if ($DB->querySingle("select count(*) from comments where id = '{$object_id}'") == '0') { $return_metadata = array('status' => 'ERROR'); terminate('', 'No comment with this ID', 404); } // check if file was attached and exists now $attached_name = trim($DB->querySingle("select attached_name from comments where id = '{$object_id}'")); if ($attached_name == '') { terminate('', 'No file attached to this comment', 404); } $attached_full_name = self::COMMENTS_ATTACHED_DIR . $object_id; if (!file_exists($attached_full_name)) { terminate('', 'File missing', 500); } // send file type, according to file internal contents $output_name = str_replace('+', '%20', urlencode($attached_name)); file_to_output($attached_full_name, array('Content-Disposition: attachment; filename="' . $output_name . '"', 'Content-Transfer-Encoding: binary', 'Expires: 0', 'Cache-Control: must-revalidate')); exit; }
/** * Standard descendant * * able to call user API */ function requestParser($template) { // use both POST and GET! $merged_post_get = array_merge($_GET, $_POST); if (!isset($merged_post_get['module']) || $merged_post_get['module'] != 'db') { return $template; } // will redirect at the end if "target" become non-empty $redirect_target = false; /*******************************************************************************************************/ // TAG_TODO why calling API at request parser? // add field filters if report specified if (isset($merged_post_get['report_id']) && isset($this->REG['db_api_reports'][$merged_post_get['report_id']])) { foreach ($this->REG['db_api_reports'][$merged_post_get['report_id']]['fields'] as $field_part1 => $field_part2) { $field_definition = $this->getFullFieldDefinition($field_part1, $field_part2); $this->input_filter['edit_' . $field_definition['field']] = array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^' . $field_definition['regexp'] . '$~msu')); } } // note that full filtering is used here as API functions may require unlimited parameter list $filtered_input = get_filtered_input(self::$input_filter, array(FILTER_GET_FULL, FILTER_POST_FULL)); // call API and check if any special flags there $return_metadata = array(); $this->callAPI($filtered_input, $return_metadata); if ($return_metadata['type'] == 'command' && $return_metadata['command'] == 'reload') { $redirect_target = $_SERVER['HTTP_REFERER']; } /*******************************************************************************************************/ // make redirection if was requested above if ($redirect_target) { terminate('', 'Location: ' . $redirect_target, 302); } return $template; }
/** * Fetch the encryption key * * Returns it as MD5 in order to have an exact-length 128 bit key. * Mcrypt is sensitive to keys that are not the correct length * * @param string * @return string */ public function get_key($key = '') { if ($key === '') { if ($this->encryption_key !== '') { return $this->encryption_key; } $key = config_item('encryption_key'); if (!strlen($key)) { terminate('In order to use the encryption class requires that you set an encryption key in your config file.'); } } return md5($key); }
/** * Prints a Fatal Error * * @access public * @param string $message Error message * @param int $backtrace Log trace back level * @param int $http_response_code HTTP response code * @return void */ static function Fatal($message, $backtrace = 0, $http_response_code = 500) { // Set Headers header('Content-Type: text/html; charset=utf-8'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); if ($backtrace >= 0) { $backtrace++; $GLOBALS['log']->Log(JAWS_ERROR_FATAL, $message, $backtrace); } //Get content $content = file_get_contents(JAWS_PATH . 'gadgets/ControlPanel/Templates/FatalError.html'); $content = str_replace('{{message}}', $message, $content); jaws()->http_response_code($http_response_code); terminate($content, $http_response_code, '', false); }
/** * Here generated data for module configuration dialog * */ public function AJAXHandler() { if (!user_allowed_to('manage modules')) { terminate('Forbidden', '', 403); } // фильтруем вход $input_filter = array('target' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui')), 'value' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[\\sa-zA-Zа-яА-Я0-9\\_\\-%!@$^*\\(\\)\\[\\]&=.,/\\\\]+$~ui')), 'hash' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9]+$~ui'))); $_INPUT = get_filtered_input($input_filter); switch ($_INPUT['action']) { case 'get_settings': if (($module_name = $_INPUT['target']) == '') { terminate('Unknown module [from:admin]', '', 404); } // get config XML, mark nodes, transform and return $xml = new DOMDocument('1.0', 'utf-8'); if ($module_name == self::CMS_SETTINGS_MODULE_PHANTOM) { $xml->loadXML($this->CMSSettingsXML()); } else { $xml->load(get_module_config_filename($module_name)); } $this->iterateAndMark($xml); return XSLTransform($xml->saveXML($xml->documentElement), __DIR__ . '/settings_box.xsl'); break; case 'save_setting': if (($module_name = $_INPUT['target']) == '') { terminate('Unknown module [from:admin]', '', 404); } // first, get right XML $xml = new DOMDocument('1.0', 'utf-8'); if ($module_name == self::CMS_SETTINGS_MODULE_PHANTOM) { $xml->loadXML($this->CMSSettingsXML()); } else { $filename = get_module_config_filename($module_name); $xml->load($filename); } // traverse and find the node to change $config_xml_path = $this->config_xml_path; $found = false; // means that node found $this->iterateXMLFromNode($xml->documentElement, function ($element) use(&$found, $_INPUT, $config_xml_path) { $node_path = $element->getNodePath(); if (md5($node_path) == $_INPUT['hash'] && substr($node_path, 0, strlen($config_xml_path)) == $config_xml_path) { $found = $element->nodeName; $element->nodeValue = htmlspecialchars($_INPUT['value']); } }); // if all OK, update file and return good if ($found) { if ($module_name == self::CMS_SETTINGS_MODULE_PHANTOM) { if (!$this->updateConstInFile('./userfiles/_data_common/conf.php', $found, $_INPUT['value'])) { terminate('Error updating file', '', 500); } } else { if (!$xml->save($filename)) { terminate('Error updating file', '', 500); } } return 'OK'; } else { terminate('Config file changed', '', 403); } break; default: terminate('Unknown action [from: admin]', '', 404); break; } }
terminate($result); } if (!is_dir($root . $d)) { if (!mkdir($root . $d, 0777, true)) { $result['status'] = 'fail'; $result['errors'][] = "failed to create new dir"; terminate($result); } if (!is_dir($root . $d)) { $result['status'] = 'fail'; $result['errors'][] = "failed to verify new dir"; terminate($result); } } if (move_uploaded_file($_FILES['upl']['tmp_name'], $root . $d . $_FILES['upl']['name'])) { $result['status'] = 'success'; $result['file_info']['dir'] = $root . $d; $file_info = getimagesize($root . $d . $_FILES['upl']['name']); $result['file_info']['width'] = $file_info[0]; $result['file_info']['height'] = $file_info[1]; $result['file_info']['mime'] = $file_info['mime']; $result['file_info']['size'] = filesize($root . $d . $_FILES['upl']['name']); terminate($result); } } function terminate($result) { echo json_encode($result); exit; } exit;
/** * Check permission on a given gadget/task * * @access public * @param string $gadget Gadget name * @param string $key ACL key(s) name * @param string $subkey ACL subkey name * @param bool $together And/Or tasks permission result, default true * @param string $errorMessage Error message to return * @return mixed True if granted, else throws an Exception(Jaws_Error::Fatal) */ function CheckPermission($gadget, $key, $subkey = '', $together = true, $errorMessage = '') { if ($this->GetPermission($gadget, $key, $subkey, $together)) { return true; } $GLOBALS['app']->InstanceLayout(); $GLOBALS['app']->Layout->LoadControlPanelHead(); $user = Jaws_Gadget::getInstance('Users')->action->load('Default'); $data = $user->ShowNoPermission($this->GetAttribute('username'), $gadget, $key); terminate($data, 403); }
<?php defined('BASEPATH') or terminate('No direct script access allowed'); class CI_Data { public $data_count; public $data_array; private $error; public function __construct() { $this->data_count = 0; $this->data_array = array(); $this->error = load_class('Exceptions', 'core'); } public function handle_data($action, $name, $value = '') { switch ($action) { case 'add': $this->add_data($name, $value); break; case 'remove': $this->remove_data($name); break; } } public function add_data($name, $obj) { $this->data_array[$name] = $obj; $this->data_count++; } public function remove_data($name)
/** * AJAX! * */ function AJAXHandler() { $input_filter = array('id' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^-?[0-9]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui'))); $_INPUT = get_filtered_input($input_filter, array(FILTER_GET_BY_LIST)); // default responce $response = 'unknown function'; switch ($_INPUT['action']) { // add/edit dialog case 'edit_elem': if (!user_allowed_to('manage news')) { terminate('Forbidden', '', 403); } // what to edit if ($_INPUT['id'] == '') { return 'bad ID'; } module_init('menu'); // get element description $q = CMS::$DB->query("select id, caption, link, page, streams, summary from `{$this->CONFIG['table']}` where id={$_INPUT['id']}"); $row = $q->fetch(PDO::FETCH_ASSOC); $row['id'] = $_INPUT['id']; $xml = array_to_xml($row, array('news-edit-data')); // add pages list $xml->documentElement->appendChild($xml->importNode(aliasCatchersAsXML(array('root' => 'page-list'))->documentElement, true)); return XSLTransform($xml->saveXML($xml->documentElement), __DIR__ . '/edit.xsl'); break; } return $response; }
case 'setStatus': if (!check($_GET['value'])) { terminate(ERR::SERVER_DATA); } $status = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT); $status == '1' ? $num = 1 : ($num = 0); $updateBoard = $link->query("UPDATE `boards` SET `status`={$num} WHERE `serial`='{$serial}'") or terminate(ERR::QUERY_CODE); $encode = array("passed" => true, "error" => ""); exit(json_encode($encode)); case 'setCalibration': if (!check($_GET['value'])) { terminate(ERR::SERVER_DATA); } $status = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT); $status == '1' ? $num = 1 : ($num = 0); $updateBoard = $link->query("UPDATE `boards` SET `calibration`={$num} WHERE `serial`='{$serial}'") or terminate(ERR::QUERY_CODE); $encode = array("passed" => true, "error" => ""); exit(json_encode($encode)); case 'toggleStatus': $status = intval($board->status); $status == 1 ? $num = 0 : ($num = 1); $updateBoard = $link->query("UPDATE `boards` SET `status`={$num} WHERE `serial`='{$serial}'") or terminate(ERR::QUERY_CODE); terminate(); case 'getLog': $log_query = $link->query("SELECT * FROM `logs` WHERE `board`='{$serial}' ORDER BY `id` DESC LIMIT 20 ") or terminate(ERR::QUERY_CODE); $logs = array(); while ($log = $log_query->fetch_assoc()) { array_push($logs, array('message' => $log['message'], 'timestamp' => $log['timestamp'])); } exit(json_encode(array('status' => true, 'logs' => $logs))); }
$ReqAction = null; } // set requested in front-end first/home page $GLOBALS['app']->mainIndex = $IsIndex; // Init layout... $GLOBALS['app']->InstanceLayout(); $GLOBALS['app']->Layout->Load(); // Run auto-load methods before standalone actions too $GLOBALS['app']->RunAutoload(); if (empty($ReqError)) { $ReqResult = ''; if (!empty($objAction)) { // set in main request $GLOBALS['app']->inMainRequest = true; $ReqResult = $objAction->Execute($ReqAction); if (Jaws_Error::isError($ReqResult)) { $ReqResult = $ReqResult->GetMessage(); } $GLOBALS['app']->inMainRequest = false; // we must check type of action after execute, because gadget can change it at runtime $IsReqActionStandAlone = $objAction->IsStandAlone($ReqAction); } } else { $ReqResult = Jaws_HTTPError::Get($ReqError); } if (!$IsReqActionStandAlone) { $GLOBALS['app']->Layout->Populate($ReqResult, $AccessToWebsiteDenied); $ReqResult = $GLOBALS['app']->Layout->Get(); } terminate($ReqResult);
} else { if (!$COOKIE_JESSIE_DID_SAY_HELLO) { // say hello in first time $GREETINGS = array("<span style=\"color:#FFF;\">{$MSG_GREETING}, <br/>My name is </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span> <br/><span style=\"color:#FFF;\">I'm here to assist your task.</span>", "<span style=\"color:#FFF;\">{$MSG_GREETING}, I'm </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span> <br/><span style=\"color:#FFF;\">{$COMMENT_ON_TIME}</span>"); } else { $GREETINGS = array("<span style=\"color:#FFF;\">{$COMMENT_ON_TIME} <br/>It's me, </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span>", "<span style=\"color:#FFF;\">You're back! <br/>It's me, </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span>"); } } $random_idx = rand(0, COUNT($GREETINGS) - 1); array_push($result->query_output_arr, $GREETINGS[$random_idx]); } else { if ($params->isYes($params->JESSIE_NEEDS_LOGIN)) { // 사용자에게 로그인을 권유합니다. $MSG_ARR = array("<span style=\"color:#FFF;\">You look great today!</span><br/> " . "<span style=\"color:#FFF;\">However I don't know who you are.</span> " . "<span style=\"color:#FFF;\">If you're <span style=\"color:#FF6699;\"><strong>login</strong></span>, I'd be your friend.</span>", "<span style=\"color:#FFF;\">Good day to do somthing!</span><br/> " . "<span style=\"color:#FFF;\">However I have no idea who you are.</span> " . "<span style=\"color:#FFF;\">If you don't mind,</span><span style=\"color:#FFF;\">Just <span style=\"color:#FF6699;\"><strong>logged in.</strong></span>"); array_push($result->query_output_arr, getRandomElement($MSG_ARR)); } else { if ($params->isYes($params->JESSIE_CHECK_MEMBER_STATUS)) { // 로그인 했다면 회원의 정보를 가져옵니다. $MEMBER_ID = intval($WHAT_I_AM_JESSIE->__member_id); $MEMBERSHIP_ID = intval($WHAT_I_AM_JESSIE->__membership_id); $MSG_ABOUT_MOST_ADVANCED_ROLE = getRoleMessageMostImproved($wdj_mysql_interface, $params, $MEMBER_ID, $MEMBERSHIP_ID); $MSG_ABOUT_MOST_BEHIND_ROLE = getRoleMessageMostBehind($wdj_mysql_interface, $params, $MEMBER_ID, $MEMBERSHIP_ID); $MSG_ARR = array($MSG_ABOUT_MOST_ADVANCED_ROLE, $MSG_ABOUT_MOST_BEHIND_ROLE); array_push($result->query_output_arr, getRandomElement($MSG_ARR)); } } } terminate($wdj_mysql_interface, $result, $debug_stack_array, $debug); ?>
/** * Set default controller * * @return void */ protected function _set_default_controller() { if (empty($this->default_controller)) { terminate('Unable to determine what should be displayed. A default route has not been specified in the routing file.'); } // Is the method being specified? if (sscanf($this->default_controller, '%[^/]/%s', $class, $method) !== 2) { $method = 'index'; } if (!file_exists(APPPATH . 'controllers/' . $this->directory . ucfirst($class) . '.php')) { // This will trigger 404 later return; } $this->set_class($class); $this->set_method($method); // Assign routed segments, index starting from 1 $this->uri->rsegments = array(1 => $class, 2 => $method); log_message('debug', 'No URI present. Default controller set.'); }
/** * Internal CI Library Instantiator * * @used-by CI_Loader::_ci_load_stock_library() * @used-by CI_Loader::_ci_load_library() * * @param string $class Class name * @param string $prefix Class name prefix * @param array|null|bool $config Optional configuration to pass to the class constructor: * FALSE to skip; * NULL to search in config paths; * array containing configuration data * @param string $object_name Optional object name to assign to * @return void */ protected function _ci_init_library($class, $prefix, $config = FALSE, $object_name = NULL) { // Is there an associated config file for this class? Note: these should always be lowercase if ($config === NULL) { // Fetch the config paths containing any package paths $config_component = $this->_ci_get_component('config'); if (is_array($config_component->_config_paths)) { $found = FALSE; foreach ($config_component->_config_paths as $path) { // We test for both uppercase and lowercase, for servers that // are case-sensitive with regard to file names. Load global first, // override with environment next if (file_exists($path . 'config/' . strtolower($class) . '.php')) { include $path . 'config/' . strtolower($class) . '.php'; $found = TRUE; } elseif (file_exists($path . 'config/' . ucfirst(strtolower($class)) . '.php')) { include $path . 'config/' . ucfirst(strtolower($class)) . '.php'; $found = TRUE; } if (file_exists($path . 'config/' . ENVIRONMENT . '/' . strtolower($class) . '.php')) { include $path . 'config/' . ENVIRONMENT . '/' . strtolower($class) . '.php'; $found = TRUE; } elseif (file_exists($path . 'config/' . ENVIRONMENT . '/' . ucfirst(strtolower($class)) . '.php')) { include $path . 'config/' . ENVIRONMENT . '/' . ucfirst(strtolower($class)) . '.php'; $found = TRUE; } // Break on the first found configuration, thus package // files are not overridden by default paths if ($found === TRUE) { break; } } } } $class_name = $prefix . $class; // Is the class name valid? if (!class_exists($class_name, FALSE)) { log_message('error', 'Non-existent class: ' . $class_name); terminate('Non-existent class: ' . $class_name); } // Set the variable name we will assign the class to // Was a custom class name supplied? If so we'll use it if (empty($object_name)) { $object_name = strtolower($class); if (isset($this->_ci_varmap[$object_name])) { $object_name = $this->_ci_varmap[$object_name]; } } // Don't overwrite existing properties $CI =& get_instance(); if (isset($CI->{$object_name})) { if ($CI->{$object_name} instanceof $class_name) { log_message('debug', $class_name . " has already been instantiated as '" . $object_name . "'. Second attempt aborted."); return; } terminate("Resource '" . $object_name . "' already exists and is not a " . $class_name . " instance."); } // Save the class name and object name $this->_ci_classes[$object_name] = $class; // Instantiate the class $CI->{$object_name} = isset($config) ? new $class_name($config) : new $class_name(); }
<?php //Comprobacion de permisos del usuario include "../checkauth.php"; include "../funciones.php"; include "../dataconnection.php"; if (!isset($_POST['recurso_id']) or !isset($_POST['contenido']) or !is_numeric($_POST['recurso_id']) or $_POST['contenido'] == "") { terminate($conexion, true, "Bad Parameters"); } else { $queEmp = "INSERT INTO comentario_recurso VALUES(NULL, " . $_POST['recurso_id'] . ", " . $_SESSION['usuario_id'] . ", '" . $_POST['contenido'] . "', NOW())"; $resEmp = mysql_query($queEmp, $conexion) or terminate($conexion, true, mysql_error()); } terminate($conexion);
/** * Generate just a single function stub file * */ function singleFunction() { $func = new CodeGen_PECL_Element_Function(); $func->setRole("public"); $err = $func->setProto(trim($this->options->value("function"))); if (PEAR::isError($err)) { terminate($err->get_message()); } $err = $this->extension->addFunction($func); if (PEAR::isError($err)) { terminate($err->get_message()); } echo $this->extension->publicFunctionsC(); echo "\n\n/*----------------------------------------------------------------------*/\n\n"; foreach ($this->extension->functions as $name => $function) { echo sprintf("\tPHP_FE(%-20s, NULL)\n", $name); } echo "\n\n/*----------------------------------------------------------------------*/\n\n"; foreach ($this->extension->functions as $name => $function) { echo "PHP_FUNCTION({$name});\n"; } }
/** * Loads layout template * * @access public * @param string $layout_path Optional layout file path * @param string $layout_file Optional layout file name * @return void */ function Load($layout_path = '', $layout_file = '') { if ($this->attributes['site_status'] == 'disabled' && (JAWS_SCRIPT != 'admin' || $GLOBALS['app']->Session->Logged()) && !$GLOBALS['app']->Session->IsSuperAdmin()) { $data = Jaws_HTTPError::Get(503); terminate($data, 503); } $favicon = $this->attributes['site_favicon']; if (!empty($favicon)) { switch (pathinfo(basename($favicon), PATHINFO_EXTENSION)) { case 'svg': $this->AddHeadLink($favicon, 'icon', 'image/svg'); break; case 'png': $this->AddHeadLink($favicon, 'icon', 'image/png'); break; case 'ico': $this->AddHeadLink($favicon, 'icon', 'image/vnd.microsoft.icon'); break; case 'gif': $this->AddHeadLink($favicon, 'icon', 'image/gif'); break; } } $this->AddScriptLink('libraries/jquery/jquery.js?' . JAWS_VERSION); $this->AddScriptLink('include/Jaws/Resources/Ajax.js?' . JAWS_VERSION); if (empty($layout_path)) { $theme = $GLOBALS['app']->GetTheme(); if (!$theme['exists']) { Jaws_Error::Fatal('Theme ' . $theme['name'] . ' doesn\'t exists.'); } $layout_path = $theme['path']; $this->IndexLayout = $GLOBALS['app']->mainIndex && $theme['index']; if (empty($layout_file)) { $layout_file = $this->IndexLayout ? 'index.html' : 'layout.html'; } } $this->_Template = new Jaws_Template(); $this->_Template->Load($layout_file, $layout_path); $this->_Template->SetBlock('layout'); $direction = _t('GLOBAL_LANG_DIRECTION'); $dir = $direction == 'rtl' ? ".{$direction}" : ''; $browser = $GLOBALS['app']->GetBrowserFlag(); $browser = empty($browser) ? '' : ".{$browser}"; $base_url = $GLOBALS['app']->GetSiteURL('/'); $this->_Template->SetVariable('base_url', $base_url); $this->_Template->SetVariable('skip_to_content', _t('GLOBAL_SKIP_TO_CONTENT')); $this->_Template->SetVariable('.dir', $dir); $this->_Template->SetVariable('.browser', $browser); $this->_Template->SetVariable('site-url', $base_url); $this->_Template->SetVariable('site-direction', $direction); $this->_Template->SetVariable('site-name', $this->attributes['site_name']); $this->_Template->SetVariable('site-slogan', $this->attributes['site_slogan']); $this->_Template->SetVariable('site-comment', $this->attributes['site_comment']); $this->_Template->SetVariable('site-author', $this->attributes['site_author']); $this->_Template->SetVariable('site-license', $this->attributes['site_license']); $this->_Template->SetVariable('site-copyright', $this->attributes['site_copyright']); $cMetas = @unserialize($this->attributes['site_custom_meta']); if (!empty($cMetas)) { foreach ($cMetas as $cMeta) { $this->AddHeadMeta($cMeta[0], $cMeta[1]); } } $this->_Template->SetVariable('encoding', 'utf-8'); $this->_Template->SetVariable('loading-message', _t('GLOBAL_LOADING')); }
<?php //Comprobacion de permisos del usuario include "../checkauth.php"; include "../funciones.php"; include "../dataconnection.php"; if (!isset($_POST['usuario_id'])) { header('HTTP/1.1 500 Internal Server Error'); mysql_close($conexion); die; } else { $queEmp = "SELECT grupo_id FROM grupo_usuario WHERE usuario_id=" . $_POST['usuario_id'] . " LIMIT 1"; $resEmp = mysql_query($queEmp, $conexion) or die(mysql_error()); $totEmp = mysql_num_rows($resEmp); if ($totEmp == 0) { terminate($conexion, true, "No groups"); } else { $row = mysql_fetch_assoc($resEmp); echo json_encode($row); } } mysql_close($conexion);