public static function init($reinit = false, $config = array()) { self::$active_debug_mode = false; self::$allow_backtrace_sql = isset($_REQUEST['sql_backtrace']); self::$debugger_cookie = !empty($_COOKIE['debugger']) ? $_COOKIE['debugger'] : ''; if ($reinit) { Registry::registerCache('debugger', SESSION_ALIVE_TIME, Registry::cacheLevel('time'), true); self::$actives = fn_get_storage_data('debugger_active'); self::$actives = !empty(self::$actives) ? unserialize(self::$actives) : array(); $active_in_registry = !empty(self::$actives[self::$debugger_cookie]) && time() - self::$actives[self::$debugger_cookie] < 0 ? true : false; } $debugger_token = !empty($config) ? $config['debugger_token'] : Registry::get('config.debugger_token'); switch (true) { case defined('AJAX_REQUEST') && substr($_REQUEST['dispatch'], 0, 8) !== 'debugger': break; case defined('DEBUG_MODE') && DEBUG_MODE == true: case !$reinit && (!empty(self::$debugger_cookie) || isset($_REQUEST[$debugger_token])): self::$active_debug_mode = true; break; case !$reinit: break; // next if reinit // next if reinit case !empty(self::$debugger_cookie) && !empty($active_in_registry): self::$active_debug_mode = true; break; case isset($_REQUEST[$debugger_token]): $salt = ''; if ($_SESSION['auth']['user_type'] == 'A' && $_SESSION['auth']['is_root'] == 'Y') { $user_admin = db_get_row('SELECT email, password FROM ?:users WHERE user_id = ?i', $_SESSION['auth']['user_id']); $salt = $user_admin['email'] . $user_admin['password']; } if ($debugger_token != self::DEFAULT_TOKEN || !empty($salt)) { // for non-default token allow full access self::$debugger_cookie = substr(md5(SESSION::getId() . $salt), 0, 8); $active_in_registry = true; self::$active_debug_mode = true; } if (AREA == 'C' && !empty($_REQUEST[$debugger_token])) { if (!empty(self::$actives[$_REQUEST[$debugger_token]]) && time() - self::$actives[$_REQUEST[$debugger_token]] < 0) { $active_in_registry = true; self::$debugger_cookie = $_REQUEST[$debugger_token]; self::$active_debug_mode = true; } } fn_set_cookie('debugger', self::$debugger_cookie, SESSION_ALIVE_TIME); break; } if ($reinit && self::$active_debug_mode && !empty(self::$debugger_cookie)) { self::$actives[self::$debugger_cookie] = time() + self::EXPIRE_DEBUGGER; fn_set_storage_data('debugger_active', serialize(self::$actives)); $active_in_registry = true; } if ($reinit && !empty(self::$debugger_cookie) && empty($active_in_registry)) { fn_set_cookie('debugger', '', 0); unset(self::$actives[self::$debugger_cookie]); fn_set_storage_data('debugger_active', serialize(self::$actives)); } return self::$active_debug_mode; }
function __construct($agentData, $sessionLink = '', $POST = true, $formVarname = 'form') { if ($agentData) { if ($formVarname) { if (isset($agentData->{$formVarname})) { user_error(__CLASS__ . ": Overwriting existing \$agentData->{$formVarname}! If this is the intended behavior, unset(\$agentData->{$formVarname}) to remove this warning."); } $agentData->{$formVarname} = $this; } $this->agentData = $agentData; } else { $this->agentData = false; } $this->POST = (bool) $POST; if ($this->POST) { p::canPost(); if (isset($_POST['_POST_BACKUP'])) { // This should only be used for field persistence, not as valid input $this->rawValues =& $GLOBALS['_POST_BACKUP']; // $this->filesValues =& $GLOBALS['_FILES_BACKUP']; } else { $this->rawValues =& $_POST; $this->filesValues =& $_FILES; } } else { $this->rawValues =& $_GET; } if ($sessionLink) { s::bind($sessionLink, $this->sessionLink); if (!$this->sessionLink) { $this->sessionLink = array(0); } } }
/** * * @param unknown $arrParam * @param string $option * @return multitype:unknown */ public function listItems($arrParam, $option = null) { if ($option['task'] == 'books-in-cart') { $cart = SESSION::get('cart'); $result = array(); if (!empty($cart)) { $ids = "("; foreach ($cart['quantity'] as $key => $value) { $ids .= "'" . $key . "', "; } $ids .= " '0')"; $query[] = "SELECT `id`, `name`, `picture`"; $query[] = "FROM `" . TBL_BOOK . "`"; $query[] = "WHERE `status` = 1 AND `id` IN {$ids}"; $query[] = "ORDER BY `ordering` ASC"; $query = implode(" ", $query); $result = $this->fetchAll($query); foreach ($result as $key => $value) { $result[$key]['quantity'] = $cart['quantity'][$value['id']]; $result[$key]['totalprice'] = $cart['price'][$value['id']]; $result[$key]['price'] = $result[$key]['totalprice'] / $result[$key]['quantity']; } } return $result; } }
public function update() { $data['content'] = $_POST['content']; $id = $_POST['id']; if (SESSION::get('admin')) { $update = $this->_model->update("text", $data, "id={$id}"); } }
function m_post($title, $description, $image, $latitude, $longitude) { $output = 0; $user = null; $this->db; $this->query("SELECT id_ad FROM ads WHERE title = :title AND description = :description AND image = :image"); $this->bind(':title', $title); $this->bind(':description', $description); $this->bind(':image', $image); $this->execute(); $this->beginTransaction(); if ($this->rowCount() == 0) { $this->query("SELECT id_user FROM users WHERE email = :user"); $this->bind(':user', SESSION::get('user')); $this->execute(); $user = $this->resultSet(); $user = $user[0]['id_user']; if ($this->rowCount() > 0) { $this->query("INSERT INTO ads(title,description,latitude,longitude,user) VALUES(:title,:description,:latitude,:longitude,:user)"); $this->bind(':title', $title); $this->bind(':description', $description); $this->bind(':latitude', $latitude); $this->bind(':longitude', $longitude); $this->bind(':user', $user); $this->execute(); if ($this->rowCount() > 0) { $this->query("INSERT INTO images(image_path,resolution,size,ad) VALUES(:image,null,null,:ad)"); $this->bind(':image', $image); $this->bind(':ad', $this->lastInsertID()); $this->execute(); if ($this->rowCount() > 0) { $this->query("INSERT INTO images(image_path,resolution,size,ad) VALUES(:image,null,null,:ad)"); $this->bind(':image', $image); $this->bind(':ad', $this->lastInsertID()); $this->execute(); } else { $output = -4; } } else { $output = -3; } } else { $output = -2; } } else { $output = -1; } if ($output == 0) { $this->endTransaction(); } else { $this->cancelTransaction(); } return $output; }
protected function doSchedule($time) { $db = $this->getPdoConnection(); if ($time < $_SERVER['REQUEST_TIME'] - 366 * 86400) { $time += $_SERVER['REQUEST_TIME']; } $data = array('task' => $this, 'cookie' => &$_COOKIE, 'session' => class_exists('SESSION', false) ? s::getAll() : array()); $sql = "INSERT INTO queue (base, data, run_time)\n VALUES (?,?,?)"; $db->prepare($sql)->execute(array(p::__BASE__(), serialize($data), $time)); $id = $db->lastInsertId(); $this->registerQueue(); return $id; }
public function ag() { $data['title'] = 'ADMIN'; $data['subtitle'] = 'ADMIN'; if (!SESSION::get('admin')) { $this->_view->render('header', $data); $this->_view->render('partials/partials_header', $data); $this->_view->render('admin/login', $data); $this->_view->render('partials/partials_footer', $data); $this->_view->render('footer', $data); } else { URL::REDIRECT("portfolio"); } }
public function logout() { if (\SESSION::get('uid') != '') { // session_destroy(); // session_unset(); \SESSION::remove_all(); // only for this app // setcookie(PREFX.'st',0,1); header("Location: ./"); // here we can put session message like "you logged out" exit; } else { \CORE::msg('debug', 'Not signed in yet'); } }
/** * Returns the state of the player from the database, * uses a user_id if one is present, otherwise * defaults to the currently logged in player, but can act on any player * if another username is passed in. * @param $user user_id or username * @param @password Unless true, wipe the password. **/ function get_player_info($user = null, $password = false) { $sql = new DBAccess(); $player_data = null; if (is_numeric($user)) { $sel_player = "select * from players where player_id = '" . $user . "' limit 1"; } else { $username = either($user, SESSION::is_set('username') ? SESSION::get('username') : null); // Default to current session user. $sel_player = "select * from players where uname = '" . sql($username) . "' limit 1"; } $player_data = $sql->QueryRowAssoc($sel_player); if (!$password) { unset($player_data['pname']); } return $player_data; }
function contact() { $result = $this->model->addContact(); SESSION::init(); if ($result == 1) { $_SESSION['message'] = "Your Comment/Suggestion has been submitted successfully. We will get back to you shortly"; redirect_to($this->uri->link("contact_us")); } elseif ($result == 2) { $_SESSION['message'] = "Your Comment/Suggestion was not successful, please try again."; redirect_to($this->uri->link("contact_us")); } elseif ($result != 1 && $result != 2 && $result != "") { $_SESSION['message'] = "Check the following errors: " . $result; redirect_to($this->uri->link("contact_us")); } else { $_SESSION['message'] = "An error occurred, please try again."; redirect_to($this->uri->link("contact_us")); } }
public function showPage($url) { //Gestion de l'affichage/transmission des données $parameters = $this->_configuration->getAsArray(); $parameters["_current_page"] = $url; $parameters["_error"] = false; $parameters["_logged"] = Session::getLoggedAccount() != false; if (isset($this->_datasheme["404"]) == false) { throw new Exception("Vous devez définir la fonction 404."); } if (isset($this->_datasheme["refused"]) == false) { throw new Exception("Vous devez définir la fonction accès refusé."); } if (isset($this->_datasheme[$url])) { $data_url = str_replace("/" . $url, "", "{$_SERVER['REQUEST_URI']}"); $data_url = explode("/", $data_url); $data_sheme = explode("/", $this->_datasheme[$url]); //Suppression des valeurs inutiles afin d'assouplir le système for ($i = 1; $i < count($data_url); $i++) { if ($data_url[$i] == "") { unset($data_url[$i]); } } //affectation des paramètres for ($i = 1; $i < count($data_sheme); $i++) { //TODO: supprimer le +4 dans la version finale du moteur if (isset($data_url[$i + 4])) { $parameters[$data_sheme[$i]] = $data_url[$i + 4]; } } if ($this->_requireAuth[$url] == false || $this->_requireAuth[$url] == true && isset($_SESSION["credentials"]) == true && SESSION::checkCredentials($_SESSION["credentials"]) == true) { $this->_functions[$url]($parameters); } else { $parameters["_error"] = true; $this->_functions["refused"]($parameters); } } else { $parameters["_error"] = true; $this->_functions["404"]($parameters); } }
private function __construct() { $uid = \SESSION::get('uid'); if ($uid != '') { $this->uid = (int) $uid; if ($this->uid > 0) { $gid = \SESSION::get('gid'); if ($gid != '') { $this->gid = (int) $gid; } $pid = \SESSION::get('pid'); if ($pid != '') { $this->pid = (int) $pid; } $user = \SESSION::get('user'); if ($user != '') { $this->username = $user; } } } \CORE::msg('debug', 'user (uid:' . $this->uid . '; gid:' . $this->gid . ';)'); }
public function upload() { if (SESSION::get('admin')) { if (isset($_FILES['image'])) { $errors = array(); $file_name = $_FILES['image']['name']; $file_size = $_FILES['image']['size']; $file_tmp = $_FILES['image']['tmp_name']; $file_type = $_FILES['image']['type']; $file_ext = strtolower(end(explode('.', $_FILES['image']['name']))); $expensions = array("jpeg", "jpg", "png", "pdf"); if (in_array($file_ext, $expensions) === false) { $errors[] = "extension not allowed, please choose a JPEG or PNG file."; } if ($file_size > 2097152) { $errors[] = 'File size must be excately 2 MB'; } if (empty($errors) == true) { $id = $_POST['id_content3']; $clause = "WHERE id = {$id}"; $old_data = $this->_model->selectAllClauseOrderBy("text", $clause, null, null); $old_data_picture = $old_data[0]['content']; if (file_exists($old_data_picture)) { unlink($old_data_picture); } $new_data_picture = "assets/vita/" . $file_name; move_uploaded_file($file_tmp, $new_data_picture); $data['content'] = $new_data_picture; $update = $this->_model->update("text", $data, "id={$id}"); return print_r("Success"); } else { return print_r("Error"); } } else { return print_r("No File"); } } }
protected function pushMail($mailer, &$headers, &$options) { if (isset($options['testMode'])) { $this->testMode = $options['testMode']; } else { if ($this->testMode) { $options['testMode'] = 1; } } $sent = -(int) (bool) (!empty($options['testMode'])); $archive = (int) (!(empty($options['archive']) && empty($options['testMode']))); $time = isset($options['time']) ? $options['time'] : 0; if ($time < $_SERVER['REQUEST_TIME'] - 366 * 86400) { $time += $_SERVER['REQUEST_TIME']; } if (!empty($options['attachments']) && is_array($options['attachments'])) { $tmpToken = false; foreach ($options['attachments'] as &$file) { if (is_uploaded_file($file) || PATCHWORK_ZCACHE === substr($file, 0, strlen(PATCHWORK_ZCACHE))) { $tmpToken || ($tmpToken = p::strongId(8)); $base = PATCHWORK_ZCACHE . p::strongId(8) . '~' . $tmpToken; copy($file, $base); $file = $base; } } unset($file, $options['attachments.tmpToken']); $tmpToken && ($options['attachments.tmpToken'] = $tmpToken); } $data = array('mailer' => $mailer, 'headers' => &$headers, 'options' => &$options, 'cookie' => &$_COOKIE, 'session' => class_exists('SESSION', false) ? s::getAll() : array()); $db = $this->getPdoConnection(); $sql = "INSERT INTO queue (base, data, send_time, archive, sent_time)\n VALUES (?,?,?,?,?)"; $db->prepare($sql)->execute(array(p::__BASE__(), serialize($data), $time, $archive, $sent)); $sql = $db->lastInsertId(); $this->registerQueue(); return $sql; }
protected static function setSID($SID) { if (self::$IPlevel) { // Session <-> IP binding (IPv4 only) $IPs = '127.0.0.1,' . $_SERVER['REMOTE_ADDR'] . ',' . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '') . ',' . (isset($_SERVER['HTTP_CLIENT_IP']) ? $_SERVER['HTTP_CLIENT_IP'] : ''); preg_match_all('/(?<![\\.\\d])\\d+(?:\\.\\d+){' . (self::$IPlevel - 1) . '}/u', $IPs, $IPs); sort($IPs[0]) && ($IPs[0] = array_unique($IPs[0])); $IPs[1] = explode('.', $_SERVER['REMOTE_ADDR'], self::$IPlevel + 1); unset($IPs[1][self::$IPlevel]); $IPs = implode('.', $IPs[1]) . ',' . implode(',', $IPs[0]); } else { $IPs = ''; } self::$SID = md5($SID . '-' . $IPs); }
function put_player_info_in_session($player_stats) { assert(count($player_stats) > 0); foreach ($player_stats as $name => $val) { if (is_string($name)) { SESSION::set($name, $val); } else { if (DEBUG) { var_dump($player_stats); throw new Exception('player stat not a string'); } } } }
$post_address = "https://safe.sandbox-cresecure.net/securepayments/a1/cc_collection.php"; } $msg = fn_get_lang_var('text_cc_processor_connection'); $msg = str_replace('[processor]', 'CRE Secure', $msg); $post = array(); $post['total_amt'] = sprintf('%.2f', $order_info['total']); $post['return_url'] = Registry::get('config.https_location') . "/{$index_script}?dispatch=payment_notification.return&payment=cresecure&order_id={$order_id}"; $post['content_template_url'] = Registry::get('config.https_location') . "/payments/cresecure_template.php?order_id={$order_id}"; $post['b_country'] = db_get_field('SELECT a.code_A3 FROM ?:countries as a WHERE a.code = ?s', $order_info['b_country']); $post['s_country'] = db_get_field('SELECT a.code_A3 FROM ?:countries as a WHERE a.code = ?s', $order_info['s_country']); $post['customer_address'] = $order_info['b_address'] . (!empty($order_info['b_address_2']) ? ' ' . $order_info['b_address_2'] : ''); $post['delivery_address'] = $order_info['s_address'] . (!empty($order_info['s_address_2']) ? ' ' . $order_info['s_address_2'] : ''); $post['customer_phone'] = !empty($order_info['b_phone']) ? $order_info['b_phone'] : ''; $post['delivery_phone'] = !empty($order_info['s_phone']) ? $order_info['s_phone'] : ''; $post['allowed_types'] = !empty($processor_data['params']['allowed_types']) ? join('|', $processor_data['params']['allowed_types']) : 'Visa|MasterCard'; $post['sess_id'] = SESSION::get_id(); $post['sess_name'] = SESS_NAME; $post['order_id'] = $order_info['order_id']; $post['currency'] = $processor_data['params']['currency']; echo <<<EOT t<html> t<body onLoad="document.process.submit();"> t<form action="{$post_address}" method="POST" name="process"> t\t<input type="hidden" name="CRESecureID" value="{$processor_data['params']['cresecureid']}" /> t\t<input type="hidden" name="CRESecureAPIToken" value="{$processor_data['params']['cresecureapitoken']}" /> t\t<input type="hidden" name="total_amt" value="{$post['total_amt']}" /> t\t<input type="hidden" name="return_url" value="{$post['return_url']}" /> t\t<input type="hidden" name="content_template_url" value="{$post['content_template_url']}" /> t\t<input type="hidden" name="order_id" value="{$post['order_id']}" /> t\t<input type="hidden" name="customer_id" value="{$order_info['user_id']}" /> t\t<input type="hidden" name="currency_code" value="{$post['currency']}" />
protected function restoreContext(&$cookie, &$session) { if ($session) { $_COOKIE = array(); foreach ($session as $k => &$v) { s::set($k, $v); } s::regenerateId(false, false); } $_COOKIE =& $cookie; }
/** * Returns the state of the player from the database, * uses a user_id if one is present, otherwise * defaults to the currently logged in player, but can act on any player * if another username is passed in. * @param $user user_id or username **/ function char_info($p_id) { if (!$p_id) { if (defined('DEBUG') && DEBUG) { nw_error('DEPRECATED: call to char_info with a null argument. For clarity reasons, this is now deprecated, use the player object instead. Backtrace: ' . print_r(debug_backtrace(), true)); } return self_info(); } $id = whichever($p_id, SESSION::get('player_id')); // *** Default to current player. *** if (!is_numeric($id)) { // If there's no id, don't try to get any data. return null; } $player = new Player($id); // Constructor uses DAO to get player object. $player_data = array(); if ($player instanceof Player && $player->id()) { // Turn the player data vo into a simple array. $player_data = (array) $player->vo; $player_data['clan_id'] = $player->getClan() ? $player->getClan()->getID() : null; $player_data = add_data_to_player_row($player_data); } return $player_data; }
// ColorBox resize function, seems do work now var resizeTimer; $(window).resize(function(){ if (resizeTimer) clearTimeout(resizeTimer); resizeTimer = setTimeout(function() { if ($('#cboxOverlay').is(':visible')) { //reload ist selbst hinugefügt in colorbox.js, public func welche einfach nur load() aufruft $.colorbox.reload(); } }, 300) }); }); </script> <?php if (SESSION::get('admin')) { ?> <script type="text/javascript"> $(document).ready(function(){ //trigger modal $('.modal-trigger-newBilder').leanModal(); }); function confirmDelete(id,album_id){ console.log("id : "+album_id); $.ajax({ type: 'POST', data: { id: id, album_id:album_id }, url: <?php
$private = isset($private) ? $private : NULL; $quickstat = isset($quickstat) ? $quickstat : NULL; $alive = isset($alive) ? $alive : NULL; $page_title = isset($page_title) ? $page_title : "NinjaWars"; $error = null; // Logged in or alive error. update_activity_info(); // *** Updates the activity of the page viewer in the database. if (!is_logged_in()) { if ($private) { $error = render_viewable_error('log_in'); // Content being in the error triggers a die at the end of the header. } } else { // **************** Player information settings. ******************* $username = SESSION::get('username'); $player = new Player($username); // Defaults to current session user. $players_id = $player->player_id; $player_id = $players_id; // Just two aliases for the player id. $players_email = $player->vo->email; // TODO: Turn this into a list extraction? // password and messages intentionally excluded. $players_turns = $player->vo->turns; $players_health = $player->vo->health; $players_bounty = $player->vo->bounty; $players_gold = $player->vo->gold; $players_level = $player->vo->level; $players_class = $player->vo->class; $players_strength = $player->vo->strength;
public static function DESTROY() { ///######## IF A SESSION HAS BEEN STARTED if (self::$sessionState == self::SESSION_STARTED) { ///########================================================== ///######## IF A CUSTOM CALLER FUNCTION HAS BEEN SET ON EXIT ///########================================================== if (isset(self::$CallerFunctions['onexit']) === true) { ///######## SET THE FUNCTION TITLE $FunctionTitle = self::$CallerFunctions['onexit']; ///######## EXECUTE THE CUSTOM CALLER FUNCTION $FunctionTitle(self::$CurrentSession); } ///########================================================== ///########================================================== ///######## IF THE SESSION HAS BEEN WRITTEN IN A SESSION DIRECTORY ///########================================================== ///######## IF ANY SESSION DIR HAS BEEN GIVEN if (self::$sessiondir !== NULL) { ///######## DELETE THE SESSION FILE self::DeleteSessionFile(); } ///########================================================== ///########================================================== ///######## REGENERATE THE SESSION ID AND DELETE THE OLD ONE ///########================================================== session_regenerate_id(); ///########================================================== ///########================================================== ///######## IF THE SESSION STATE IS NOT DESTROY ///########================================================== self::$sessionState = !session_destroy(); ///########================================================== ///########================================================== ///####### RESET THE SESSION ///########================================================== $_SESSION = array(); ///########================================================== ///########================================================== ///####### UNSET THE SESSION ///########================================================== unset($_SESSION); session_unset(); ///########================================================== ///########================================================== ///######## SESSION COOKIE ///########================================================== ///######## IF THE SESSION COOKIE EXISTS if (isset($_COOKIE[self::$SessionName]) === true) { ///######## UNSET THE COOKIE SESSION unset($_COOKIE[self::$SessionName]); } ///######## SET A COOKIE WITH NONSENSE DATA setcookie(self::$SessionName, NULL); ///####### LOWER THE SESSION COOKIE setcookie(self::$SessionName, NULL, time() - 42000, '/'); ///########================================================== ///########================================================== ///######## RETURN THE UNSET SESSION ///########================================================== return !self::$sessionState; ///########================================================== } ///########================================================== ///######## DEFAULT RETURN FALSE ///########================================================== return false; ///########================================================== }
} } } else { if ($victim == "thief") { // Check the counter to see whether they've attacked a thief multiple times in a row. if (SESSION::is_set('counter')) { $counter = SESSION::get('counter'); } else { $counter = 1; } $counter = $counter + 1; SESSION::set('counter', $counter); // Save the current state of the counter. if ($counter > 20 && rand(1, 3) == 3) { // Only after many attacks do you have the chance to be attacked back by the group of theives. SESSION::set('counter', 0); // Reset the counter to zero. echo "<img src='images/scenes/KunitsunaTrainingWithTengu.jpg' alt='' style='width:1000px'>"; echo "<p>A group of tengu thieves is waiting for you. They seem to be angered by your attacks on their brethren.</p>"; $group_attack = rand(50, 150); if (!subtractHealth($username, $group_attack)) { // If the den of theives killed the attacker. echo "<p>The group of theives does {$group_attack} damage to you!</p>"; echo "<p>The group of thieves have avenged their brotherhood and beaten you to a bloody pulp.</p>"; echo "<p>Go to the <a href=\"shrine.php\">shrine</a> to resurrect.</p>"; } else { // The den of thieves didn't accomplish their goal $group_gold = rand(100, 300); if ($group_attack > 120) { // Powerful attack gives an additional disadvantage echo "<p>You overpowered the swine, but the blow to the head they gave you before they ran made you lose some of your memories!</p>";
/** * Log the user out. */ public static function logout() { SESSION::clear('access_token'); }
<?php namespace App\Admin; use App\Session; use App\Admin as AdminClass; require "../../config.php"; require_once "../../vendor/autoload.php"; session_start(); session_regenerate_id(); if (isset($_SESSION['user_id']) && isset($_SESSION['user_name'])) { $hello = "Hello " . SESSION::GetKey('user_name'); } else { die("Unauthorized user"); } ?> <html> <head> <title>Admin page</title> <link rel="stylesheet" type="text/css" href="../../public/css/normalize.css" /> <link rel="stylesheet" type="text/css" href="../../public/css/style.css" /> </head> <body> <div class="wrapper adm"> <h1><?php echo $hello; ?> </h1> <form action="" method="get"> <button type="submit" name="logout" >Logout</button>
if ($gherdazu == 'adabei') { //module_main ($get_vars['menuitem']); //$akt_album = $get_vars['airyal']; /*if ($akt_album == "") $fertigesAlbum = $menuAlbum; else $fertigesAlbum = new airy_album($akt_album, 'fla_airy_files/');*/ //$menuAlbum->airy_init(); echo $menuAlbum->get_html($get_vars); } else { if ($gherdazu == 'tatigern') { $loginerr = true; } else { $loginerr = false; } echo login_formular(SESSION::get('user'), $server_vars['PHP_SELF'], $loginerr); echo <<<FLA \t\t\t <script type="text/javascript"> \t\t\t\t window.onload = function () { \t\t\t\t\t //Loginseite \t\t\t\t\t \tx = document.getElementsByTagName('input')[0]; \t\t\t\t\t\tif (x) {x.focus();}\t \t\t\t\t } \t\t\t\t</script> FLA; } ?> </div> <div id="footer"> <?php
$quickstat = "player"; include SERVER_ROOT . "interface/header.php"; $recent_attack = null; $start_of_attack = microtime(true); $attack_spacing = 0.2; // fraction of a second if (SESSION::is_set('recent_attack')) { $recent_attack = SESSION::get('recent_attack'); } if ($recent_attack && $recent_attack > $start_of_attack - $attack_spacing) { echo "<p>Even the best of ninjas cannot attack that quickly.</p>"; echo "<a href='attack_player.php'>Return to combat</a>"; SESSION::set('recent_attack', $start_of_attack); die; } else { SESSION::set('recent_attack', $start_of_attack); } ?> <span class="brownHeading">Battle Status</span> <hr> <?php // TODO: Turn this page/system into an object to be run. // *** ********* GET VARS FROM POST - OR GET ************* *** $attacked = in('attacked'); // boolean for attacking again $target = $attackee = either(in('target'), in('attackee')); $username = get_username(); // Pulls from an internal source.
$player = get_player_info(); $confirm_delete = false; $profile_changed = false; $profile_max_length = 500; // Should match the limit in limitStatChars.js $delete_attempts = SESSION::is_set('delete_attempts') ? SESSION::get('delete_attempts') : null; if ($deleteAccount) { $verify = false; $verify = is_authentic($username, $passW); if ($verify == true && !$delete_attempts) { // *** Username&password matched, on the first attempt. pauseAccount($username); // This may redirect and stuff? } else { if ($deleteAccount == 2) { SESSION::set('delete_attempts', 1); $error = 'Deleting of account failed, please email ' . SUPPORT_EMAIL; } else { $confirm_delete = true; } } } else { if ($changeprofile == 1) { // Limit the profile length. if ($newprofile != "") { $sql->Update("UPDATE players SET messages = '" . sql($newprofile) . "' WHERE uname = '" . sql($username) . "'"); $affected_rows = $sql->a_rows; $profile_changed = true; } else { $error = "Can not enter a blank profile."; }
public function __construct() { $SESSION = new SESSION(); $this->UserSes = $SESSION->get_session_user(); }
static function render($agent, $liveAgent) { $config_maxage = $CONFIG['maxage']; // Get the calling URI if (isset($_COOKIE['R$'])) { p::$uri = $_COOKIE['R$']; setcookie('R$', '', 1, '/'); // Check the Referer header // T$ starts with 2 when the Referer's confidence is unknown // 1 when it is trusted if (isset($_SERVER['HTTP_REFERER']) && $_COOKIE['R$'] === $_SERVER['HTTP_REFERER']) { if (class_exists('SESSION', false)) { $_COOKIE['T$'] = '1'; s::regenerateId(); } else { self::$antiCsrfToken[0] = '1'; setcookie('T$', self::$antiCsrfToken, 0, $CONFIG['session.cookie_path'], $CONFIG['session.cookie_domain']); } } } else { p::$uri = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : p::$base; } if ($liveAgent) { // The output is both html and js, but iframe transport layer needs html p::$binaryMode = true; header('Content-Type: text/html'); echo '/*<script>/**/q="'; } else { echo 'w('; } p::openMeta($agent); try { if (isset($_GET['T$']) && !p::$antiCsrfMatch) { throw new e\PrivateResource(); } $a = new $agent($_GET); $group = p::closeGroupStage(); if ($is_cacheable = 'POST' !== $_SERVER['REQUEST_METHOD'] && !in_array('private', $group)) { $cagent = p::agentCache($agent, $a->get, 'js.ser', $group); $dagent = p::getContextualCachePath('jsdata.' . $agent, 'js.ser', $cagent); if ($liveAgent) { if (file_exists($dagent)) { if (filemtime($dagent) > $_SERVER['REQUEST_TIME']) { $data = unserialize(file_get_contents($dagent)); p::setMaxage($data['maxage']); p::setExpires($data['expires']); p::writeWatchTable($data['watch']); array_map('header', $data['headers']); p::closeMeta(); echo str_replace(array('\\', '"', '</'), array('\\\\', '\\"', '<\\/'), $data['rawdata']), '"//</script><script src="' . p::__BASE__() . 'js/QJsrsHandler"></script>'; return; } else { @(unlink($cagent) + unlink($dagent)); } } } else { if (file_exists($cagent)) { if (filemtime($cagent) > $_SERVER['REQUEST_TIME']) { $data = unserialize(file_get_contents($cagent)); p::setMaxage($data['maxage']); p::setExpires($data['expires']); p::writeWatchTable($data['watch']); array_map('header', $data['headers']); p::closeMeta(); echo $data['rawdata']; return; } else { @(unlink($cagent) + unlink($dagent)); } } } } ob_start(); ++p::$ob_level; try { $data = (object) $a->compose((object) array()); if (!p::$is_enabled) { p::closeMeta(); return; } $template = $a->getTemplate(); echo '{'; $comma = ''; foreach ($data as $key => $value) { $key = jsquote($key); is_string($key) || ($key = "'" . $key . "'"); echo $comma, $key, ':'; if ($value instanceof \loop) { self::writeAgent($value); } else { echo jsquote($value); } $comma = ','; } echo '}'; } catch (e\PrivateResource $data) { ob_end_clean(); --p::$ob_level; p::closeMeta(); throw $data; } $data = ob_get_clean(); --p::$ob_level; $a->metaCompose(); list($maxage, $group, $expires, $watch, $headers) = p::closeMeta(); } catch (e\PrivateResource $data) { if ($liveAgent) { echo 'false";(window.E||alert)("You must provide an auth token to get this liveAgent:\\n"+', jsquote($_SERVER['REQUEST_URI']), ')'; echo '//</script><script src="' . p::__BASE__() . 'js/QJsrsHandler"></script>'; } else { if ($data->getMessage()) { echo 'w.r(0,' . (int) (!DEBUG) . '));'; } else { echo ');window.E&&E("You must provide an auth token to get this agent:\\n"+', jsquote($_SERVER['REQUEST_URI']), ')'; } } exit; } if ($liveAgent) { echo str_replace(array('\\', '"', '</'), array('\\\\', '\\"', '<\\/'), $data), '"//</script><script src="' . p::__BASE__() . 'js/QJsrsHandler"></script>'; } else { echo $data; } if ('ontouch' === $expires && !($watch || $config_maxage == $maxage)) { $expires = 'auto'; } $expires = 'auto' === $expires && ($watch || $config_maxage == $maxage) ? 'ontouch' : 'onmaxage'; $is_cacheable = $is_cacheable && !in_array('private', $group) && ($maxage || 'ontouch' === $expires); if (!$liveAgent || $is_cacheable) { if ($is_cacheable) { ob_start(); } if ($config_maxage == $maxage && Superloader::$turbo) { $ctemplate = p::getContextualCachePath("templates/{$template}", 'txt'); $readHandle = true; if ($h = p::fopenX($ctemplate, $readHandle)) { p::openMeta('agent__template/' . $template, false); $template = new \ptlCompiler_js($template); echo $template = ',' . $template->compile() . ')'; fwrite($h, $template); flock($h, LOCK_UN); fclose($h); list(, , , $template) = p::closeMeta(); p::writeWatchTable($template, $ctemplate); } else { fpassthru($readHandle); flock($readHandle, LOCK_UN); fclose($readHandle); } $watch[] = 'public/templates/js'; } else { echo ',[1,', jsquote($template), ',0,0,0])'; } if ($is_cacheable) { $ob = true; $template = array('maxage' => $maxage, 'expires' => $expires, 'watch' => $watch, 'headers' => $headers, 'rawdata' => $data); $expires = 'ontouch' === $expires ? $config_maxage : $maxage; if ($h = p::fopenX($dagent)) { fwrite($h, serialize($template)); flock($h, LOCK_UN); fclose($h); touch($dagent, $_SERVER['REQUEST_TIME'] + $expires); p::writeWatchTable($watch, $dagent); } if ($h = p::fopenX($cagent)) { $ob = false; $template['rawdata'] .= $liveAgent ? ob_get_clean() : ob_get_flush(); fwrite($h, serialize($template)); flock($h, LOCK_UN); fclose($h); touch($cagent, $_SERVER['REQUEST_TIME'] + $expires); p::writeWatchTable($watch, $cagent); } if ($ob) { $liveAgent ? ob_end_clean() : ob_end_flush(); } } } }