public function __construct($api_key, $key_secret, $endpoint = 'https://api.coviu.com/v1', $auto_run = true, $throw_on_failure = true)
{
$base = Request::request($endpoint);
$client = new OAuth2Client($api_key, $key_secret, $base);
$this->sessions = new SessionApi($base->auth(new Authenticator($client)));
if ($auto_run) {
$this->sessions = new RunDecorator($this->sessions);
if ($throw_on_failure) {
$this->sessions = new ThrowDecorator($this->sessions);
}
}
}
public function testSanatize()
{
$_GET['xss'] = "hello <script>alert('world')</script>";
$_GET['xss2'] = array("hello <script>alert('world')</script>");
$Request = new Request();
$this->assertEqual($Request->rawGet('xss'), "hello <script>alert('world')</script>");
$this->assertEqual($Request->get('xss'), "hello ");
$this->assertEqual($Request->get('xss2'), array("hello "));
$_POST['xss'] = "hello <script>alert('world')</script>";
$_POST['xss2'] = array("hello <script>alert('world')</script>");
$Request = new Request();
$this->assertEqual($Request->rawPost('xss'), "hello <script>alert('world')</script>");
$this->assertEqual($Request->post('xss'), "hello ");
$this->assertEqual($Request->post('xss2'), array("hello "));
$_REQUEST['xss'] = "hello <script>alert('world')</script>";
$_REQUEST['xss2'] = array("hello <script>alert('world')</script>");
$Request = new Request();
$this->assertEqual($Request->rawRequest('xss'), "hello <script>alert('world')</script>");
$this->assertEqual($Request->request('xss'), "hello ");
$this->assertEqual($Request->request('xss2'), array("hello "));
}
public function execute()
{
try {
$response = Request::request($this->method, $this->url(), $this->params, $this->headers);
$this->responseBody = $response['body'];
$this->responseCode = $response['code'];
} catch (Exception $e) {
$this->responseBody = $e->getMessage();
$this->responseCode = $e->getCode();
throw new ApiError($this->responseBody, $this->method, $this->responseCode);
}
if ($this->responseCode < 200 || $this->responseCode >= 300) {
throw $this->composeError();
}
return $this->responseJson();
}
public static function __constructStatic()
{
if (!Lobby::$cli) {
self::$requestURI = $_SERVER['REQUEST_URI'];
/**
* Make the request URL relative to the base URL of Lobby installation.
* http://localhost/lobby will be changed to "/"
* and http://lobby.local to "/"
* ---------------------
* We do this directly to $_SERVER['REQUEST_URI'] because, Klein (router)
* obtains the value from it. Hence we keep the original value in self::$requestURI
*/
$lobbyBase = str_replace(str_replace("\\", "/", $_SERVER['DOCUMENT_ROOT']), "", L_DIR);
$lobbyBase = substr($lobbyBase, 0) == "/" ? substr_replace($lobbyBase, "", 0) : $lobbyBase;
$_SERVER['REQUEST_URI'] = str_replace($lobbyBase, "", $_SERVER['REQUEST_URI']);
$_SERVER['REQUEST_URI'] = substr($_SERVER['REQUEST_URI'], -1) == "/" && $_SERVER['REQUEST_URI'] != "/" ? substr_replace($_SERVER['REQUEST_URI'], "", -1) : $_SERVER['REQUEST_URI'];
}
self::$request = new SymRequest($_GET, $_POST, array(), array(), $_FILES, $_SERVER);
}
public function start()
{
//Oraculum::Load('Request');
$request = Request::request();
$url = str_ireplace(URL, '', $request);
$gets = Request::gets();
if (isset($gets[BASE + 1])) {
$page = $gets[BASE + 1];
} else {
$page = $this->_defaulturl;
//throw new Exception('[Erro CGFC36] Nao foi possivel determinar a pagina atraves da URL');
}
if ($url == '') {
$url = $this->_defaulturl;
}
if ($page == '') {
$page = $this->_defaulturl;
}
App::loadControl()->loadPage($page, $url);
}
} else {
if ($questionRow['inputType'] == 'field') {
$question['type'] = 'text';
} else {
$question['type'] = $questionRow['inputType'];
}
}
$question['labelFor'] = 'for="Question' . $questionRow['msqID'] . '"';
//Remove hardcoded style on textareas
if ($question['type'] == 'textarea') {
$question['input'] = str_replace('style="width:95%"', '', $question['input']);
}
$questions[] = $question;
}
//Prep thank-you message
$success = \Request::request('surveySuccess') && \Request::request('qsid') == intval($qsID);
$thanksMsg = $survey->thankyouMsg;
//Collate all errors and put them into divs
$errorHeader = isset($formResponse) ? $formResponse : null;
$errors = isset($errors) && is_array($errors) ? $errors : array();
if (isset($invalidIP) && $invalidIP) {
$errors[] = $invalidIP;
}
$errorDivs = '';
foreach ($errors as $error) {
$errorDivs .= '<div class="error">' . $error . "</div>\n";
//It's okay for this one thing to have the html here -- it can be identified in CSS via parent wrapper div (e.g. '.formblock .error')
}
//Prep captcha
$surveyBlockInfo = $miniSurvey->getMiniSurveyBlockInfoByQuestionId($qsID, $bID);
$captcha = $surveyBlockInfo['displayCaptcha'] ? Loader::helper('validation/captcha') : false;
<div class="preview-frame-container">
<iframe
style="display:none"
src="<?php
echo URL::to('/ccm/system/panels/page/preview_as_user/render') . '?&cID=' . Request::request('cID');
?>
"
data-src="<?php
echo URL::to('/ccm/system/panels/page/preview_as_user/render');
?>
">></iframe>
<div class="cover"></div>
<div class="loader">
<div class="icon">
<i class="fa fa-cog fa-spin"></i>
</div>
</div>
</div>
<script type="application/javascript">
(function (window, $, _) {
'use strict';
var container = $('div.preview-frame-container'),
frame = container.children('iframe'),
loader = container.children('div.loader'),
form;
Concrete.event.bind('PanelOpenDetail', function(e) {
Concrete.event.unsubscribe(e);
var bind = _.once(function() {
/**
* Generates a checkbox.
*
* @param string $key The name/id of the element. It should end with '[]' if it's to return an array on submit.
* @param string $value String value sent to server, if checkbox is checked, on submit
* @param string $isChecked "Checked" value (subject to be overridden by $_REQUEST). Checkbox is checked if value is true (string). Note that 'false' (string) evaluates to true (boolean)!
* @param array $miscFields Additional fields appended to the element (a hash array of attributes name => value), possibly including 'class'.
*
* @return string
*/
public function checkbox($key, $value, $isChecked = false, $miscFields = array())
{
if (substr($key, -2) == '[]') {
$_field = substr($key, 0, -2);
$id = $_field . '_' . $value;
} else {
$_field = $key;
$id = $key;
}
$checked = false;
if ($isChecked && \Request::request($_field) === null && !\Request::isPost()) {
$checked = true;
} else {
$requestValue = $this->getRequestValue($key);
if ($requestValue !== false) {
if (is_array($requestValue)) {
if (in_array($value, $requestValue)) {
$checked = true;
}
} elseif ($requestValue == $value) {
$checked = true;
}
}
}
$checked = $checked ? ' checked="checked"' : '';
return '<input type="checkbox" id="' . $id . '" name="' . $key . '"' . $this->parseMiscFields('ccm-input-checkbox', $miscFields) . ' value="' . $value . '"' . $checked . ' />';
}
use Concrete\Core\Page\Stack\Pile\Pile;
use Concrete\Core\Page\Stack\Pile\PileContent;
defined('C5_EXECUTE') or die("Access Denied.");
if (!$u->isRegistered() || !Core::make('token')->validate('tools/clipboard/from') && !Core::make('token')->validate('tools/clipboard/to')) {
die(t("Access Denied."));
}
$p = false;
$c = Page::getByID($_REQUEST['cID']);
// add a block to a pile
$cp = new Permissions($c);
if (!$cp->canViewPage()) {
die(t("Access Denied."));
}
if (Request::request('task', 'default') === 'delete') {
$pileContent = PileContent::get(Request::request('pcID', 0));
if (!$pileContent->getPile()->isMyPile()) {
die(t("Access Denied."));
}
$pileContent->delete();
} else {
$u = new User();
$a = Area::get($c, $_REQUEST['arHandle']);
if ($a->isGlobalArea()) {
$ax = STACKS_AREA_NAME;
$cx = Stack::getByName($_REQUEST['arHandle']);
}
$b = Block::getByID($_REQUEST['bID'], $cx, $ax);
if ($b->getBlockTypeHandle() == BLOCK_HANDLE_SCRAPBOOK_PROXY) {
$bi = $b->getInstance();
$b = Block::getByID($bi->getOriginalBlockID());
/**
* Display default page
*
* @return void
*/
public function homeTask()
{
$cart = new CartModelCurrentCart();
// Initialize errors array
$errors = array();
// Update cart if needed
$updateCartRequest = Request::getVar('updateCart', false, 'post');
// If pIds are posted, convert them to SKUs
$pIds = Request::getVar('pId', false, 'post');
//print_r($pIds); die;
$skus = Request::getVar('skus', false, 'post');
if ($updateCartRequest && ($pIds || $skus)) {
if (!empty($pIds)) {
$skus = array();
include_once PATH_CORE . DS . 'components' . DS . 'com_storefront' . DS . 'models' . DS . 'Warehouse.php';
$warehouse = new StorefrontModelWarehouse();
foreach ($pIds as $pId => $qty) {
$product_skus = $warehouse->getProductSkus($pId);
// each pId must map to one SKU, otherwise ignored, since there is no way which SKU is being added
// Must be only one sku...
if (sizeof($product_skus) != 1) {
continue;
}
$skus[$product_skus[0]] = $qty;
}
} else {
if (!is_array($skus)) {
$skus = array($skus => 1);
}
}
//print_r($skus); die;
// Turn off syncing to prevent redundant session update queries
$cart->setSync(false);
foreach ($skus as $sId => $qty) {
try {
$cart->update($sId, $qty);
} catch (Exception $e) {
$cart->setMessage($e->getMessage(), 'error');
}
}
// set flag to redirect
$redirect = true;
if ($cart->hasMessages()) {
$redirect = false;
}
} else {
$allPost = Request::request();
foreach ($allPost as $var => $val) {
if ($val == 'delete') {
$toDelete = explode('_', $var);
//print_r($toDelete); die;
if ($toDelete[0] == 'delete') {
$sId = $toDelete[1];
// Delete the requested item by setting its QTY to zero
$redirect = true;
try {
$cart->update($sId, 0);
} catch (Exception $e) {
$cart->setMessage($e->getMessage(), 'error');
$redirect = false;
}
}
}
}
}
// Add coupon if needed
$addCouponRequest = Request::getVar('addCouponCode', false, 'post');
$couponCode = Request::getVar('couponCode', false, 'post');
if ($addCouponRequest && $couponCode) {
// Sync cart before pontial coupons applying
$cart->getCartInfo(true);
// Add coupon
try {
$cart->addCoupon($couponCode);
} catch (Exception $e) {
$cart->setMessage($e->getMessage(), 'error');
}
// set flag to redirect
$redirect = true;
if ($cart->hasMessages()) {
$redirect = false;
}
}
// Check for express add to cart
if (!empty($redirect) && $redirect) {
// If this is an express checkout (go to the confirm page right away) there shouldn't be any items in the cart
// Since redirect is set, there are no errors
$expressCheckout = Request::getVar('expressCheckout', false, 'post');
// make sure the cart is empty
if ($expressCheckout && !empty($skus) && $cart->isEmpty()) {
// Get the latest synced cart info, it will also enable cart syncing that was turned off before
$cart->getCartInfo(true);
// Redirect directly to checkout, skip the cart page
$redirect_url = Route::url('index.php?option=' . 'com_cart') . DS . 'checkout';
App::redirect($redirect_url);
}
// prevent resubmitting form by refresh
// redirect to cart
$redirect_url = Route::url('index.php?option=' . 'com_cart');
App::redirect($redirect_url);
}
// Get the latest synced cart info, it will also enable cart syncing that was turned off before
$cartInfo = $cart->getCartInfo(true);
$this->view->cartInfo = $cartInfo;
// Handle coupons
$couponPerks = $cart->getCouponPerks();
//print_r($couponPerks); die;
$this->view->couponPerks = $couponPerks;
// Handle memberships
$membershipInfo = $cart->getMembershipInfo();
//print_r($membershipInfo); die;
$this->view->membershipInfo = $membershipInfo;
// At this point the cart is lifted and may have some issues/errors (say, after merging), get them
if ($cart->hasMessages()) {
$cartMessages = $cart->getMessages();
$this->view->notifications = $cartMessages;
}
$this->view->display();
}
<?php
use Concrete\Core\File\Exception\InvalidDimensionException;
use Concrete\Core\File\Image\Thumbnail\Thumbnail;
$view = new View('image-editor/editor');
$file = File::getByID(intval(Request::request('fID', 1)));
/** @var FileVersion $file_version */
$file_version = $file->getVersion(intval(Request::request('fvID', 1)));
$handle = Request::request('thumbnail', '');
/* @var Thumbnail[] $thumbnails */
try {
$thumbnails = $file_version->getThumbnails();
} catch (InvalidDimensionException $e) {
$view = \View::getInstance();
$view->renderError(t('Invalid File Dimensions'), t('The dimensions for this image are either unspecified or invalid. Please rescan this file or manually enter' . ' the correct dimensions.'));
return;
} catch (\Exception $e) {
$view = \View::getInstance();
$view->renderError(t('Unknown Error'), t('An unknown error occurred while trying to find the thumbnails!'));
return;
}
$type_version = null;
$temp_version = false;
foreach ($thumbnails as $thumb) {
$temp_version = $thumb->getThumbnailTypeVersionObject();
if ($temp_version->getHandle() === $handle) {
$type_version = $temp_version;
break;
}
}
if ($type_version) {
public static function gets()
{
$request = Request::request();
$gets = explode('/', str_replace('?', '/', $request));
return $gets;
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
$u = new User();
$form = Loader::helper('form');
$dh = Core::make('helper/date');
/* @var $dh \Concrete\Core\Localization\Service\Date */
$fp = FilePermissions::getGlobal();
if (!$fp->canAccessFileManager()) {
die(t("Unable to access the file manager."));
}
$items = Request::request('fID');
if (Request::request('task') == 'duplicate_multiple_files') {
$json['error'] = false;
if (is_array($items)) {
foreach ($items as $fID) {
$f = File::getByID($fID);
$fp = new Permissions($f);
if ($fp->canCopyFile()) {
$nf = $f->duplicate();
$json['fID'][] = $nf->getFileID();
} else {
$json['errors'] = array(t('Unable to copy one or more files.'));
}
}
}
echo json_encode($json);
exit;
}
if (!is_array($items)) {
$obj = new stdClass();
$fID = isset($_REQUEST['fID']) ? intval($_REQUEST['fID']) : 0;
if ($fID < 1) {
die('{"error":1,"code":401,"message":"Invalid File"}');
}
$f = File::getByID($fID);
$fp = new Permissions($f);
if (!$fp->canWrite()) {
die('{"error":1,"code":401,"message":"Access Denied"}');
}
$imgData = isset($_REQUEST['imgData']) ? $_REQUEST['imgData'] : false;
if (!$imgData) {
die('{"error":1,"code":400,"message":"No Data"}');
}
/** @var Version $file_version */
$file_version = $f->getVersion(intval(Request::request('fvID', 1)));
$handle = Request::request('handle', '');
/** @var Thumbnail[] $thumbnails */
$thumbnails = $file_version->getThumbnails();
$thumbnail = null;
foreach ($thumbnails as $thumb) {
$type_version = $thumb->getThumbnailTypeVersionObject();
if ($type_version->getHandle() === $handle) {
$thumbnail = $thumb;
break;
}
}
if ($thumbnail) {
$fsl = $f->getFileStorageLocationObject();
/*
* Clear out the old image, and replace it with this data. This is destructive and not versioned, it definitely needs to
* be revised.
$ui = $message->getConversationMessageUserObject();
$class = 'message ccm-conversation-message ccm-conversation-message-level' . $message->getConversationMessageLevel();
if ($message->isConversationMessageDeleted()) {
$class .= ' ccm-conversation-message-deleted';
}
if (!isset($dateFormat)) {
$dateFormat = 'default';
} elseif ($dateFormat == 'custom' && $customDateFormat) {
$dateFormat = array($customDateFormat);
}
if (!$message->isConversationMessageApproved()) {
$class .= ' ccm-conversation-message-flagged';
}
$cnvMessageID = $message->getConversationMessageID();
$cnvID = $message->getConversationID();
$c = Page::getByID(\Request::request('cID'));
$cnvMessageURL = urlencode($c->getCollectionLink(true) . '#cnv' . $cnvID . 'Message' . $cnvMessageID);
if (!$message->isConversationMessageDeleted() && $message->isConversationMessageApproved() || $message->conversationMessageHasActiveChildren()) {
$author = $message->getConversationMessageAuthorObject();
$formatter = $author->getFormatter();
?>
<div data-conversation-message-id="<?php
echo $message->getConversationMessageID();
?>
" data-conversation-message-level="<?php
echo $message->getConversationMessageLevel();
?>
" class="<?php
echo $class;
?>
">
use Concrete\Core\Page\Stack\Pile\Pile;
use Concrete\Core\Page\Stack\Pile\PileContent;
defined('C5_EXECUTE') or die("Access Denied.");
if (!$u->isRegistered()) {
die(t("Access Denied."));
}
$p = false;
$c = Page::getByID($_REQUEST['cID']);
// add a block to a pile
$cp = new Permissions($c);
if (!$cp->canViewPage()) {
exit;
}
if (Request::request('task', 'default') === 'delete') {
PileContent::get(Request::request('pcID', 0))->delete();
} else {
$u = new User();
$a = Area::get($c, $_REQUEST['arHandle']);
if ($a->isGlobalArea()) {
$ax = STACKS_AREA_NAME;
$cx = Stack::getByName($_REQUEST['arHandle']);
}
$b = Block::getByID($_REQUEST['bID'], $cx, $ax);
if ($b->getBlockTypeHandle() == BLOCK_HANDLE_SCRAPBOOK_PROXY) {
$bi = $b->getInstance();
$b = Block::getByID($bi->getOriginalBlockID());
}
$ap = new Permissions($a);
if (!$ap->canViewArea()) {
exit;
public static function add($origem, $destino)
{
$request = Request::request();
$_SERVER['REQUEST_URI'] = str_replace($origem, $destino, $request);
}
public function handle_register($token = null)
{
/** @var FlashBagInterface $flashbag */
$flashbag = \Session::getFlashBag();
$this->firstName = array_shift($flashbag->peek('firstname'));
$this->lastName = array_shift($flashbag->peek('lastName'));
$this->username = array_shift($flashbag->peek('username'));
$this->token = array_shift($flashbag->peek('token'));
$token_helper = new Token();
if (!$token_helper->validate('twitter_register', $token) && !$token_helper->validate('twitter_register') || !$this->token) {
$this->redirect('/login/');
exit;
}
if (\Request::request('uEmail', false)) {
$this->email = \Request::request('uEmail');
$user = $this->createUser();
if ($user && !$user->isError()) {
$this->completeAuthentication($user);
}
}
$this->set('username', $this->username);
$this->set('show_email', true);
}
