function togglestate()
{
global $apx, $db, $set;
$id = (int) $_REQUEST['id'];
$status = (int) $_REQUEST['status'];
if (!$id) {
terminate();
}
$open = $apx->session->get('news_cat_open');
$open = array_map('intval', dash_unserialize($open));
if (!is_array($open)) {
$open = array();
}
if ($status) {
if (!in_array($id, $open)) {
$open[] = $id;
}
} else {
$index = array_search($id, $open);
if ($index !== false) {
unset($open[$index]);
}
}
$apx->session->set('news_cat_open', dash_serialize($open));
}
/**
* Displays the text for clear Ajax output.
*
* @param string $outstream The text to output
*
* @return Bengine_Game_Account_Ajax
*/
protected function display($outstream)
{
if (!$this->silence) {
terminate($outstream);
}
return $this;
}
/**
* Sends a remote request.
*
* @param string $url Universe url
* @param string $username Username
* @param string $email E-Mail address
*
* @return Bengine_Comm_Controller_Password
*/
protected function _sendRemoteRequest($url, $username, $email)
{
$url .= Core::getLang()->getOpt("langcode") . "/password/request";
$request = new Recipe_HTTP_Request($url, "Curl");
$request->getSession()->setRequestType("POST")->setPostArgs(array("username" => $username, "email" => $email));
terminate($request->getResponse());
return $this;
}
/**
*
*/
public function requestParser($template)
{
if (!user_allowed_to('backup works')) {
return $template;
}
$merged_post_get = array_merge($_GET, $_POST);
if (!isset($merged_post_get['module']) || $merged_post_get['module'] != 'backup') {
return $template;
}
$input_filter = array('backup_name' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9_\\-]+(|\\.zip)$~ui')), 'backup_description' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9_\\s\\-а-яА-Я.:;"]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^(create|restore|delete|download)+$~ui')), 'result' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z_]+$~ui')));
$_INPUT = get_filtered_input($input_filter);
$result_text = 'Неизвестное действие';
$result_class = 'backup_result_bad';
switch ($_INPUT['action']) {
case 'create':
if ($_INPUT['backup_name'] == '') {
popup_message_add('Некорректное имя файла', JCMS_MESSAGE_ERROR);
break;
}
// force extension
if (substr($_INPUT['backup_name'], -4) != '.zip') {
$_INPUT['backup_name'] .= '.zip';
}
if (($result = $this->createBackup($_INPUT['backup_name'], $_INPUT['backup_description'])) === true) {
popup_message_add('Резервная копия создана', JCMS_MESSAGE_OK);
} else {
popup_message_add('Не удалось создать резервную копию', JCMS_MESSAGE_ERROR);
}
terminate('', 'Location: ./?module=backup&action=manage', 302);
break;
case 'restore':
if (($result = $this->restoreBackup($_INPUT['backup_name'])) === true) {
popup_message_add('Резервная копия восстановлена', JCMS_MESSAGE_OK);
} else {
popup_message_add('Не удалось восстановить резервную копию (' . $result . ')', JCMS_MESSAGE_ERROR);
}
terminate('', 'Location: ./?module=backup&action=manage', 302);
break;
case 'delete':
if ($this->deleteBackup($_INPUT['backup_name'])) {
popup_message_add('Резервная копия удалена', JCMS_MESSAGE_OK);
} else {
popup_message_add('Не удалось удалить резервную копию (' . $result . ')', JCMS_MESSAGE_ERROR);
}
terminate('', 'Location: ./?module=backup&action=manage', 302);
break;
case 'download':
header('HTTP/1.1 200 OK');
header('Content-Length: ' . filesize(__DIR__ . '/data/' . $_INPUT['backup_name']));
header('Content-Type: octet/stream');
header('Content-Transfer-Encoding: 8bit');
header('Content-Disposition: attachment; filename*=UTF-8\'\'' . str_replace('+', '%20', urlencode(iconv('windows-1251', 'utf-8', $_INPUT['backup_name']))) . '');
readfile(__DIR__ . '/data/' . $_INPUT['backup_name']);
exit;
break;
}
return $template;
}
/**
* Popup login box
*
* @access public
* @return void
*/
function showLoginBox()
{
$realm = $GLOBALS['app']->Registry->fetch('realm', 'Settings');
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
// This code is only executed if the user hits the cancel button
// or in some browsers user enters wrong data 3 times.
$data = _t('GLOBAL_ERROR_ACCESS_DENIED');
terminate($data, 401);
}
/**
* Redirect to referrer page
*
* @access public
* @return void
*/
static function Referrer()
{
if (isset($_SERVER['HTTP_REFERER']) && !empty($_SERVER['HTTP_REFERER'])) {
$url = $_SERVER['HTTP_REFERER'];
} else {
$url = $GLOBALS['app']->getSiteURL('/');
}
$data = null;
terminate($data, 302, $url);
}
function getObj(&$query, $ERR_NODATA = false, $ERR_MANYDATA = false)
{
if ($query->num_rows == 0) {
//NO
$ERR_NODATA ? terminate(ERR::QUERY_NORESULT, $ERR_NODATA) : terminate(ERR::QUERY_NORESULT);
} else {
if ($query->num_rows == 1) {
return $query->fetch_object();
} else {
$ERR_MANYDATA ? terminate(ERR::QUERY_RESULT_LENGTH, $ERR_MANYDATA) : terminate(ERR::QUERY_RESULT_LENGTH);
}
}
}
function handle_error($errno, $errstr, $errfile, $errline, $errcontext)
{
// timestamp for the error entry
$dt = date("Y-m-d H:i:s");
// Make log entries
$errortype = array(E_ERROR => 'Error', E_WARNING => 'Warning', E_PARSE => 'Parsing Error', E_NOTICE => 'Notice', E_CORE_ERROR => 'Core Error', E_CORE_WARNING => 'Core Warning', E_COMPILE_ERROR => 'Compile Error', E_COMPILE_WARNING => 'Compile Warning', E_USER_ERROR => 'User Error', E_USER_WARNING => 'User Warning', E_USER_NOTICE => 'User Notice', E_STRICT => 'Runtime Notice', E_RECOVERABLE_ERROR => 'Catchable Fatal Error');
$error_msg = array("DT" => $dt, "E_NO" => $errno, "T" => $errortype, "E" => $errstr, "F" => $errfile, "L" => $errline);
//$error_msg = "[$dt] $errortype[$errno] $errstr in $errfile at $errline";
errorLog("{$error_msg}\n");
//Critical errors
$critical_errors = array(E_ERROR, E_PARSE, E_CORE_ERROR, E_USER_ERROR);
if (in_array($errno, $critical_errors)) {
error_log($error_msg, 1, "*****@*****.**");
terminate($error_msg);
}
}
/**
* Includes the appropriate php script
* to process the request
*
* @param string $http_verb the HTTP verb
* @param array $parameters the list of parameters passed with the request
*/
function processRequest($http_verb, $parameters)
{
if ($http_verb == "GET" && $parameters[0] == "parking" && $parameters[1] == "zone") {
include "parking/zone.php";
} else {
if ($http_verb == "GET" && $parameters[0] == "parking" && $parameters[1] == "id") {
include "parking/id.php";
} else {
if ($http_verb == "POST" && $parameters[0] == "parking" && $parameters[1] == "add") {
include "parking/add.php";
} else {
if ($http_verb == "GET" && $parameters[0] == "feature" && $parameters[1] == "list") {
include "feature/list.php";
} else {
terminate("unrecognized request");
}
}
}
}
}
CMS login/logout routines. Note that it doesn't intersect auth module
*/
function login_logout()
{
// display login page instead any content, if requested
if (isset($_GET['login']) && (!isset($_SESSION['CMS_AUTH_USER']) || $_SESSION['CMS_AUTH_USER'] == '')) {
readfile('lib/login.html');
terminate();
}
// check login/password if any
if (isset($_POST['action']) && $_POST['action'] == 'checklogin') {
if (@$_POST['userlogin'] == 'admin' && @$_POST['userpassword'] == CMS_ADMIN_PASSWORD) {
$_SESSION['CMS_AUTH_USER'] = '******';
}
}
// or logout?
if (isset($_GET['logout'])) {
$_SESSION['CMS_AUTH_USER'] = '';
unset($_SESSION['CMS_AUTH_USER']);
terminate('', 'Location: ./', 302);
return $template;
}
/**
*
*/
function AJAXHandler()
{
if (!user_allowed_to('manage files')) {
terminate('Forbidden', '', 403);
}
// also suck something from config
$userfiles_dirs = $this->getDirectoriesDescription();
$response = 'bad request';
switch ($_GET['action']) {
case 'edit_elem':
// check input
if (!isset($_GET['file'])) {
return 'file not set';
}
$filename = $_GET['file'];
// check extension
if (!($alias = array_search($this->getUserFolderParams($filename), $userfiles_dirs))) {
return 'bad extension';
}
// some directories are not editable
if (in_array($alias, array('files', 'images'))) {
return 'not editable content';
}
$content = file_get_contents($filename);
$xml = new DOMDocument('1.0', 'utf-8');
$xml->preserveWhiteSpace = true;
$xml->formatOutput = true;
$root = $xml->createElement('root');
$root->appendChild($xml->createElement('category'))->nodeValue = $alias;
$root->appendChild($xml->createElement('filename'))->nodeValue = $filename;
$root->appendChild($xml->createElement('content'))->appendChild($xml->createCDATASection($content));
$response = XSLTransform($xml->saveXML($root), __DIR__ . '/edit_form.xsl');
<?php
// maybe allow some more leeway?
$mandatoryParameters = array('name', 'slots', 'openedFrom', 'closedAt', 'entrance', 'exit', 'walking', 'payment', 'latitude', 'longitude', 'features');
// checking that no parameter is missing
for ($i = 0; $i < count($mandatoryParameters); $i++) {
if (!isset($_POST[$mandatoryParameters[$i]])) {
terminate("missing parameter " . $mandatoryParameters[$i]);
}
}
$name = $_POST['name'];
$slots = $_POST['slots'];
$openingHour = $_POST['openedFrom'];
$closingHour = $_POST['closedAt'];
$entrance = $_POST['entrance'];
$exit = $_POST['exit'];
$walking = $_POST['walking'];
$payment = $_POST['payment'];
$lat = $_POST['latitude'];
$lng = $_POST['longitude'];
$features = $_POST['features'];
$tmp = explode(',', $entrance);
$city = trim($tmp[sizeof($tmp) - 1], " ");
// default values
if (empty($openingHour)) {
$openingHour = '00:00:00';
}
if (empty($closingHour)) {
$closingHour = '23:59:59';
}
if (empty($slots)) {
/**
* Sends attached file to output
*
* @param array $input parameters
* @param array $return metadata parameters
* @param resource $DB database connection to use
* @return string 'OK' or some error text
*/
public static function commentsGetAttached($input, &$return_metadata, $DB)
{
// check ID first
if (($object_id = $input['row_id']) == '') {
$return_metadata = array('status' => 'ERROR');
terminate('', 'Bad row ID', 400);
}
// check if comment exists
if ($DB->querySingle("select count(*) from comments where id = '{$object_id}'") == '0') {
$return_metadata = array('status' => 'ERROR');
terminate('', 'No comment with this ID', 404);
}
// check if file was attached and exists now
$attached_name = trim($DB->querySingle("select attached_name from comments where id = '{$object_id}'"));
if ($attached_name == '') {
terminate('', 'No file attached to this comment', 404);
}
$attached_full_name = self::COMMENTS_ATTACHED_DIR . $object_id;
if (!file_exists($attached_full_name)) {
terminate('', 'File missing', 500);
}
// send file type, according to file internal contents
$output_name = str_replace('+', '%20', urlencode($attached_name));
file_to_output($attached_full_name, array('Content-Disposition: attachment; filename="' . $output_name . '"', 'Content-Transfer-Encoding: binary', 'Expires: 0', 'Cache-Control: must-revalidate'));
exit;
}
/**
* Standard descendant
*
* able to call user API
*/
function requestParser($template)
{
// use both POST and GET!
$merged_post_get = array_merge($_GET, $_POST);
if (!isset($merged_post_get['module']) || $merged_post_get['module'] != 'db') {
return $template;
}
// will redirect at the end if "target" become non-empty
$redirect_target = false;
/*******************************************************************************************************/
// TAG_TODO why calling API at request parser?
// add field filters if report specified
if (isset($merged_post_get['report_id']) && isset($this->REG['db_api_reports'][$merged_post_get['report_id']])) {
foreach ($this->REG['db_api_reports'][$merged_post_get['report_id']]['fields'] as $field_part1 => $field_part2) {
$field_definition = $this->getFullFieldDefinition($field_part1, $field_part2);
$this->input_filter['edit_' . $field_definition['field']] = array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^' . $field_definition['regexp'] . '$~msu'));
}
}
// note that full filtering is used here as API functions may require unlimited parameter list
$filtered_input = get_filtered_input(self::$input_filter, array(FILTER_GET_FULL, FILTER_POST_FULL));
// call API and check if any special flags there
$return_metadata = array();
$this->callAPI($filtered_input, $return_metadata);
if ($return_metadata['type'] == 'command' && $return_metadata['command'] == 'reload') {
$redirect_target = $_SERVER['HTTP_REFERER'];
}
/*******************************************************************************************************/
// make redirection if was requested above
if ($redirect_target) {
terminate('', 'Location: ' . $redirect_target, 302);
}
return $template;
}
/**
* Fetch the encryption key
*
* Returns it as MD5 in order to have an exact-length 128 bit key.
* Mcrypt is sensitive to keys that are not the correct length
*
* @param string
* @return string
*/
public function get_key($key = '')
{
if ($key === '') {
if ($this->encryption_key !== '') {
return $this->encryption_key;
}
$key = config_item('encryption_key');
if (!strlen($key)) {
terminate('In order to use the encryption class requires that you set an encryption key in your config file.');
}
}
return md5($key);
}
/**
* Prints a Fatal Error
*
* @access public
* @param string $message Error message
* @param int $backtrace Log trace back level
* @param int $http_response_code HTTP response code
* @return void
*/
static function Fatal($message, $backtrace = 0, $http_response_code = 500)
{
// Set Headers
header('Content-Type: text/html; charset=utf-8');
header('Cache-Control: no-cache, must-revalidate');
header('Pragma: no-cache');
if ($backtrace >= 0) {
$backtrace++;
$GLOBALS['log']->Log(JAWS_ERROR_FATAL, $message, $backtrace);
}
//Get content
$content = file_get_contents(JAWS_PATH . 'gadgets/ControlPanel/Templates/FatalError.html');
$content = str_replace('{{message}}', $message, $content);
jaws()->http_response_code($http_response_code);
terminate($content, $http_response_code, '', false);
}
/**
* Here generated data for module configuration dialog
*
*/
public function AJAXHandler()
{
if (!user_allowed_to('manage modules')) {
terminate('Forbidden', '', 403);
}
// фильтруем вход
$input_filter = array('target' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui')), 'value' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[\\sa-zA-Zа-яА-Я0-9\\_\\-%!@$^*\\(\\)\\[\\]&=.,/\\\\]+$~ui')), 'hash' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9]+$~ui')));
$_INPUT = get_filtered_input($input_filter);
switch ($_INPUT['action']) {
case 'get_settings':
if (($module_name = $_INPUT['target']) == '') {
terminate('Unknown module [from:admin]', '', 404);
}
// get config XML, mark nodes, transform and return
$xml = new DOMDocument('1.0', 'utf-8');
if ($module_name == self::CMS_SETTINGS_MODULE_PHANTOM) {
$xml->loadXML($this->CMSSettingsXML());
} else {
$xml->load(get_module_config_filename($module_name));
}
$this->iterateAndMark($xml);
return XSLTransform($xml->saveXML($xml->documentElement), __DIR__ . '/settings_box.xsl');
break;
case 'save_setting':
if (($module_name = $_INPUT['target']) == '') {
terminate('Unknown module [from:admin]', '', 404);
}
// first, get right XML
$xml = new DOMDocument('1.0', 'utf-8');
if ($module_name == self::CMS_SETTINGS_MODULE_PHANTOM) {
$xml->loadXML($this->CMSSettingsXML());
} else {
$filename = get_module_config_filename($module_name);
$xml->load($filename);
}
// traverse and find the node to change
$config_xml_path = $this->config_xml_path;
$found = false;
// means that node found
$this->iterateXMLFromNode($xml->documentElement, function ($element) use(&$found, $_INPUT, $config_xml_path) {
$node_path = $element->getNodePath();
if (md5($node_path) == $_INPUT['hash'] && substr($node_path, 0, strlen($config_xml_path)) == $config_xml_path) {
$found = $element->nodeName;
$element->nodeValue = htmlspecialchars($_INPUT['value']);
}
});
// if all OK, update file and return good
if ($found) {
if ($module_name == self::CMS_SETTINGS_MODULE_PHANTOM) {
if (!$this->updateConstInFile('./userfiles/_data_common/conf.php', $found, $_INPUT['value'])) {
terminate('Error updating file', '', 500);
}
} else {
if (!$xml->save($filename)) {
terminate('Error updating file', '', 500);
}
}
return 'OK';
} else {
terminate('Config file changed', '', 403);
}
break;
default:
terminate('Unknown action [from: admin]', '', 404);
break;
}
}
terminate($result);
}
if (!is_dir($root . $d)) {
if (!mkdir($root . $d, 0777, true)) {
$result['status'] = 'fail';
$result['errors'][] = "failed to create new dir";
terminate($result);
}
if (!is_dir($root . $d)) {
$result['status'] = 'fail';
$result['errors'][] = "failed to verify new dir";
terminate($result);
}
}
if (move_uploaded_file($_FILES['upl']['tmp_name'], $root . $d . $_FILES['upl']['name'])) {
$result['status'] = 'success';
$result['file_info']['dir'] = $root . $d;
$file_info = getimagesize($root . $d . $_FILES['upl']['name']);
$result['file_info']['width'] = $file_info[0];
$result['file_info']['height'] = $file_info[1];
$result['file_info']['mime'] = $file_info['mime'];
$result['file_info']['size'] = filesize($root . $d . $_FILES['upl']['name']);
terminate($result);
}
}
function terminate($result)
{
echo json_encode($result);
exit;
}
exit;
/**
* Check permission on a given gadget/task
*
* @access public
* @param string $gadget Gadget name
* @param string $key ACL key(s) name
* @param string $subkey ACL subkey name
* @param bool $together And/Or tasks permission result, default true
* @param string $errorMessage Error message to return
* @return mixed True if granted, else throws an Exception(Jaws_Error::Fatal)
*/
function CheckPermission($gadget, $key, $subkey = '', $together = true, $errorMessage = '')
{
if ($this->GetPermission($gadget, $key, $subkey, $together)) {
return true;
}
$GLOBALS['app']->InstanceLayout();
$GLOBALS['app']->Layout->LoadControlPanelHead();
$user = Jaws_Gadget::getInstance('Users')->action->load('Default');
$data = $user->ShowNoPermission($this->GetAttribute('username'), $gadget, $key);
terminate($data, 403);
}
<?php
defined('BASEPATH') or terminate('No direct script access allowed');
class CI_Data
{
public $data_count;
public $data_array;
private $error;
public function __construct()
{
$this->data_count = 0;
$this->data_array = array();
$this->error = load_class('Exceptions', 'core');
}
public function handle_data($action, $name, $value = '')
{
switch ($action) {
case 'add':
$this->add_data($name, $value);
break;
case 'remove':
$this->remove_data($name);
break;
}
}
public function add_data($name, $obj)
{
$this->data_array[$name] = $obj;
$this->data_count++;
}
public function remove_data($name)
/**
* AJAX!
*
*/
function AJAXHandler()
{
$input_filter = array('id' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^-?[0-9]+$~ui')), 'action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^[a-zA-Z0-9\\_\\-]+$~ui')));
$_INPUT = get_filtered_input($input_filter, array(FILTER_GET_BY_LIST));
// default responce
$response = 'unknown function';
switch ($_INPUT['action']) {
// add/edit dialog
case 'edit_elem':
if (!user_allowed_to('manage news')) {
terminate('Forbidden', '', 403);
}
// what to edit
if ($_INPUT['id'] == '') {
return 'bad ID';
}
module_init('menu');
// get element description
$q = CMS::$DB->query("select id, caption, link, page, streams, summary from `{$this->CONFIG['table']}` where id={$_INPUT['id']}");
$row = $q->fetch(PDO::FETCH_ASSOC);
$row['id'] = $_INPUT['id'];
$xml = array_to_xml($row, array('news-edit-data'));
// add pages list
$xml->documentElement->appendChild($xml->importNode(aliasCatchersAsXML(array('root' => 'page-list'))->documentElement, true));
return XSLTransform($xml->saveXML($xml->documentElement), __DIR__ . '/edit.xsl');
break;
}
return $response;
}
case 'setStatus':
if (!check($_GET['value'])) {
terminate(ERR::SERVER_DATA);
}
$status = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT);
$status == '1' ? $num = 1 : ($num = 0);
$updateBoard = $link->query("UPDATE `boards` SET `status`={$num} WHERE `serial`='{$serial}'") or terminate(ERR::QUERY_CODE);
$encode = array("passed" => true, "error" => "");
exit(json_encode($encode));
case 'setCalibration':
if (!check($_GET['value'])) {
terminate(ERR::SERVER_DATA);
}
$status = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT);
$status == '1' ? $num = 1 : ($num = 0);
$updateBoard = $link->query("UPDATE `boards` SET `calibration`={$num} WHERE `serial`='{$serial}'") or terminate(ERR::QUERY_CODE);
$encode = array("passed" => true, "error" => "");
exit(json_encode($encode));
case 'toggleStatus':
$status = intval($board->status);
$status == 1 ? $num = 0 : ($num = 1);
$updateBoard = $link->query("UPDATE `boards` SET `status`={$num} WHERE `serial`='{$serial}'") or terminate(ERR::QUERY_CODE);
terminate();
case 'getLog':
$log_query = $link->query("SELECT * FROM `logs` WHERE `board`='{$serial}' ORDER BY `id` DESC LIMIT 20 ") or terminate(ERR::QUERY_CODE);
$logs = array();
while ($log = $log_query->fetch_assoc()) {
array_push($logs, array('message' => $log['message'], 'timestamp' => $log['timestamp']));
}
exit(json_encode(array('status' => true, 'logs' => $logs)));
}
$ReqAction = null;
}
// set requested in front-end first/home page
$GLOBALS['app']->mainIndex = $IsIndex;
// Init layout...
$GLOBALS['app']->InstanceLayout();
$GLOBALS['app']->Layout->Load();
// Run auto-load methods before standalone actions too
$GLOBALS['app']->RunAutoload();
if (empty($ReqError)) {
$ReqResult = '';
if (!empty($objAction)) {
// set in main request
$GLOBALS['app']->inMainRequest = true;
$ReqResult = $objAction->Execute($ReqAction);
if (Jaws_Error::isError($ReqResult)) {
$ReqResult = $ReqResult->GetMessage();
}
$GLOBALS['app']->inMainRequest = false;
// we must check type of action after execute, because gadget can change it at runtime
$IsReqActionStandAlone = $objAction->IsStandAlone($ReqAction);
}
} else {
$ReqResult = Jaws_HTTPError::Get($ReqError);
}
if (!$IsReqActionStandAlone) {
$GLOBALS['app']->Layout->Populate($ReqResult, $AccessToWebsiteDenied);
$ReqResult = $GLOBALS['app']->Layout->Get();
}
terminate($ReqResult);
} else {
if (!$COOKIE_JESSIE_DID_SAY_HELLO) {
// say hello in first time
$GREETINGS = array("<span style=\"color:#FFF;\">{$MSG_GREETING}, <br/>My name is </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span> <br/><span style=\"color:#FFF;\">I'm here to assist your task.</span>", "<span style=\"color:#FFF;\">{$MSG_GREETING}, I'm </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span> <br/><span style=\"color:#FFF;\">{$COMMENT_ON_TIME}</span>");
} else {
$GREETINGS = array("<span style=\"color:#FFF;\">{$COMMENT_ON_TIME} <br/>It's me, </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span>", "<span style=\"color:#FFF;\">You're back! <br/>It's me, </span> <span style=\"color:#FF6699;\"><strong>Jessie.</strong></span>");
}
}
$random_idx = rand(0, COUNT($GREETINGS) - 1);
array_push($result->query_output_arr, $GREETINGS[$random_idx]);
} else {
if ($params->isYes($params->JESSIE_NEEDS_LOGIN)) {
// 사용자에게 로그인을 권유합니다.
$MSG_ARR = array("<span style=\"color:#FFF;\">You look great today!</span><br/> " . "<span style=\"color:#FFF;\">However I don't know who you are.</span> " . "<span style=\"color:#FFF;\">If you're <span style=\"color:#FF6699;\"><strong>login</strong></span>, I'd be your friend.</span>", "<span style=\"color:#FFF;\">Good day to do somthing!</span><br/> " . "<span style=\"color:#FFF;\">However I have no idea who you are.</span> " . "<span style=\"color:#FFF;\">If you don't mind,</span><span style=\"color:#FFF;\">Just <span style=\"color:#FF6699;\"><strong>logged in.</strong></span>");
array_push($result->query_output_arr, getRandomElement($MSG_ARR));
} else {
if ($params->isYes($params->JESSIE_CHECK_MEMBER_STATUS)) {
// 로그인 했다면 회원의 정보를 가져옵니다.
$MEMBER_ID = intval($WHAT_I_AM_JESSIE->__member_id);
$MEMBERSHIP_ID = intval($WHAT_I_AM_JESSIE->__membership_id);
$MSG_ABOUT_MOST_ADVANCED_ROLE = getRoleMessageMostImproved($wdj_mysql_interface, $params, $MEMBER_ID, $MEMBERSHIP_ID);
$MSG_ABOUT_MOST_BEHIND_ROLE = getRoleMessageMostBehind($wdj_mysql_interface, $params, $MEMBER_ID, $MEMBERSHIP_ID);
$MSG_ARR = array($MSG_ABOUT_MOST_ADVANCED_ROLE, $MSG_ABOUT_MOST_BEHIND_ROLE);
array_push($result->query_output_arr, getRandomElement($MSG_ARR));
}
}
}
terminate($wdj_mysql_interface, $result, $debug_stack_array, $debug);
?>
/**
* Set default controller
*
* @return void
*/
protected function _set_default_controller()
{
if (empty($this->default_controller)) {
terminate('Unable to determine what should be displayed. A default route has not been specified in the routing file.');
}
// Is the method being specified?
if (sscanf($this->default_controller, '%[^/]/%s', $class, $method) !== 2) {
$method = 'index';
}
if (!file_exists(APPPATH . 'controllers/' . $this->directory . ucfirst($class) . '.php')) {
// This will trigger 404 later
return;
}
$this->set_class($class);
$this->set_method($method);
// Assign routed segments, index starting from 1
$this->uri->rsegments = array(1 => $class, 2 => $method);
log_message('debug', 'No URI present. Default controller set.');
}
/**
* Internal CI Library Instantiator
*
* @used-by CI_Loader::_ci_load_stock_library()
* @used-by CI_Loader::_ci_load_library()
*
* @param string $class Class name
* @param string $prefix Class name prefix
* @param array|null|bool $config Optional configuration to pass to the class constructor:
* FALSE to skip;
* NULL to search in config paths;
* array containing configuration data
* @param string $object_name Optional object name to assign to
* @return void
*/
protected function _ci_init_library($class, $prefix, $config = FALSE, $object_name = NULL)
{
// Is there an associated config file for this class? Note: these should always be lowercase
if ($config === NULL) {
// Fetch the config paths containing any package paths
$config_component = $this->_ci_get_component('config');
if (is_array($config_component->_config_paths)) {
$found = FALSE;
foreach ($config_component->_config_paths as $path) {
// We test for both uppercase and lowercase, for servers that
// are case-sensitive with regard to file names. Load global first,
// override with environment next
if (file_exists($path . 'config/' . strtolower($class) . '.php')) {
include $path . 'config/' . strtolower($class) . '.php';
$found = TRUE;
} elseif (file_exists($path . 'config/' . ucfirst(strtolower($class)) . '.php')) {
include $path . 'config/' . ucfirst(strtolower($class)) . '.php';
$found = TRUE;
}
if (file_exists($path . 'config/' . ENVIRONMENT . '/' . strtolower($class) . '.php')) {
include $path . 'config/' . ENVIRONMENT . '/' . strtolower($class) . '.php';
$found = TRUE;
} elseif (file_exists($path . 'config/' . ENVIRONMENT . '/' . ucfirst(strtolower($class)) . '.php')) {
include $path . 'config/' . ENVIRONMENT . '/' . ucfirst(strtolower($class)) . '.php';
$found = TRUE;
}
// Break on the first found configuration, thus package
// files are not overridden by default paths
if ($found === TRUE) {
break;
}
}
}
}
$class_name = $prefix . $class;
// Is the class name valid?
if (!class_exists($class_name, FALSE)) {
log_message('error', 'Non-existent class: ' . $class_name);
terminate('Non-existent class: ' . $class_name);
}
// Set the variable name we will assign the class to
// Was a custom class name supplied? If so we'll use it
if (empty($object_name)) {
$object_name = strtolower($class);
if (isset($this->_ci_varmap[$object_name])) {
$object_name = $this->_ci_varmap[$object_name];
}
}
// Don't overwrite existing properties
$CI =& get_instance();
if (isset($CI->{$object_name})) {
if ($CI->{$object_name} instanceof $class_name) {
log_message('debug', $class_name . " has already been instantiated as '" . $object_name . "'. Second attempt aborted.");
return;
}
terminate("Resource '" . $object_name . "' already exists and is not a " . $class_name . " instance.");
}
// Save the class name and object name
$this->_ci_classes[$object_name] = $class;
// Instantiate the class
$CI->{$object_name} = isset($config) ? new $class_name($config) : new $class_name();
}
<?php
//Comprobacion de permisos del usuario
include "../checkauth.php";
include "../funciones.php";
include "../dataconnection.php";
if (!isset($_POST['recurso_id']) or !isset($_POST['contenido']) or !is_numeric($_POST['recurso_id']) or $_POST['contenido'] == "") {
terminate($conexion, true, "Bad Parameters");
} else {
$queEmp = "INSERT INTO comentario_recurso VALUES(NULL, " . $_POST['recurso_id'] . ", " . $_SESSION['usuario_id'] . ", '" . $_POST['contenido'] . "', NOW())";
$resEmp = mysql_query($queEmp, $conexion) or terminate($conexion, true, mysql_error());
}
terminate($conexion);
/**
* Generate just a single function stub file
*
*/
function singleFunction()
{
$func = new CodeGen_PECL_Element_Function();
$func->setRole("public");
$err = $func->setProto(trim($this->options->value("function")));
if (PEAR::isError($err)) {
terminate($err->get_message());
}
$err = $this->extension->addFunction($func);
if (PEAR::isError($err)) {
terminate($err->get_message());
}
echo $this->extension->publicFunctionsC();
echo "\n\n/*----------------------------------------------------------------------*/\n\n";
foreach ($this->extension->functions as $name => $function) {
echo sprintf("\tPHP_FE(%-20s, NULL)\n", $name);
}
echo "\n\n/*----------------------------------------------------------------------*/\n\n";
foreach ($this->extension->functions as $name => $function) {
echo "PHP_FUNCTION({$name});\n";
}
}
/**
* Loads layout template
*
* @access public
* @param string $layout_path Optional layout file path
* @param string $layout_file Optional layout file name
* @return void
*/
function Load($layout_path = '', $layout_file = '')
{
if ($this->attributes['site_status'] == 'disabled' && (JAWS_SCRIPT != 'admin' || $GLOBALS['app']->Session->Logged()) && !$GLOBALS['app']->Session->IsSuperAdmin()) {
$data = Jaws_HTTPError::Get(503);
terminate($data, 503);
}
$favicon = $this->attributes['site_favicon'];
if (!empty($favicon)) {
switch (pathinfo(basename($favicon), PATHINFO_EXTENSION)) {
case 'svg':
$this->AddHeadLink($favicon, 'icon', 'image/svg');
break;
case 'png':
$this->AddHeadLink($favicon, 'icon', 'image/png');
break;
case 'ico':
$this->AddHeadLink($favicon, 'icon', 'image/vnd.microsoft.icon');
break;
case 'gif':
$this->AddHeadLink($favicon, 'icon', 'image/gif');
break;
}
}
$this->AddScriptLink('libraries/jquery/jquery.js?' . JAWS_VERSION);
$this->AddScriptLink('include/Jaws/Resources/Ajax.js?' . JAWS_VERSION);
if (empty($layout_path)) {
$theme = $GLOBALS['app']->GetTheme();
if (!$theme['exists']) {
Jaws_Error::Fatal('Theme ' . $theme['name'] . ' doesn\'t exists.');
}
$layout_path = $theme['path'];
$this->IndexLayout = $GLOBALS['app']->mainIndex && $theme['index'];
if (empty($layout_file)) {
$layout_file = $this->IndexLayout ? 'index.html' : 'layout.html';
}
}
$this->_Template = new Jaws_Template();
$this->_Template->Load($layout_file, $layout_path);
$this->_Template->SetBlock('layout');
$direction = _t('GLOBAL_LANG_DIRECTION');
$dir = $direction == 'rtl' ? ".{$direction}" : '';
$browser = $GLOBALS['app']->GetBrowserFlag();
$browser = empty($browser) ? '' : ".{$browser}";
$base_url = $GLOBALS['app']->GetSiteURL('/');
$this->_Template->SetVariable('base_url', $base_url);
$this->_Template->SetVariable('skip_to_content', _t('GLOBAL_SKIP_TO_CONTENT'));
$this->_Template->SetVariable('.dir', $dir);
$this->_Template->SetVariable('.browser', $browser);
$this->_Template->SetVariable('site-url', $base_url);
$this->_Template->SetVariable('site-direction', $direction);
$this->_Template->SetVariable('site-name', $this->attributes['site_name']);
$this->_Template->SetVariable('site-slogan', $this->attributes['site_slogan']);
$this->_Template->SetVariable('site-comment', $this->attributes['site_comment']);
$this->_Template->SetVariable('site-author', $this->attributes['site_author']);
$this->_Template->SetVariable('site-license', $this->attributes['site_license']);
$this->_Template->SetVariable('site-copyright', $this->attributes['site_copyright']);
$cMetas = @unserialize($this->attributes['site_custom_meta']);
if (!empty($cMetas)) {
foreach ($cMetas as $cMeta) {
$this->AddHeadMeta($cMeta[0], $cMeta[1]);
}
}
$this->_Template->SetVariable('encoding', 'utf-8');
$this->_Template->SetVariable('loading-message', _t('GLOBAL_LOADING'));
}
<?php
//Comprobacion de permisos del usuario
include "../checkauth.php";
include "../funciones.php";
include "../dataconnection.php";
if (!isset($_POST['usuario_id'])) {
header('HTTP/1.1 500 Internal Server Error');
mysql_close($conexion);
die;
} else {
$queEmp = "SELECT grupo_id FROM grupo_usuario WHERE usuario_id=" . $_POST['usuario_id'] . " LIMIT 1";
$resEmp = mysql_query($queEmp, $conexion) or die(mysql_error());
$totEmp = mysql_num_rows($resEmp);
if ($totEmp == 0) {
terminate($conexion, true, "No groups");
} else {
$row = mysql_fetch_assoc($resEmp);
echo json_encode($row);
}
}
mysql_close($conexion);
