/** * Template tag: get excerpt 2 (Full version) * This full version may auto-generate an excerpt if it is found to be empty. * * @param array Associative list of params * - allow_empty: force generation if excert is empty (Default: false) * - update_db: update the DB if we generated an excerpt (Default: true) * @return string */ function get_excerpt2($params = array()) { $params += array('allow_empty' => false, 'update_db' => true); if (!$params['allow_empty']) { // Make sure excerpt the excerpt is not empty by updating it automatically if needed: if ($this->update_excerpt() && $params['update_db'] && $this->ID) { // We have updated... let's also update the DB: $this->dbupdate(false); // Do not auto track modification date. } } // Old DBs may have tags in exceprts, so we strip them: return utf8_strip_tags($this->excerpt); }
/** * Get the param from an array param's first index instead of the value. * * E.g., for "param[value]" as a submit button you can get the value with * <code>Request::param_arrayindex( 'param' )</code>. * * @see param_action() * @param string Param name * @param mixed Default to use * @return string */ function param_arrayindex($param_name, $default = '') { $array = array_keys(param($param_name, 'array', array())); $value = array_pop($array); if (is_string($value)) { $value = utf8_substr(utf8_strip_tags($value), 0, 50); // sanitize it } elseif (!empty($value)) { // this is probably a numeric index from '<input name="array[]" .. />' debug_die('Invalid array param!'); } else { $value = $default; } return $value; }
// User is trying to login right now // Stop a request from the blocked IP addresses or Domains antispam_block_request(); global $action; // Set $action so it can be recorded in the hitlog: $action = 'login'; $Debuglog->add('Login: User is trying to log in.', '_init_login'); header_nocache(); // Don't take risks here :p // Check that this login request is not a CSRF hacked request: $Session->assert_received_crumb('loginform'); // fp> NOTE: TODO: now that we require goign through the login form, all the login logic that is here can probably be moved to login.php ? // Note: login and password cannot include ' or " or > or < // Note: login cannot include @ $login = utf8_strtolower(utf8_strip_tags(remove_magic_quotes($login))); $pass = utf8_strip_tags(remove_magic_quotes($pass)); $pass_md5 = md5($pass); /* * Handle javascript-hashed password: * If possible, the login form will hash the entered password with a salt that changes everytime. */ param('pwd_salt', 'string', ''); // just for comparison with the one from Session $pwd_salt_sess = $Session->get('core.pwd_salt'); // $Debuglog->add( 'Login: salt: '.var_export($pwd_salt, true).', session salt: '.var_export($pwd_salt_sess, true), '_init_login' ); $transmit_hashed_password = (bool) $Settings->get('js_passwd_hashing') && !(bool) $Plugins->trigger_event_first_true('LoginAttemptNeedsRawPassword'); if ($transmit_hashed_password) { param('pwd_hashed', 'array:string', array()); } else { // at least one plugin requests the password un-hashed: $pwd_hashed = array();
/** * Template tag: get excerpt * This light version does display only. It never tries to auto-generate the excerpt. * * May be used in ItemLight lists such as sitemaps, feeds, recent posts, post widgets where the exceprt might be used as a title, etc. * * @param string filename to use to display more * @return string */ function get_excerpt($format = 'htmlbody') { // Character conversions + old DBs may have tags in excerpts, so we strip them: return format_to_output(utf8_strip_tags($this->excerpt), $format); }