示例#1
0
 /**
  * read the session
  *
  * @access	public
  * @param	boolean, set to true if we want to force a new session to be created
  * @return	Fuel\Core\Session_Driver
  */
 public function read($force = false)
 {
     // initialize the session
     $this->data = array();
     $this->keys = array();
     $this->flash = array();
     // get the session cookie
     $payload = $this->_get_cookie();
     // validate it
     if ($force) {
         // a forced session reset
     } elseif ($payload === false) {
         // no cookie found
     } elseif (!isset($payload[0]) or !is_array($payload[0])) {
         logger('DEBUG', 'Error: not a valid cookie payload!');
     } elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
         logger('DEBUG', 'Error: session id has expired!');
     } elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
         logger('DEBUG', 'Error: IP address in the session doesn\'t match this requests source IP!');
     } elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
         logger('DEBUG', 'Error: User agent in the session doesn\'t match the browsers user agent string!');
     } else {
         // session is valid, retrieve the payload
         if (isset($payload[0]) and is_array($payload[0])) {
             $this->keys = $payload[0];
         }
         if (isset($payload[1]) and is_array($payload[1])) {
             $this->data = $payload[1];
         }
         if (isset($payload[2]) and is_array($payload[2])) {
             $this->flash = $payload[2];
         }
     }
     return parent::read();
 }
示例#2
0
 /**
  * read the session
  *
  * @access public
  * @param
  *        	boolean, set to true if we want to force a new session to be created
  * @return Fuel\Core\Session_Driver
  */
 public function read($force = false)
 {
     // initialize the session
     $this->data = array();
     $this->keys = array();
     $this->flash = array();
     // get the session cookie
     $payload = $this->_get_cookie();
     // validate it
     if ($payload === false or $force) {
         // not a valid cookie, or a forced session reset
     } elseif (!isset($payload[0]) or !is_array($payload[0])) {
         // not a valid cookie payload
     } elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
         // session has expired
     } elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
         // IP address doesn't match
     } elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
         // user agent doesn't match
     } else {
         // session is valid, retrieve the payload
         if (isset($payload[0]) and is_array($payload[0])) {
             $this->keys = $payload[0];
         }
         if (isset($payload[1]) and is_array($payload[1])) {
             $this->data = $payload[1];
         }
         if (isset($payload[2]) and is_array($payload[2])) {
             $this->flash = $payload[2];
         }
     }
     return parent::read();
 }
示例#3
0
    public function action_send()
    {
        if (!\Security::check_token()) {
            \Log::error('CSRF: ' . \Input::uri() . ' ' . \Input::ip() . ' "' . \Input::user_agent() . '"');
            throw new HttpInvalidInputException('Invalid input data');
        }
        $val = $this->form()->validation();
        $val->add_callable('myvalidation');
        if ($val->run()) {
            $post = $val->validated();
            \Config::load('contact', true);
            $data = array();
            $data['email'] = $post['email'];
            $data['name'] = $post['name'];
            $data['to'] = \Config::get('contact.admin_email');
            $data['to_name'] = \Config::get('contact.admin_name');
            $data['subject'] = \Config::get('contact.mail_subject');
            $data['ip'] = \Input::ip();
            $data['ua'] = \Input::user_agent();
            $langs = implode(' ', $post['lang']);
            $data['body'] = <<<END
====================
名前: {$post['name']}
メールアドレス: {$post['email']}
IPアドレス: {$data['ip']}
ブラウザ: {$data['ua']}
====================
コメント: 
{$post['comment']}

性別: {$post['gender']}
問い合わせの種類: {$post['kind']}
好きな鳥: {$langs}
====================
END;
            try {
                $this->sendmail($data);
                $this->save($data);
                $this->template->title = 'コンタクトフォーム: 送信完了';
                $this->template->content = View::forge('contact/send');
            } catch (EmailValidationFailedException $e) {
                $this->template->title = 'コンタクトフォーム: 送信エラー';
                $this->template->content = View::forge('contact/error');
                \Log::error(__METHOD__ . ' email validation error: ' . $e->getMessage());
            } catch (EmailSendingFailedException $e) {
                $this->template->title = 'コンタクトフォーム: 送信エラー';
                $this->template->content = View::forge('contact/error');
                \Log::error(__METHOD__ . ' email sending error: ' . $e->getMessage());
            } catch (EmailSavingFailedException $e) {
                $this->template->title = 'コンタクトフォーム: 送信エラー';
                $this->template->content = View::forge('contact/error');
                \Log::error(__METHOD__ . ' email saving error: ' . $e->getMessage());
            }
        } else {
            $this->template->title = 'コンタクトフォーム: エラー';
            $this->template->content = View::forge('contact/index');
            $this->template->content->set_safe('html_error', $val->show_errors());
        }
    }
示例#4
0
文件: logging.php 项目: katsuwo/bbs
 function write($msg)
 {
     if ($msg == null) {
         return;
     }
     $msg = $msg . ' IP:' . Input::ip();
     //		Log::write(Fuel::L_NOTICE ,$msg);
     Log::write(Fuel::L_WARNING, $msg);
 }
 /**
  * create a new session
  *
  * @access	public
  * @return	Fuel\Core\Session_Cookie
  */
 public function create()
 {
     // create a new session
     $this->keys['session_id'] = $this->_new_session_id();
     $this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
     $this->keys['user_agent'] = \Input::user_agent();
     $this->keys['created'] = $this->time->get_timestamp();
     $this->keys['updated'] = $this->keys['created'];
     $this->keys['payload'] = '';
     return $this;
 }
 /**
  * create a new session
  *
  * @access	public
  * @return	Fuel\Core\Session_Memcached
  */
 public function create()
 {
     // create a new session
     $this->keys['session_id'] = $this->_new_session_id();
     $this->keys['previous_id'] = $this->keys['session_id'];
     // prevents errors if previous_id has a unique index
     $this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
     $this->keys['user_agent'] = \Input::user_agent();
     $this->keys['created'] = $this->time->get_timestamp();
     $this->keys['updated'] = $this->keys['created'];
     return $this;
 }
示例#7
0
 public function action_send()
 {
     // CSRF対策
     if (!Security::check_token()) {
         throw new HttpInvalidInputException('ページ遷移が正しくありません');
     }
     $form = $this->forge_form();
     $val = $form->validation()->add_callable('MyValidationRules');
     if (!$val->run()) {
         $form->repopulate();
         $this->template->title = 'コンタクトフォーム: エラー';
         $this->template->content = View::forge('form/index');
         $this->template->content->set_safe('html_error', $val->show_errors());
         $this->template->content->set_safe('html_form', $form->build('form/confirm'));
         return;
     }
     $post = $val->validated();
     $post['ip_address'] = Input::ip();
     $post['user_agent'] = Input::user_agent();
     unset($post['submit']);
     // データベースへ保存
     $model_form = Model_Form::forge($post);
     $ret = $model_form->save();
     if (!$ret) {
         Log::error('データベース保存エラー', __METHOD__);
         $form->repopulate();
         $this->template->title = 'コンタクトフォーム: サーバエラー';
         $this->template->content = View::forge('form/index');
         $html_error = '<p>サーバでエラーが発生しました。</p>';
         $this->template->content->set_safe('html_error', $html_error);
         $this->template->content->set_safe('html_form', $form->build('form/confirm'));
         return;
     }
     // メールの送信
     try {
         $mail = new Model_Mail();
         $mail->send($post);
         $this->template->title = 'コンタクトフォーム: 送信完了';
         $this->template->content = View::forge('form/send');
         return;
     } catch (EmailValidationFailedException $e) {
         Log::error('メール検証エラー: ' . $e->getMessage(), __METHOD__);
         $html_error = '<p>メールアドレスに誤りがあります。</p>';
     } catch (EmailSendingFailedException $e) {
         Log::error('メール送信エラー: ' . $e->getMessage(), __METHOD__);
         $html_error = '<p>メールを送信できませんでした。</p>';
     }
     $form->repopulate();
     $this->template->title = 'コンタクトフォーム: 送信エラー';
     $this->template->content = View::forge('form/index');
     $this->template->content->set_safe('html_error', $html_error);
     $this->template->content->set_safe('html_form', $form->build('form/confirm'));
 }
示例#8
0
 public function attempt_number($email)
 {
     $ip = \Input::ip();
     //Check the number of log in attempts for this user and this ip
     $lastGood = Model_Log_In_Attempt::query()->select('time')->where('status', Model_Log_In_Attempt::$ATTEMPT_GOOD)->and_where_open()->where('email', $email)->or_where('ip', $ip)->and_where_close()->order_by('time', 'DESC')->limit(1);
     $attempts = Model_Log_In_Attempt::query()->where('time', '>', $lastGood->get_query(false))->and_where_open()->where('email', $email)->or_where('ip', $ip)->and_where_close()->order_by('time', 'DESC')->get();
     if (count($attempts) == 0) {
         //There was no good last login so get all of them instead
         $attempts = Model_Log_In_Attempt::find('all', array('where' => array('or' => array(array('ip', $ip), array('email', $email))), 'order_by' => array(array('time', 'DESC'))));
     }
     return count($attempts);
 }
示例#9
0
 /**
  * create a new session
  *
  * @access	public
  * @return	void
  */
 public function create()
 {
     // create a new session
     $this->keys['session_id'] = $this->_new_session_id();
     $this->keys['previous_id'] = $this->keys['session_id'];
     // prevents errors if previous_id has a unique index
     $this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
     $this->keys['user_agent'] = \Input::user_agent();
     $this->keys['created'] = $this->time->get_timestamp();
     $this->keys['updated'] = $this->keys['created'];
     // create the session record
     $this->_write_redis($this->keys['session_id'], serialize(array()));
     // and set the session cookie
     $this->_set_cookie();
 }
示例#10
0
 /**
  * create a new session
  *
  * @access	public
  * @return	void
  */
 public function create()
 {
     // create a new session
     $this->keys['session_id'] = $this->_new_session_id();
     $this->keys['previous_id'] = $this->keys['session_id'];
     // prevents errors if previous_id has a unique index
     $this->keys['ip_hash'] = md5(\Input::ip() . \Input::real_ip());
     $this->keys['user_agent'] = \Input::user_agent();
     $this->keys['created'] = $this->time->get_timestamp();
     $this->keys['updated'] = $this->keys['created'];
     $this->keys['payload'] = '';
     // create the session record
     $result = \DB::insert($this->config['table'], array_keys($this->keys))->values($this->keys)->execute($this->config['database']);
     // and set the session cookie
     $this->_set_cookie();
 }
示例#11
0
 public function action_create()
 {
     if (Input::method() == 'POST') {
         $val = Model_Request::validate('create');
         if ($val->run()) {
             $request = Model_Request::forge(array('body' => Input::post('body'), 'ip' => Input::ip()));
             if ($request and $request->save()) {
                 Session::set_flash('success', 'Added request #' . $request->id . '.');
                 Response::redirect('request');
             } else {
                 Session::set_flash('error', 'Could not save request.');
             }
         } else {
             Session::set_flash('error', $val->error());
         }
     }
     $this->template->title = "Requests";
     $this->template->content = View::forge('request/create');
 }
示例#12
0
    public function build_mail($post)
    {
        $data['from'] = $post['email'];
        $data['from_name'] = $post['name'];
        $data['to'] = '*****@*****.**';
        $data['to_name'] = '管理者';
        $data['subject'] = 'コンタクトフォーム';
        $ip = Input::ip();
        $agent = Input::user_agent();
        $data['body'] = <<<END
------------------------------------------------------------
          名前: {$post['name']}
メールアドレス: {$post['email']}
    IPアドレス: {$ip}
      ブラウザ: {$agent}
------------------------------------------------------------
コメント:
{$post['comment']}
------------------------------------------------------------
END;
        return $data;
    }
示例#13
0
    protected function build_mail($post)
    {
        Config::load('contact_form', true);
        $data['from'] = $post['email'];
        $data['from_name'] = $post['name'];
        $data['to'] = Config::get('contact_form.admin_email');
        $data['to_name'] = Config::get('contact_form.admin_name');
        $data['subject'] = Config::get('contact_form.subject');
        $ip = Input::ip();
        $agent = Input::user_agent();
        $data['body'] = <<<END
------------------------------------------------------------
          名前: {$post['name']}
メールアドレス: {$post['email']}
    IPアドレス: {$ip}
      ブラウザ: {$agent}
------------------------------------------------------------
コメント:
{$post['comment']}
------------------------------------------------------------
END;
        return $data;
    }
示例#14
0
文件: app.php 项目: ratiw/petro
 public function action_login()
 {
     if (Input::method() == 'POST') {
         if (!\Security::check_token()) {
             \Log::info('CSRF detected from IP:' . \Input::ip() . ', Real IP:' . \Input::real_ip() . ', Ref:' . \Input::referrer() . ', Agent:' . \Input::user_agent());
             throw new \HttpNotFoundException();
         }
         $val = \Validation::forge('users');
         $val->add_field('username', 'Your username', 'required|min_length[3]|max_length[20]');
         $val->add_field('password', 'Your password', 'required|min_length[3]|max_length[20]');
         if ($val->run()) {
             $valid_login = \Auth::instance()->login($val->validated('username'), $val->validated('password'));
             if ($valid_login) {
                 $user = \Auth::instance()->get_user_info();
                 \Session::set('user_info', $user);
                 \Session::set_flash('success', 'Welcome, ' . $val->validated('username'));
                 $url = \Session::get('redirect_url', '/');
                 \Session::delete('redirect_url');
                 \Response::redirect($url);
             } else {
                 $data['username'] = $val->validated('username');
                 \Session::set_flash('error', 'Wrong username/password. Try again');
             }
         } else {
             \Session::set_flash('error', 'Please correct the error(s).');
             $this->template->set_global('errors', $val->error());
         }
     }
     $this->template->title = 'Login';
     $this->template->page_title = 'Login';
     $this->template->content = \View::forge('petro/login');
 }
示例#15
0
 /**
  * read the session
  *
  * @access	public
  * @param	boolean, set to true if we want to force a new session to be created
  * @return	Fuel\Core\Session_Driver
  */
 public function read($force = false)
 {
     // initialize the session
     $this->data = array();
     $this->keys = array();
     $this->flash = array();
     // get the session cookie
     $cookie = $this->_get_cookie();
     // if a cookie was present, find the session record
     if ($cookie and !$force and isset($cookie[0])) {
         // read the session file
         $payload = $this->_read_redis($cookie[0]);
         if ($payload === false) {
             // cookie present, but session record missing. force creation of a new session
             return $this->read(true);
         }
         // unpack the payload
         $payload = $this->_unserialize($payload);
         // session referral?
         if (isset($payload['rotated_session_id'])) {
             $payload = $this->_read_redis($payload['rotated_session_id']);
             if ($payload === false) {
                 // cookie present, but session record missing. force creation of a new session
                 return $this->read(true);
             }
             // unpack the payload
             $payload = $this->_unserialize($payload);
         }
         if (!isset($payload[0]) or !is_array($payload[0])) {
             // not a valid cookie payload
         } elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
             // session has expired
         } elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
             // IP address doesn't match
         } elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
             // user agent doesn't match
         } else {
             // session is valid, retrieve the rest of the payload
             if (isset($payload[0]) and is_array($payload[0])) {
                 $this->keys = $payload[0];
             }
             if (isset($payload[1]) and is_array($payload[1])) {
                 $this->data = $payload[1];
             }
             if (isset($payload[2]) and is_array($payload[2])) {
                 $this->flash = $payload[2];
             }
         }
     }
     return parent::read();
 }
示例#16
0
 /**
  * read the session
  *
  * @access	public
  * @param	boolean, set to true if we want to force a new session to be created
  * @return	Fuel\Core\Session_Driver
  */
 public function read($force = false)
 {
     // initialize the session
     $this->data = array();
     $this->keys = array();
     $this->flash = array();
     $this->record = null;
     // get the session cookie
     $cookie = $this->_get_cookie();
     // if a cookie was present, find the session record
     if ($cookie and !$force and isset($cookie[0])) {
         // read the session record
         $this->record = \DB::select()->where('session_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
         // record found?
         if ($this->record->count()) {
             $payload = $this->_unserialize($this->record->get('payload'));
         } else {
             // try to find the session on previous id
             $this->record = \DB::select()->where('previous_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
             // record found?
             if ($this->record->count()) {
                 $payload = $this->_unserialize($this->record->get('payload'));
             } else {
                 // cookie present, but session record missing. force creation of a new session
                 logger('DEBUG', 'Error: Session cookie with ID "' . $cookie[0] . '" present but corresponding record is missing');
                 return $this->read(true);
             }
         }
         if (!isset($payload[0]) or !is_array($payload[0])) {
             logger('DEBUG', 'Error: not a valid db session payload!');
         } elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
             logger('DEBUG', 'Error: session id has expired!');
         } elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
             logger('DEBUG', 'Error: IP address in the session doesn\'t match this requests source IP!');
         } elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
             logger('DEBUG', 'Error: User agent in the session doesn\'t match the browsers user agent string!');
         } else {
             // session is valid, retrieve the payload
             if (isset($payload[0]) and is_array($payload[0])) {
                 $this->keys = $payload[0];
             }
             if (isset($payload[1]) and is_array($payload[1])) {
                 $this->data = $payload[1];
             }
             if (isset($payload[2]) and is_array($payload[2])) {
                 $this->flash = $payload[2];
             }
         }
     }
     return parent::read();
 }
示例#17
0
 protected static function log($msg, $method)
 {
     $uri = \Input::uri();
     $ip = \Input::ip();
     $agent = \Input::user_agent();
     $msg = $msg . ' [' . $uri . ' ' . $ip . ' "' . $agent . '"]';
     \Log::write('Auth', $msg, $method);
 }
示例#18
0
 /**
  * ฟังก์ชั่นตรวจสอบการ login
  *
  * @return array
  */
 private function checkLogin($user, $password)
 {
     // current session
     $session_id = session_id();
     if (!empty(self::$cfg->demo_mode) && $user == 'demo' && $password == 'demo') {
         // login เป็น demo
         $login_result = array('id' => 0, 'email' => 'demo', 'password' => 'demo', 'displayname' => 'demo', 'status' => 0, 'admin_access' => 1, 'activatecode' => '', 'ban_date' => 0, 'session_id' => $session_id, 'visited' => 0, 'fb' => 0);
         return (object) $login_result;
     } else {
         // ตรวจสอบการ login กับฐานข้อมูล
         $login_result = false;
         $qs = array();
         $where = array();
         foreach (self::$cfg->login_fields as $field) {
             $qs[] = "`{$field}`=:{$field}";
             $where[":{$field}"] = $user;
         }
         $sql = "SELECT * FROM `" . $this->tableWithPrefix('user') . "` WHERE " . implode(' OR ', $qs) . " ORDER BY `status` DESC";
         foreach ($this->db->customQuery($sql, true, $where) as $item) {
             if ($item['password'] == md5($password . $item['email'])) {
                 $login_result = $item;
                 break;
             }
         }
         if (!$login_result) {
             // user หรือ password ไม่ถูกต้อง
             return isset($item) ? 'Incorrect password' : 'not a registered user';
         } elseif (!empty($login_result['activatecode'])) {
             // ยังไม่ได้ activate
             return 'No confirmation email, please check your e-mail';
         } elseif (!empty($login_result['ban'])) {
             // ติดแบน
             return 'Members were suspended';
         } else {
             // ตรวจสอบการ login มากกว่า 1 ip
             $ip = Input::ip();
             if (self::$cfg->member_only_ip && !empty($ip)) {
                 $sql = "SELECT * FROM `" . $this->tableWithPrefix('useronline') . "`";
                 $sql .= " WHERE `member_id`='{$login_result['id']}' AND `ip`!='{$ip}' AND `ip`!=''";
                 $sql .= " ORDER BY `time` DESC LIMIT 1";
                 $online = $this->db->customQuery($sql);
                 if (sizeof($online) == 1 && time() - $online[0]['time'] < \Kotchasan::$settings->count_gap) {
                     // login ต่าง ip กัน
                     return 'Members of this system already';
                 }
             }
             $userupdate = false;
             // อัปเดทการเยี่ยมชม
             if ($session_id != $login_result['session_id']) {
                 $login_result['visited']++;
                 $userupdate = true;
             }
             // บันทึกลง db
             if ($userupdate) {
                 $this->db->update($this->tableWithPrefix('user'), $login_result['id'], array('session_id' => $session_id, 'visited' => $login_result['visited'], 'lastvisited' => time(), 'ip' => $ip));
             }
             return (object) $login_result;
         }
     }
 }
示例#19
0
 public static function log_error($msg, $value)
 {
     Log::error($msg . ': ' . Input::uri() . ' ' . rawurlencode($value) . ' ' . Input::ip() . ' "' . Input::user_agent() . '"');
 }
示例#20
0
 public static function log_error($message, $level = 'error')
 {
     if (!FBD_OUTPUT_ERROR_LOG_LEVEL) {
         return;
     }
     if (!in_array($level, array('error', 'warning', 'info', 'debug'))) {
         throw new InvalidArgumentException('Second parameter is invalid.');
     }
     switch (FBD_OUTPUT_ERROR_LOG_LEVEL) {
         case 'error':
             if (in_array($level, array('warning', 'info', 'debug'))) {
                 return;
             }
             break;
         case 'warning':
             if (in_array($level, array('info', 'debug'))) {
                 return;
             }
             break;
         case 'info':
             if ($level == 'debug') {
                 return;
             }
             break;
         case 'debug':
         default:
             break;
     }
     \Log::$level($message . ': ' . \Input::uri() . ' ' . \Input::ip() . ' "' . \Input::user_agent() . '"');
 }
示例#21
0
文件: db.php 项目: vienbk91/fuelphp17
 /**
  * read the session
  *
  * @access public
  * @param
  *        	boolean, set to true if we want to force a new session to be created
  * @return Fuel\Core\Session_Driver
  */
 public function read($force = false)
 {
     // initialize the session
     $this->data = array();
     $this->keys = array();
     $this->flash = array();
     $this->record = null;
     // get the session cookie
     $cookie = $this->_get_cookie();
     // if a cookie was present, find the session record
     if ($cookie and !$force and isset($cookie[0])) {
         // read the session record
         $this->record = \DB::select()->where('session_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
         // record found?
         if ($this->record->count()) {
             $payload = $this->_unserialize($this->record->get('payload'));
         } else {
             // try to find the session on previous id
             $this->record = \DB::select()->where('previous_id', '=', $cookie[0])->from($this->config['table'])->execute($this->config['database']);
             // record found?
             if ($this->record->count()) {
                 $payload = $this->_unserialize($this->record->get('payload'));
             } else {
                 // cookie present, but session record missing. force creation of a new session
                 return $this->read(true);
             }
         }
         if (!isset($payload[0]) or !is_array($payload[0])) {
             // not a valid cookie payload
         } elseif ($payload[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
             // session has expired
         } elseif ($this->config['match_ip'] and $payload[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
             // IP address doesn't match
         } elseif ($this->config['match_ua'] and $payload[0]['user_agent'] !== \Input::user_agent()) {
             // user agent doesn't match
         } else {
             // session is valid, retrieve the payload
             if (isset($payload[0]) and is_array($payload[0])) {
                 $this->keys = $payload[0];
             }
             if (isset($payload[1]) and is_array($payload[1])) {
                 $this->data = $payload[1];
             }
             if (isset($payload[2]) and is_array($payload[2])) {
                 $this->flash = $payload[2];
             }
         }
     }
     return parent::read();
 }
示例#22
0
 /**
  * IPアドレスによるアクセス制限
  */
 protected function filter_ip()
 {
     $conf = \Config::load('payment', true);
     $allow_ip = $conf['allow_ip'];
     if (!in_array(Input::ip(), $allow_ip)) {
         Response::redirect('excpetion/404');
     }
 }
示例#23
0
                <td><?php 
        echo $data->first_name;
        ?>
</td>
            </tr>
            <tr>
                <td><b>Last Name:</b></td>
                <td><?php 
        echo $data->last_name;
        ?>
</td>
            </tr>
            <tr>
                <td><b>User IP address:</b></td>
                <td><?php 
        echo \Input::ip();
        ?>
</td>
            </tr>
            
        </table>

        <hr>
        
        <h3>Products</h3>
        
        <?php 
        if (!empty($data->products)) {
            ?>
            <table border="1" cellpadding="3">
                <tr>
示例#24
0
文件: bbs.php 项目: katsuwo/bbs
 /**
  * 書き込み修正画面コントローラ
  * @return type
  */
 public function action_edit()
 {
     if (Input::post('articleId_') == null || Input::post('shortName_') == null || Input::post('bbsId_') == null) {
         return Response::forge("パラメータ異常");
     }
     $articleId = Input::post('articleId_');
     $shortName = Input::post('shortName_');
     $bbsId = Input::post('bbsId_');
     $ref = Input::referrer();
     $validReferrer = Uri::base() . 'bbs/editConfirm' . DS . $bbsId . DS . $articleId;
     if ($ref != $validReferrer) {
         $log = new Logging();
         $log->writeLog_Warning('Invalid Referrer', __FILE__, __LINE__);
         return Response::forge('パラメータ異常');
     }
     $board = $this->getBoardFromShortName($shortName);
     if ($board == null) {
         $log = new Logging();
         $log->writeLog_Warning('Board is missing', __FILE__, __LINE__);
         return Response::forge("パラメータ異常");
     }
     //書き込みIDから書き込みを得る
     $ar = Model_Article::find($articleId);
     if ($ar == null) {
         $log = new Logging();
         $log->writeLog_Warning('Article is missing', __FILE__, __LINE__);
         return Response::forge("パラメータ異常");
     }
     if ($ar->password != Input::post('password')) {
         //パスワードミスマッチ表示
         $log = new Logging();
         $log->writeLog_Warning('password(HiddenField) is missmatch', __FILE__, __LINE__);
         $this->showInvalidPassword($board);
         return;
     }
     //2ch型掲示板の場合は、バリデーションルールを変える
     $val = $this->doValidate($board);
     if ($val->run()) {
         $ar->authorName = $val->validated('authorName');
         $ar->authorEmail = $val->validated('authorEmail');
         if ($board->type != 2) {
             $ar->authorAge = $val->validated('authorAge');
             $ar->authorPrefecture = $val->validated('authorPrefecture');
             $ar->authorIsMale = $val->validated('authorIsMale');
             $ar->authorProfile = $val->validated('authorProfile');
         }
         if ($board->allowXvideos == true) {
             $ar->xvideosURL = $val->validated('xvideosURL');
         }
         $ar->body = $val->validated('body');
         $ar->title = $val->validated('title');
         $ar->password = $val->validated('password');
         $ar->authorAgent = $_SERVER['HTTP_USER_AGENT'];
         $ar->authorIP = Input::ip();
         $ar->save();
         $data['backURL'] = 'bbs/index/' . $board->shortName;
         $data['result'] = '修正は正常に完了しました。';
         $this->setBoardTitle($board);
         $content = View::forge('bbs/postResult', $data);
         $content->set_safe('descriptionStyle', 'background-color:Aquamarine');
         $content->set_safe('articleStyle', 'background-color:BlanchedAlmond');
         $this->template->set_safe('textColor', 'black');
         $this->template->set_safe('linkColor', 'red');
         $this->template->set_safe('backGroundColor', 'white');
         $this->template->content = $content;
     } else {
         //バリデーション異常
         $out = '';
         foreach ($val->error() as $error) {
             $out .= $error . '<br>';
         }
         //エラーメッセージをsessionで渡す
         Session::set('errorMsg', $out);
         $redirectURL = 'bbs/editConfirm/' . $board->id . DS . $articleId;
         Response::redirect($redirectURL);
     }
 }
示例#25
0
文件: base.php 项目: uzura8/flockbird
 protected function check_remote_ip()
 {
     $module = Site_Util::get_module_name();
     if (empty($GLOBALS['_FBD_ACCESS_ACCEPT_IPS'][$module])) {
         return;
     }
     if (in_array(\Input::ip(), $GLOBALS['_FBD_ACCESS_ACCEPT_IPS'][$module])) {
         return;
     }
     if (IS_API) {
         $response = new Response(null, 403);
         $response->send();
     }
     Response::redirect('error/403');
 }
示例#26
0
 /**
  * read a cookie
  *
  * @access	private
  * @return  void
  */
 protected function _get_cookie()
 {
     // was the cookie posted?
     $cookie = \Input::get_post($this->config['post_cookie_name'], false);
     // if not found, fetch the regular cookie
     if ($cookie === false) {
         $cookie = \Cookie::get($this->config['cookie_name'], false);
     }
     if ($cookie !== false) {
         // fetch the payload
         $cookie = $this->_unserialize(\Crypt::decode($cookie));
         // validate the cookie
         if (!isset($cookie[0])) {
             // not a valid cookie payload
         } elseif ($cookie[0]['updated'] + $this->config['expiration_time'] <= $this->time->get_timestamp()) {
             // session has expired
         } elseif ($this->config['match_ip'] && $cookie[0]['ip_hash'] !== md5(\Input::ip() . \Input::real_ip())) {
             // IP address doesn't match
         } elseif ($this->config['match_ua'] && $cookie[0]['user_agent'] !== \Input::user_agent()) {
             // user agent doesn't match
         } else {
             // session is valid, retrieve the session keys
             if (isset($cookie[0])) {
                 $this->keys = $cookie[0];
             }
             // and return the cookie payload
             array_shift($cookie);
             return $cookie;
         }
     }
     // no payload
     return false;
 }
示例#27
0
 public function before_insert(\Orm\Model $model)
 {
     $model->{$this->_ip_field} = \Input::ip();
 }