示例#1
0
 /**
  * Performs basic setup and then calls __init
  *
  * Note that all data received via $_POST have magic quotes removed.
  */
 function installbase()
 {
     stringHandler::removeMagicQuotes($_POST);
     Smarty::Smarty();
     $this->_steps = array('prescan', 'install', 'postscan', 'upgrade');
     $this->assign('version', LOQ_CUR_VERSION);
     $this->template_dir = LOQ_INSTALLER . '/templates';
     $this->setCompileDir();
     $this->loadconfiguration();
     $this->__init();
 }
示例#2
0
 /**
  * Authenticate the user
  * 
  * @param string $user Username
  * @param string $pass Password
  * @param bool   $setcookie If true, set a cookie
  */
 function userauth($user, $pass, $setcookie = FALSE)
 {
     $query = "SELECT `id` FROM `" . T_AUTHORS . "` WHERE `nickname`='" . stringHandler::removeMagicQuotes($user) . "' AND `password`='" . stringHandler::removeMagicQuotes(passwordManager::toSHA1($pass)) . "'";
     $rs = $this->_adb->GetRow($query);
     if ($rs) {
         $_SESSION['user_id'] = $rs[0];
         return true;
     } else {
         return false;
     }
 }
示例#3
0
 /**
  * Returns cleaned user input.
  *
  * Instead of addslashing potential ' and " chars, let's remove them and get
  * rid of any magic quoting which is enabled by default.  Also removes any
  * html tags and ASCII zeros
  *
  * @access  public
  * @param   mixed $var  Could be a string or an arry of strings
  * @return  string      $cleaned result.
  */
 function clean($var)
 {
     if (isset($var)) {
         if (!is_array($var)) {
             $clean = strip_tags($var);
         } else {
             $clean = array_map(array('stringHandler', 'clean'), $var);
         }
     }
     return stringHandler::removeMagicQuotes(stringHandler::trimWhitespace($clean));
 }
示例#4
0
 *
 * @version $Revision$
 */
if (!defined('IN_LOQUACITY')) {
    include_once './config.php';
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $_SERVER['CONTENT_TYPE'] === 'application/x-www-form-urlencoded') {
    $post = null;
    $comment = null;
    if (defined('CLEANURLS')) {
        $url = explode('/', $_SERVER['REQUEST_URI']);
        $num = count($url);
        if ($url[$num - 3] === 'trackback') {
            //a comment id is included
            $post = stringHandler::removeMagicQuotes($url[$num - 2]);
            $comment = stringHandler::removeMagicQuotes($url[$num - 1]);
        } else {
            $post = stringHandler::removeMagicQuotes($url[$num - 1]);
        }
    } else {
        $url = array();
        parse_str(substr($_SERVER['REQUEST_URI'], strpos($_SERVER['REQUEST_URI'], '?') + 1), $url);
        $post = stringHandler::removeMagicQuotes($url['tbpost']);
        if (isset($url['cid'])) {
            $comment = stringHandler::removeMagicQuotes($url['cid']);
        }
    }
    include_once 'includes/trackbackhandler.class.php';
    $th = new trackbackhandler($loq->_adb, $post);
    $th->receiveTrackback($_SERVER['REMOTE_ADDR'], $_POST, $comment);
}
示例#5
0
// include  needed files
include_once SMARTY_DIR . 'Smarty.class.php';
include_once LOQ_APP_ROOT . '3rdparty/adodb/adodb.inc.php';
include_once LOQ_APP_ROOT . 'includes/stringhandler.class.php';
include_once LOQ_APP_ROOT . 'includes/confighandler.class.php';
include_once LOQ_APP_ROOT . 'includes/posthandler.class.php';
include_once LOQ_APP_ROOT . 'includes/commenthandler.class.php';
include_once LOQ_APP_ROOT . 'includes/sectionhandler.class.php';
include_once LOQ_APP_ROOT . 'includes/Loquacity.class.php';
include_once LOQ_APP_ROOT . 'includes/templates.php';
//Remove magic quotes
foreach ($_POST as $key => $val) {
    $_POST[$key] = stringHandler::removeMagicQuotes($val);
}
foreach ($_GET as $key => $val) {
    $_GET[$key] = stringHandler::removeMagicQuotes($val);
}
unset($key);
unset($val);
$loq = new Loquacity();
if (defined(C_CAPTCHA_ENABLE) && C_CAPTCHA_ENABLE == 'true') {
    include_once LOQ_APP_ROOT . '3rdparty/captcha/php-captcha.inc.php';
}
/* $mtime = explode(" ",microtime());
$loq->begintime = $mtime[1] + $mtime[0]; */
/* $loq->template_dir = LOQ_APP_ROOT.'templates/'.C_TEMPLATE;
$loq->compile_dir = LOQ_APP_ROOT.'generated/templates/'; */
if (defined('IN_BBLOG_ADMIN')) {
    $loq->compile_id = 'admin';
    $loq->template_dir = LOQ_APP_ROOT . 'includes/admin_templates';
} else {
示例#6
0
function admin_plugin_links_run(&$loq)
{
    if (isset($_GET['linkdo'])) {
        $linkdo = $_GET['linkdo'];
    } elseif (isset($_POST['linkdo'])) {
        $linkdo = $_POST['linkdo'];
    } else {
        $linkdo = '';
    }
    $linkdo = strtolower($linkdo);
    switch ($linkdo) {
        case "new":
            $link_name = $_POST['nicename'];
            $link_url = $_POST['url'];
            $link_cat = intval($_POST['category']);
            if (strlen($link_name) > 0 && strlen($link_url) > 0 && $link_cat > 0) {
                $maxposition = $loq->_adb->GetOne("select MAX(position) from `" . T_LINKS . "`");
                $position = $maxposition + 10;
                $stmt = $loq->_adb->Prepare('INSERT INTO `' . T_LINKS . '` VALUES(null, ?, ?, ?, ?)');
                $loq->_adb->Execute($stmt, array($link_name, $link_url, $link_cat, $postition));
            }
            break;
        case "delete":
            // delete link
            $loq->_adb->Execute("delete from " . T_LINKS . " where linkid=" . $_POST['linkid']);
            break;
        case "save":
            // update an existing link
            $loq->_adb->Execute("update " . T_LINKS . "\n                set nicename='" . stringHandler::removeMagicQuotes($_POST['nicename']) . "',\n                url='" . stringHandler::removeMagicQuotes($_POST['url']) . "',\n                category='" . stringHandler::removeMagicQuotes($_POST['category']) . "'\n                where linkid=" . $_POST['linkid']);
            break;
        case "up":
            $loq->_adb->Execute("update " . T_LINKS . " set position=position-15 where linkid=" . $_POST['linkid']);
            reorder_links();
            break;
        case "down":
            $loq->_adb->Execute("update " . T_LINKS . " set position=position+15 where linkid=" . $_POST['linkid']);
            reorder_links();
            break;
        default:
            // show form
            break;
    }
    if (isset($_GET['catdo'])) {
        $catdo = $_GET['catdo'];
    } elseif (isset($_POST['catdo'])) {
        $catdo = $_POST['catdo'];
    } else {
        $catdo = '';
    }
    $catod = strtolower($catdo);
    switch ($catdo) {
        case "new":
            // add new category
            $cat_name = $_POST['name'];
            if (strlen($cat_name) > 0) {
                $stmt = $loq->_adb->Prepare('INSERT INTO `' . T_CATEGORIES . '` VALUES(null, ?)');
                $loq->_adb->Execute($stmt, array($cat_name));
            }
            break;
        case "delete":
            // delete category
            // have to remove all references to the category in the links
            $loq->_adb->Execute("update " . T_LINKS . "\n                set linkid=0 where linkid=" . $_POST['categoryid']);
            // delete the category
            $loq->_adb->Execute("delete from " . T_CATEGORIES . " where categoryid=" . $_POST['categoryid']);
            break;
        case "save":
            // update an existing category
            $loq->_adb->Execute("update " . T_CATEGORIES . "\n                set name='" . $_POST['name'] . "'\n                where categoryid=" . $_POST['categoryid']);
            break;
        default:
            // show form
            break;
    }
    $rs = $loq->_adb->Execute("select * from " . T_CATEGORIES);
    if ($rs !== false && !$rs->EOF) {
        $loq->assign('ecategories', $rs->GetRows(-1));
    }
    $rs = $loq->_adb->GetAll("select * from " . T_LINKS . " order by position");
    if (is_array($rs)) {
        $loq->assign('elinks', $rs);
    }
}