mirror of
https://bitbucket.org/jsuto/piler.git
synced 2025-01-23 10:19:58 +01:00
rewrote php session variables
This commit is contained in:
parent
0809b5a514
commit
881a2380e0
@ -17,8 +17,6 @@ $request = new Request();
|
||||
Registry::set("request", $request);
|
||||
|
||||
|
||||
session_start();
|
||||
|
||||
Registry::set('document', new Document());
|
||||
|
||||
|
||||
|
@ -267,7 +267,14 @@ define('NOW', time());
|
||||
|
||||
require_once 'config-site.php';
|
||||
|
||||
if(isset($_SESSION['theme']) && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $_SESSION['theme'])) { $config['THEME'] = $_SESSION['theme']; }
|
||||
require($config['DIR_BASE'] . "/system/registry.php");
|
||||
require($config['DIR_BASE'] . "/system/request.php");
|
||||
|
||||
$session = new Session();
|
||||
Registry::set("session", $session);
|
||||
|
||||
|
||||
if($session->get("theme") && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $session->get("theme"))) { $config['THEME'] = $session->get("theme"); }
|
||||
|
||||
include("system/helper/detectmobilebrowser.php");
|
||||
|
||||
@ -275,7 +282,7 @@ if(MOBILE_DEVICE == 1 || OUTLOOK == 1) { $config['THEME'] = 'mobile'; }
|
||||
|
||||
// make sure auditors are restricted in a saas environment
|
||||
if($config['ENABLE_SAAS'] == 1) { $config['RESTRICTED_AUDITOR'] = 1; }
|
||||
if(isset($_SESSION['username']) && $_SESSION['username'] == 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 0; }
|
||||
if($session->get("username") == 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 0; }
|
||||
|
||||
|
||||
|
||||
|
@ -9,13 +9,15 @@ class ControllerCommonError extends Controller {
|
||||
$this->template = "common/error.tpl";
|
||||
$this->layout = "common/layout";
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$this->document->title = $this->data['text_error'];
|
||||
|
||||
$this->data['errortitle'] = $this->data['text_error'];
|
||||
|
||||
if(isset($_SESSION['error'])){
|
||||
$this->data['errorstring'] = $_SESSION['error'];
|
||||
unset($_SESSION['error']);
|
||||
if($session->get("error")) {
|
||||
$this->data['errorstring'] = $session->get("error");
|
||||
$session->set("error", "");
|
||||
}
|
||||
else {
|
||||
$this->data['errorstring'] = "this is the errorstring";
|
||||
|
@ -14,6 +14,7 @@ class ControllerLoginGoogle extends Controller {
|
||||
$request = Registry::get('request');
|
||||
|
||||
$db = Registry::get('db');
|
||||
$session = Registry::get('session');
|
||||
|
||||
$this->load->model('user/auth');
|
||||
$this->load->model('user/user');
|
||||
@ -44,19 +45,19 @@ class ControllerLoginGoogle extends Controller {
|
||||
|
||||
if(isset($_GET['code'])) {
|
||||
$client->authenticate();
|
||||
$_SESSION['access_token'] = $client->getAccessToken();
|
||||
$session->set("access_token", $client->getAccessToken());
|
||||
header('Location: ' . GOOGLE_REDIRECT_URL);
|
||||
}
|
||||
|
||||
if(isset($_SESSION['access_token'])) {
|
||||
$client->setAccessToken($_SESSION['access_token']);
|
||||
if($session->get("access_token")) {
|
||||
$client->setAccessToken($session->get("access_token"));
|
||||
}
|
||||
|
||||
|
||||
if($client->getAccessToken()) {
|
||||
$_SESSION['access_token'] = $client->getAccessToken();
|
||||
$session->set("access_token", $client->getAccessToken());
|
||||
|
||||
$token = json_decode($_SESSION['access_token']);
|
||||
$token = json_decode($session->get("access_token"));
|
||||
|
||||
if(isset($token->{'access_token'}) && isset($token->{'refresh_token'})) {
|
||||
$account = $oauth2->userinfo->get();
|
||||
|
@ -9,6 +9,7 @@ class ControllerMessageBulkrestore extends Controller {
|
||||
$this->template = "message/bulkrestore.tpl";
|
||||
$this->layout = "common/layout-empty";
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -65,7 +66,7 @@ class ControllerMessageBulkrestore extends Controller {
|
||||
$rcpt = $this->model_search_search->get_message_recipients($id);
|
||||
}
|
||||
else {
|
||||
array_push($rcpt, $_SESSION['email']);
|
||||
array_push($rcpt, $session->get("email"));
|
||||
}
|
||||
|
||||
if(count($rcpt) > 0) {
|
||||
|
@ -10,7 +10,7 @@ class ControllerMessageNote extends Controller {
|
||||
$this->template = "message/note.tpl";
|
||||
$this->layout = "common/layout-empty";
|
||||
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -20,7 +20,7 @@ class ControllerMessageNote extends Controller {
|
||||
if(isset($this->request->post['note']) && isset($this->request->post['id'])) {
|
||||
|
||||
if($this->model_search_search->check_your_permission_by_id($this->request->post['id']) == 1) {
|
||||
$this->model_search_message->add_message_note($this->request->post['id'], $_SESSION['uid'], urldecode($this->request->post['note']));
|
||||
$this->model_search_message->add_message_note($this->request->post['id'], $session->get("uid"), urldecode($this->request->post['note']));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ class ControllerMessageRestore extends Controller {
|
||||
$this->template = "message/restore.tpl";
|
||||
$this->layout = "common/layout-empty";
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -55,7 +56,7 @@ class ControllerMessageRestore extends Controller {
|
||||
/* send the email to all the recipients of the original email if we are admin or auditor users */
|
||||
|
||||
if(Registry::get('auditor_user') == 0) {
|
||||
array_push($rcpt, $_SESSION['email']);
|
||||
array_push($rcpt, $session->get("email"));
|
||||
}
|
||||
|
||||
$this->data['data'] = $this->data['text_failed_to_restore'];
|
||||
|
@ -9,6 +9,7 @@ class ControllerMessageView extends Controller {
|
||||
$this->template = "message/view.tpl";
|
||||
$this->layout = "common/layout-empty";
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -56,7 +57,7 @@ class ControllerMessageView extends Controller {
|
||||
|
||||
|
||||
if($this->request->server['REQUEST_METHOD'] == 'POST' && isset($this->request->post['tag'])) {
|
||||
$this->model_search_message->add_message_tag($this->data['id'], $_SESSION['uid'], $this->request->post['tag']);
|
||||
$this->model_search_message->add_message_tag($this->data['id'], $session->get("uid"), $this->request->post['tag']);
|
||||
header("Location: " . $_SERVER['HTTP_REFERER']);
|
||||
exit;
|
||||
}
|
||||
@ -66,8 +67,8 @@ class ControllerMessageView extends Controller {
|
||||
$this->data['attachments'] = $this->model_search_message->get_attachment_list($this->data['piler_id']);
|
||||
|
||||
$this->data['message'] = $this->model_search_message->extract_message($this->data['piler_id'], $this->data['search']);
|
||||
$this->data['message']['tag'] = $this->model_search_message->get_message_tag($this->data['id'], $_SESSION['uid']);
|
||||
$this->data['message']['note'] = $this->model_search_message->get_message_note($this->data['id'], $_SESSION['uid']);
|
||||
$this->data['message']['tag'] = $this->model_search_message->get_message_tag($this->data['id'], $session->get("uid"));
|
||||
$this->data['message']['note'] = $this->model_search_message->get_message_note($this->data['id'], $session->get("uid"));
|
||||
|
||||
$this->data['images'] = array();
|
||||
|
||||
|
@ -8,6 +8,7 @@ class ControllerSearchFolder extends Controller {
|
||||
$this->id = "folder";
|
||||
$this->template = "search/folder.tpl";
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -16,7 +17,7 @@ class ControllerSearchFolder extends Controller {
|
||||
$this->data['folders'] = $this->model_folder_folder->get_folders_for_user();
|
||||
$this->data['extra_folders'] = $this->model_folder_folder->get_extra_folders_for_user();
|
||||
|
||||
$this->data['folders_by_hier'] = $this->model_folder_folder->get_all_folder_ids_hier($_SESSION['uid']);
|
||||
$this->data['folders_by_hier'] = $this->model_folder_folder->get_all_folder_ids_hier($session->get("uid"));
|
||||
|
||||
$this->render();
|
||||
}
|
||||
|
@ -11,6 +11,7 @@ class ControllerSearchTag extends Controller {
|
||||
$this->layout = "common/layout-empty";
|
||||
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -29,7 +30,7 @@ class ControllerSearchTag extends Controller {
|
||||
for($i=0; $i<count($ids); $i++) { $q .= ",?"; }
|
||||
$q = preg_replace("/^\,/", "", $q);
|
||||
|
||||
$this->model_search_message->bulk_add_message_tag($ids, $_SESSION['uid'], urldecode($this->request->post['tag']), $q);
|
||||
$this->model_search_message->bulk_add_message_tag($ids, $session->get("uid"), urldecode($this->request->post['tag']), $q);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -11,7 +11,7 @@ class ControllerUserAdd extends Controller {
|
||||
$this->template = "user/add.tpl";
|
||||
$this->layout = "common/layout";
|
||||
|
||||
|
||||
$session = Registry::get('session');
|
||||
$request = Registry::get('request');
|
||||
$db = Registry::get('db');
|
||||
|
||||
@ -40,7 +40,7 @@ class ControllerUserAdd extends Controller {
|
||||
if($this->validate() == true){
|
||||
$ret = $this->model_user_user->add_user($this->request->post);
|
||||
|
||||
$_SESSION['last_domain'] = $this->request->post['domain'];
|
||||
$session->set("last_domain", $this->request->post['domain']);
|
||||
|
||||
if($ret == 1){
|
||||
$this->data['x'] = $this->data['text_successfully_added'];
|
||||
@ -73,6 +73,8 @@ class ControllerUserAdd extends Controller {
|
||||
$this->data['errorstring'] = $this->data['text_you_are_not_admin'];
|
||||
}
|
||||
|
||||
$this->data['last_domain'] = $session->get("last_domain");
|
||||
|
||||
$this->render();
|
||||
}
|
||||
|
||||
|
@ -30,17 +30,21 @@ class ControllerUserSettings extends Controller {
|
||||
$d = $r = '';
|
||||
$auditemails = $auditdomains = $auditgroups = $auditfolders = '';
|
||||
|
||||
$auditemails = implode(", ", $_SESSION['emails']);
|
||||
|
||||
foreach($_SESSION['auditdomains'] as $d) {
|
||||
$auditdomains .= ', '.$d;
|
||||
$auditemails = implode(", ", $session->get("emails"));
|
||||
|
||||
$_auditdomains = $session->get("auditdomains");
|
||||
|
||||
foreach($_auditdomains as $d) {
|
||||
$auditdomains .= ', ' . $d;
|
||||
}
|
||||
$auditdomains = preg_replace("/^,\s/", "", $auditdomains);
|
||||
|
||||
$auditgroups = preg_replace("/\s/", ", ", $this->model_group_group->get_groups_by_uid($_SESSION['uid']));
|
||||
$auditgroups = preg_replace("/\s/", ", ", $this->model_group_group->get_groups_by_uid($session->get("uid")));
|
||||
|
||||
$folders = $session->get("folders");
|
||||
|
||||
foreach ($_SESSION['folders'] as $r) {
|
||||
$auditfolders .= ', '.$r;
|
||||
foreach ($folders as $r) {
|
||||
$auditfolders .= ', ' . $r;
|
||||
}
|
||||
$auditfolders = preg_replace("/^,\s/", "", $auditfolders);
|
||||
|
||||
@ -76,6 +80,8 @@ class ControllerUserSettings extends Controller {
|
||||
|
||||
|
||||
$this->data['page_len'] = get_page_length();
|
||||
$this->data['theme'] = $session->get("theme");
|
||||
$this->data['lang'] = $session->get("lang");
|
||||
|
||||
$this->render();
|
||||
}
|
||||
|
@ -1,15 +1,9 @@
|
||||
<?php
|
||||
|
||||
session_start();
|
||||
|
||||
|
||||
require_once("config.php");
|
||||
|
||||
require(DIR_SYSTEM . "/startup.php");
|
||||
|
||||
$session = new Session();
|
||||
Registry::set("session", $session);
|
||||
|
||||
$request = new Request();
|
||||
Registry::set("request", $request);
|
||||
|
||||
|
@ -196,8 +196,12 @@ class ModelAccountingAccounting extends Model
|
||||
|
||||
private function __getEmails() {
|
||||
$return = array();
|
||||
array_push($return,$_SESSION['email']);
|
||||
foreach ($_SESSION['emails'] as $e) {
|
||||
$session = Registry::get('session');
|
||||
|
||||
array_push($return, $session->get("email"));
|
||||
$emails = $session->get("emails");
|
||||
|
||||
foreach ($emails as $e) {
|
||||
array_push($return,$e);
|
||||
}
|
||||
|
||||
@ -206,12 +210,15 @@ class ModelAccountingAccounting extends Model
|
||||
|
||||
private function __getDomains() {
|
||||
$return = array();
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
if(Registry::get('admin_user') >= 1) {
|
||||
$return = $this->__getAcceptedDomains();
|
||||
}elseif(Registry::get('auditor_user') == 1) {
|
||||
array_push($return,$_SESSION['domain']);
|
||||
foreach ($_SESSION['auditdomains'] as $d) {
|
||||
array_push($return, $session->get("domain"));
|
||||
$auditdomains = $session->get("auditdomains");
|
||||
|
||||
foreach ($auditdomains as $d) {
|
||||
array_push($return,$d);
|
||||
}
|
||||
}
|
||||
|
@ -12,6 +12,7 @@ class ModelAuditAudit extends Model {
|
||||
$date1 = $date2 = 0;
|
||||
$q = '';
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($data['sort'] == "user") { $sort = "email"; }
|
||||
if($data['sort'] == "ipaddr") { $sort = "ipaddr"; }
|
||||
@ -40,7 +41,9 @@ class ModelAuditAudit extends Model {
|
||||
}
|
||||
|
||||
if(Registry::get('admin_user') == 0 && RESTRICTED_AUDITOR == 1) {
|
||||
while(list($k, $v) = each($_SESSION['auditdomains'])) {
|
||||
$auditdomains = $session->get("auditdomains");
|
||||
|
||||
while(list($k, $v) = each($auditdomains)) {
|
||||
if($q) { $q .= ","; }
|
||||
$q .= "?";
|
||||
array_push($arr, $v);
|
||||
@ -48,7 +51,7 @@ class ModelAuditAudit extends Model {
|
||||
|
||||
$where .= " AND domain IN ($q) ";
|
||||
|
||||
reset($_SESSION['auditdomains']);
|
||||
reset($session->get("auditdomains"));
|
||||
}
|
||||
|
||||
|
||||
|
@ -43,10 +43,12 @@ class ModelFolderFolder extends Model {
|
||||
|
||||
|
||||
public function get_folders_for_user() {
|
||||
$q = str_repeat("?,", count($_SESSION['folders']));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$q = str_repeat("?,", count($session->get("folders")));
|
||||
$q = preg_replace("/\,$/", "", $q);
|
||||
|
||||
$query = $this->db->query("SELECT `id`, `name` FROM `" . TABLE_FOLDER . "` WHERE id IN ($q)", $_SESSION['folders']);
|
||||
$query = $this->db->query("SELECT `id`, `name` FROM `" . TABLE_FOLDER . "` WHERE id IN ($q)", $session->get("folders"));
|
||||
|
||||
if(isset($query->rows)) { return $query->rows; }
|
||||
|
||||
@ -55,7 +57,9 @@ class ModelFolderFolder extends Model {
|
||||
|
||||
|
||||
public function get_extra_folders_for_user() {
|
||||
$query = $this->db->query("SELECT `id`, `name` FROM `" . TABLE_FOLDER_EXTRA . "` WHERE uid=? ORDER BY name", array($_SESSION['uid']));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT `id`, `name` FROM `" . TABLE_FOLDER_EXTRA . "` WHERE uid=? ORDER BY name", array($session->get("uid")));
|
||||
|
||||
if(isset($query->rows)) { return $query->rows; }
|
||||
|
||||
@ -64,7 +68,9 @@ class ModelFolderFolder extends Model {
|
||||
|
||||
|
||||
private function is_your_extra_folder($folder_id = 0) {
|
||||
$query = $this->db->query("SELECT `id` FROM `" . TABLE_FOLDER_EXTRA . "` WHERE uid=? AND id=?", array($_SESSION['uid'], $folder_id));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT `id` FROM `" . TABLE_FOLDER_EXTRA . "` WHERE uid=? AND id=?", array($session->get("uid"), $folder_id));
|
||||
if(isset($query->row['id'])) { return 1; }
|
||||
|
||||
return 0;
|
||||
@ -187,11 +193,15 @@ class ModelFolderFolder extends Model {
|
||||
public function add_extra_folder($name = '') {
|
||||
if($name == '') { return -1; }
|
||||
|
||||
$query = $this->db->query("INSERT INTO " . TABLE_FOLDER_EXTRA . " (uid, name) VALUES(?,?)", array($_SESSION['uid'], $name));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("INSERT INTO " . TABLE_FOLDER_EXTRA . " (uid, name) VALUES(?,?)", array($session->get("uid"), $name));
|
||||
|
||||
$last_id = $this->db->getLastId();
|
||||
|
||||
if(!isset($_SESSION['extra_folders'][$last_id])) { array_push($_SESSION['extra_folders'], $last_id); }
|
||||
$extra_folders = $session->get("extra_folders");
|
||||
|
||||
if(!isset($extra_folders[$last_id])) { array_push($extra_folders, $last_id); }
|
||||
|
||||
return $this->db->countAffected();
|
||||
}
|
||||
@ -200,7 +210,9 @@ class ModelFolderFolder extends Model {
|
||||
public function remove_extra_folder($id = 0) {
|
||||
if($id == 0) { return -1; }
|
||||
|
||||
$query = $this->db->query("DELETE FROM " . TABLE_FOLDER_EXTRA . " WHERE id=? AND uid=?", array($id, $_SESSION['uid']));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("DELETE FROM " . TABLE_FOLDER_EXTRA . " WHERE id=? AND uid=?", array($id, $session->get("uid")));
|
||||
if($this->db->countAffected() == 1) {
|
||||
$query = $this->db->query("DELETE FROM " . TABLE_FOLDER_MESSAGE . " WHERE folder_id=?", array($id));
|
||||
return $this->db->countAffected();
|
||||
|
@ -54,8 +54,10 @@ class ModelMailMail extends Model {
|
||||
public function connect_imap() {
|
||||
$this->imap = new Zend_Mail_Protocol_Imap(IMAP_HOST, IMAP_PORT, IMAP_SSL);
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($this->imap) {
|
||||
if($this->imap->login($_SESSION['username'], $_SESSION['password'])) { return 1; }
|
||||
if($this->imap->login($session->get("username"), $session->get("password"))) { return 1; }
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
@ -93,9 +93,12 @@ class ModelSaasCustomer extends Model
|
||||
);
|
||||
|
||||
|
||||
if(!isset($_SESSION['email']) || !strchr($_SESSION['email'], '@') ) { return $data; }
|
||||
$session = Registry::get('session');
|
||||
|
||||
list ($user, $domain) = explode("@", $_SESSION['email']);
|
||||
|
||||
if($session->get("email") == '' || !strchr($session->get("email"), '@') ) { return $data; }
|
||||
|
||||
list ($user, $domain) = explode("@", $session->get("email"));
|
||||
|
||||
if(MEMCACHED_ENABLED) {
|
||||
$cache_key = sha1("customer_settings:" . $domain);
|
||||
|
@ -129,6 +129,7 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
$emailfilter = $this->assemble_email_address_filter();
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
|
||||
$i = 0;
|
||||
@ -194,7 +195,7 @@ class ModelSearchSearch extends Model {
|
||||
if(ENABLE_FOLDER_RESTRICTIONS == 1) {
|
||||
$s = explode(" ", $data['folders']);
|
||||
while(list($k,$v) = each($s)) {
|
||||
if(in_array($v, $_SESSION['folders'])) {
|
||||
if(in_array($v, $session->get("folders"))) {
|
||||
array_push($__folders, $v);
|
||||
}
|
||||
}
|
||||
@ -203,7 +204,7 @@ class ModelSearchSearch extends Model {
|
||||
$folders = "folder IN (" . implode(",", $__folders) . ") AND ";
|
||||
}
|
||||
else {
|
||||
$folders = "folder IN (" . implode(",", $_SESSION['folders']) . ") AND ";
|
||||
$folders = "folder IN (" . implode(",", $session->get("folders")) . ") AND ";
|
||||
}
|
||||
}
|
||||
|
||||
@ -275,6 +276,8 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
if($reference == '') { return $ids; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT id FROM " . TABLE_META . " WHERE message_id=? OR reference=? ORDER BY id DESC", array($reference, $reference));
|
||||
|
||||
foreach($query->rows as $q) {
|
||||
@ -285,7 +288,7 @@ class ModelSearchSearch extends Model {
|
||||
$query = $this->sphx->query("SELECT id, folder FROM " . SPHINX_MAIN_INDEX . " WHERE id IN (" . implode(",", $ids) . ")");
|
||||
$ids = array();
|
||||
foreach($query->rows as $q) {
|
||||
if(isset($q['folder']) && in_array($q['folder'], $_SESSION['folders'])) { array_push($ids, $q['id']); }
|
||||
if(isset($q['folder']) && in_array($q['folder'], $session->get("folders"))) { array_push($ids, $q['id']); }
|
||||
}
|
||||
}
|
||||
|
||||
@ -302,9 +305,11 @@ class ModelSearchSearch extends Model {
|
||||
private function get_sphinx_id_list($s = '', $sphx_table = '', $field = '') {
|
||||
$id_list = '';
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$s = $this->fixup_sphinx_operators($s);
|
||||
|
||||
$q = $this->sphx->query("SELECT id FROM $sphx_table WHERE uid=" . $_SESSION['uid'] . " AND MATCH('@$field $s') ");
|
||||
$q = $this->sphx->query("SELECT id FROM $sphx_table WHERE uid=" . $session->get("uid") . " AND MATCH('@$field $s') ");
|
||||
|
||||
foreach($q->rows as $a) {
|
||||
$id_list .= "," . $a['id'];
|
||||
@ -321,9 +326,11 @@ class ModelSearchSearch extends Model {
|
||||
$q = '';
|
||||
$__folders = array();
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$s = explode(" ", $extra_folders);
|
||||
while(list($k,$v) = each($s)) {
|
||||
if(in_array($v, $_SESSION['extra_folders']) && is_numeric($v)) {
|
||||
if(in_array($v, $session->get("extra_folders")) && is_numeric($v)) {
|
||||
array_push($__folders, $v);
|
||||
if($q) { $q .= ",?"; }
|
||||
else { $q = "?"; }
|
||||
@ -358,6 +365,8 @@ class ModelSearchSearch extends Model {
|
||||
if(isset($m['meta'])) { return unserialize($m['meta']); }
|
||||
}
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT `id`, `to` FROM `" . TABLE_RCPT . "` WHERE `id` IN ($q)", $ids);
|
||||
|
||||
if(isset($query->rows)) {
|
||||
@ -377,7 +386,7 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
if(isset($query->rows)) {
|
||||
|
||||
array_unshift($ids, (int)$_SESSION['uid']);
|
||||
array_unshift($ids, (int)$session->get("uid"));
|
||||
|
||||
$tags = $this->db->query("SELECT `id`, `tag` FROM `" . TABLE_TAG . "` WHERE `uid`=? AND `id` IN ($q)", $ids);
|
||||
|
||||
@ -413,7 +422,7 @@ class ModelSearchSearch extends Model {
|
||||
$m['date'] = date(DATE_TEMPLATE, $m['sent']);
|
||||
$m['size'] = nice_size($m['size']);
|
||||
|
||||
in_array($m['from'], $_SESSION['emails']) ? $m['yousent'] = 1 : $m['yousent'] = 0;
|
||||
in_array($m['from'], $session->get("emails")) ? $m['yousent'] = 1 : $m['yousent'] = 0;
|
||||
|
||||
/*
|
||||
* verifying 20 messages takes some time, still it's useful
|
||||
@ -514,7 +523,11 @@ class ModelSearchSearch extends Model {
|
||||
private function get_all_your_address() {
|
||||
$s = '';
|
||||
|
||||
while(list($k, $v) = each($_SESSION['emails'])) {
|
||||
$session = Registry::get('session');
|
||||
|
||||
$emails = $session->get("emails");
|
||||
|
||||
while(list($k, $v) = each($emails)) {
|
||||
if($s) { $s .= '| ' . $this->fix_email_address_for_sphinx($v); }
|
||||
else { $s = $this->fix_email_address_for_sphinx($v); }
|
||||
}
|
||||
@ -531,15 +544,19 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 0) { return 1; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
array_push($arr, $id);
|
||||
|
||||
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
|
||||
if(validdomain($_SESSION['domain']) == 1) {
|
||||
if(validdomain($session->get("domain")) == 1) {
|
||||
$q .= ",?";
|
||||
array_push($a, $_SESSION['domain']);
|
||||
array_push($a, $session->get("domain"));
|
||||
}
|
||||
|
||||
while(list($k, $v) = each($_SESSION['auditdomains'])) {
|
||||
$auditdomains = $session->get("auditdomains");
|
||||
|
||||
while(list($k, $v) = each($auditdomains)) {
|
||||
if(validdomain($v) == 1 && !in_array($v, $a)) {
|
||||
$q .= ",?";
|
||||
array_push($a, $v);
|
||||
@ -547,7 +564,9 @@ class ModelSearchSearch extends Model {
|
||||
}
|
||||
}
|
||||
else {
|
||||
while(list($k, $v) = each($_SESSION['emails'])) {
|
||||
$emails = $session->get("emails");
|
||||
|
||||
while(list($k, $v) = each($emails)) {
|
||||
if(validemail($v) == 1) {
|
||||
$q .= ",?";
|
||||
array_push($a, $v);
|
||||
@ -561,7 +580,7 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
if(ENABLE_FOLDER_RESTRICTIONS == 1) {
|
||||
$query = $this->sphx->query("SELECT folder FROM " . SPHINX_MAIN_INDEX . " WHERE id=" . (int)$id);
|
||||
if(isset($query->row['folder']) && in_array($query->row['folder'], $_SESSION['folders'])) { return 1; }
|
||||
if(isset($query->row['folder']) && in_array($query->row['folder'], $session->get("folders"))) { return 1; }
|
||||
}
|
||||
else {
|
||||
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
|
||||
@ -583,6 +602,8 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
if(count($id) < 1) { return $result; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$arr = $id;
|
||||
|
||||
for($i=0; $i<count($id); $i++) {
|
||||
@ -593,12 +614,14 @@ class ModelSearchSearch extends Model {
|
||||
$q2 = preg_replace("/^\,/", "", $q2);
|
||||
|
||||
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
|
||||
if(validdomain($_SESSION['domain']) == 1) {
|
||||
if(validdomain($session->get("domain")) == 1) {
|
||||
$q .= ",?";
|
||||
array_push($a, $_SESSION['domain']);
|
||||
array_push($a, $session->get("domain"));
|
||||
}
|
||||
|
||||
while(list($k, $v) = each($_SESSION['auditdomains'])) {
|
||||
$auditdomains = $session->get("auditdomains");
|
||||
|
||||
while(list($k, $v) = each($auditdomains)) {
|
||||
if(validdomain($v) == 1 && !in_array($v, $a)) {
|
||||
$q .= ",?";
|
||||
array_push($a, $v);
|
||||
@ -607,7 +630,9 @@ class ModelSearchSearch extends Model {
|
||||
}
|
||||
else {
|
||||
if(Registry::get('auditor_user') == 0) {
|
||||
while(list($k, $v) = each($_SESSION['emails'])) {
|
||||
$emails = $session->get("emails");
|
||||
|
||||
while(list($k, $v) = each($emails)) {
|
||||
if(validemail($v) == 1) {
|
||||
$q .= ",?";
|
||||
array_push($a, $v);
|
||||
@ -641,7 +666,7 @@ class ModelSearchSearch extends Model {
|
||||
if($query->num_rows > 0) {
|
||||
foreach ($query->rows as $q) {
|
||||
if(ENABLE_FOLDER_RESTRICTIONS == 1) {
|
||||
if(in_array($q['folder'], $_SESSION['folders'])) { array_push($result, $q['id']); }
|
||||
if(in_array($q['folder'], $session->get("folders"))) { array_push($result, $q['id']); }
|
||||
}
|
||||
else {
|
||||
array_push($result, $q['id']);
|
||||
@ -660,8 +685,9 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
|
||||
public function get_search_terms() {
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT term, ts FROM " . TABLE_SEARCH . " WHERE email=? ORDER BY ts DESC", array($_SESSION['email']));
|
||||
$query = $this->db->query("SELECT term, ts FROM " . TABLE_SEARCH . " WHERE email=? ORDER BY ts DESC", array($session->get("email")));
|
||||
if(isset($query->rows)) { return $query->rows; }
|
||||
|
||||
return array();
|
||||
@ -671,12 +697,14 @@ class ModelSearchSearch extends Model {
|
||||
public function add_search_term($term = '') {
|
||||
if($term == '') { return 0; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
parse_str($term, $s);
|
||||
if(!isset($s['search']) || $s['search'] == '') { return 0; }
|
||||
|
||||
if($this->update_search_term($term) == 0) {
|
||||
AUDIT(ACTION_SAVE_SEARCH, '', '', '', $term);
|
||||
$query = $this->db->query("INSERT INTO " . TABLE_SEARCH . " (email, ts, term) VALUES(?,?,?)", array($_SESSION['email'], time(), $term));
|
||||
$query = $this->db->query("INSERT INTO " . TABLE_SEARCH . " (email, ts, term) VALUES(?,?,?)", array($session->get("email"), time(), $term));
|
||||
}
|
||||
|
||||
return 1;
|
||||
@ -688,14 +716,18 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
AUDIT(ACTION_SEARCH, '', '', '', $term);
|
||||
|
||||
$query = $this->db->query("UPDATE " . TABLE_SEARCH . " SET ts=? WHERE term=? AND email=?", array(time(), $term, $_SESSION['email']));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("UPDATE " . TABLE_SEARCH . " SET ts=? WHERE term=? AND email=?", array(time(), $term, $session->get("email")));
|
||||
|
||||
return $this->db->countAffected();
|
||||
}
|
||||
|
||||
|
||||
public function remove_search_term($ts = 0) {
|
||||
$query = $this->db->query("DELETE FROM " . TABLE_SEARCH . " WHERE email=? AND ts=?", array($_SESSION['email'], $ts));
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("DELETE FROM " . TABLE_SEARCH . " WHERE email=? AND ts=?", array($session->get("email"), $ts));
|
||||
}
|
||||
|
||||
|
||||
@ -736,6 +768,7 @@ class ModelSearchSearch extends Model {
|
||||
|
||||
private function make_cache_file_name($data = array(), $sortorder = '') {
|
||||
$s = '';
|
||||
$session = Registry::get('session');
|
||||
|
||||
while(list($k, $v) = each($data)) {
|
||||
if($v) {
|
||||
@ -744,7 +777,7 @@ class ModelSearchSearch extends Model {
|
||||
}
|
||||
}
|
||||
|
||||
return sha1($_SESSION['email'] . "/" . $s . "-" . (NOW - NOW % 3600) . "-" . $sortorder);
|
||||
return sha1($session->get("email") . "/" . $s . "-" . (NOW - NOW % 3600) . "-" . $sortorder);
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -7,6 +7,8 @@ class ModelStatChart extends Model {
|
||||
$ydata2 = array();
|
||||
$dates = array();
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$chart = new LineChart($size_x, $size_y);
|
||||
|
||||
$chart->getPlot()->getPalette()->setLineColor(array(
|
||||
@ -35,11 +37,13 @@ class ModelStatChart extends Model {
|
||||
if(Registry::get('admin_user') == 0) {
|
||||
|
||||
$q = '';
|
||||
foreach($_SESSION['auditdomains'] as $a) {
|
||||
$auditdomains = $session->get('auditdomains');
|
||||
|
||||
foreach($auditdomains as $a) {
|
||||
if($q) { $q .= ",?"; } else { $q = "?"; }
|
||||
}
|
||||
reset($_SESSION['auditdomains']);
|
||||
$query = $this->db->query("select arrived-(arrived%$delta) as ts, count(*) as num from " . VIEW_MESSAGES . " where arrived > $range AND todomain IN ($q) $domains $grouping ORDER BY ts DESC limit $limit", $_SESSION['auditdomains']);
|
||||
reset($auditdomains);
|
||||
$query = $this->db->query("select arrived-(arrived%$delta) as ts, count(*) as num from " . VIEW_MESSAGES . " where arrived > $range AND todomain IN ($q) $domains $grouping ORDER BY ts DESC limit $limit", $auditdomains);
|
||||
} else {
|
||||
$query = $this->db->query("select arrived-(arrived%$delta) as ts, count(*) as num from " . TABLE_META . " where arrived > $range $grouping ORDER BY ts DESC limit $limit");
|
||||
}
|
||||
|
@ -4,6 +4,8 @@ class ModelUserGoogle extends Model {
|
||||
|
||||
public function check_for_account($google_account = array()) {
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT " . TABLE_USER . ".username, " . TABLE_USER . ".uid, " . TABLE_USER . ".realname, " . TABLE_USER . ".dn, " . TABLE_USER . ".password, " . TABLE_USER . ".isadmin, " . TABLE_USER . ".domain FROM " . TABLE_USER . ", " . TABLE_EMAIL . " WHERE " . TABLE_EMAIL . ".email=? AND " . TABLE_EMAIL . ".uid=" . TABLE_USER . ".uid", array($google_account['email']));
|
||||
|
||||
if($query->num_rows == 1) {
|
||||
@ -39,16 +41,16 @@ class ModelUserGoogle extends Model {
|
||||
$this->model_domain_domain->addDomain($user['domain'], $user['domain']);
|
||||
}
|
||||
|
||||
$_SESSION['username'] = $user['username'];
|
||||
$_SESSION['uid'] = $user['uid'];
|
||||
$_SESSION['admin_user'] = 0;
|
||||
$_SESSION['email'] = $user['username'];
|
||||
$_SESSION['domain'] = $query->row['domain'];
|
||||
$_SESSION['realname'] = $query->row['realname'];
|
||||
$session->set("username", $user['username']);
|
||||
$session->set("uid", $user['uid']);
|
||||
$session->set("admin_user", 0);
|
||||
$session->set("email", $user['username']);
|
||||
$session->set("domain", $query->row['domain']);
|
||||
$session->set("realname", $query->row['realname']);
|
||||
|
||||
$_SESSION['emails'] = $this->model_user_user->get_users_all_email_addresses($user['uid']);
|
||||
$_SESSION['folders'] = $this->model_folder_folder->get_all_folder_ids($user['uid']);
|
||||
$_SESSION['extra_folders'] = $this->model_folder_folder->get_all_extra_folder_ids($user['uid']);
|
||||
$session->set("emails", $this->model_user_user->get_users_all_email_addresses($user['uid']));
|
||||
$session->set("folders", $this->model_folder_folder->get_all_folder_ids($user['uid']));
|
||||
$session->set("extra_folders", $this->model_folder_folder->get_all_extra_folder_ids($user['uid']));
|
||||
|
||||
AUDIT(ACTION_LOGIN, $user['username'], '', '', 'successful auth against Google');
|
||||
|
||||
|
@ -5,11 +5,13 @@ class ModelUserPrefs extends Model {
|
||||
public function get_user_preferences($username = '') {
|
||||
if($username == "") { return 0; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT * FROM " . TABLE_USER_SETTINGS . " WHERE username=?", array($username));
|
||||
|
||||
if(isset($query->row['pagelen'])) { $_SESSION['pagelen'] = $query->row['pagelen']; } else { $_SESSION['pagelen'] = PAGE_LEN; }
|
||||
if(isset($query->row['theme'])) { $_SESSION['theme'] = $query->row['theme']; } else { $_SESSION['theme'] = THEME; }
|
||||
if(isset($query->row['lang'])) { $_SESSION['lang'] = $query->row['lang']; } else { $_SESSION['lang'] = DEFAULT_LANG; }
|
||||
if(isset($query->row['pagelen'])) { $session->set("pagelen", $query->row['pagelen']); } else { $session->set("pagelen", PAGE_LEN); }
|
||||
if(isset($query->row['theme'])) { $session->set("theme", $query->row['theme']); } else { $session->set("theme", THEME); }
|
||||
if(isset($query->row['lang'])) { $session->set("lang", $query->row['lang']); } else { $session->set("lang", DEFAULT_LANG); }
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -20,6 +22,8 @@ class ModelUserPrefs extends Model {
|
||||
if(!isset($prefs['pagelen']) || !is_numeric($prefs['pagelen']) || $prefs['pagelen'] < 10 || $prefs['pagelen'] > 100
|
||||
|| !isset($prefs['theme']) || !preg_match("/^([a-zA-Z0-9\-\_]+)$/", $prefs['theme']) || !file_exists(DIR_THEME . $prefs['theme']) ) { return 1; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
$query = $this->db->query("SELECT COUNT(*) AS num FROM " . TABLE_USER_SETTINGS . " WHERE username=?", array($username));
|
||||
|
||||
if((int)@$query->row['num'] == 1) {
|
||||
@ -30,9 +34,9 @@ class ModelUserPrefs extends Model {
|
||||
}
|
||||
|
||||
|
||||
$_SESSION['pagelen'] = $prefs['pagelen'];
|
||||
$_SESSION['theme'] = $prefs['theme'];
|
||||
$_SESSION['lang'] = $prefs['lang'];
|
||||
$session->set("pagelen", $prefs['pagelen']);
|
||||
$session->set("theme", $prefs['theme']);
|
||||
$session->set("lang", $prefs['lang']);
|
||||
|
||||
LOGGER("set user preference", $username);
|
||||
|
||||
|
@ -85,7 +85,9 @@ class ModelUserUser extends Model {
|
||||
public function get_users_all_domains($uid = 0) {
|
||||
$data = array();
|
||||
|
||||
array_push($data, $_SESSION['domain']);
|
||||
$session = Registry::get('session');
|
||||
|
||||
array_push($data, $session->get('domain'));
|
||||
|
||||
if($uid > 0) {
|
||||
$query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN_USER . " WHERE uid=?", array((int)$uid));
|
||||
|
@ -1,13 +1,9 @@
|
||||
<?php
|
||||
|
||||
session_start();
|
||||
|
||||
|
||||
require_once("config.php");
|
||||
|
||||
require(DIR_SYSTEM . "/startup.php");
|
||||
|
||||
$session = new Session();
|
||||
$loader = new Loader();
|
||||
$language = new Language();
|
||||
|
||||
|
@ -1,13 +0,0 @@
|
||||
<!-- The following is example HTML that can be used on your form -->
|
||||
|
||||
<p>
|
||||
<img id="siimage" style="border: 1px solid #000; margin-right: 15px" src="./securimage_show.php?sid=<?php echo md5(uniqid()) ?>" alt="CAPTCHA Image" align="left">
|
||||
<object type="application/x-shockwave-flash" data="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" height="32" width="32">
|
||||
<param name="movie" value="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" />
|
||||
</object>
|
||||
|
||||
<a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false"><img src="./images/refresh.png" alt="Reload Image" onclick="this.blur()" align="bottom" border="0"></a><br />
|
||||
<strong>Enter Code*:</strong><br />
|
||||
<input type="text" name="ct_captcha" size="12" maxlength="16" />
|
||||
</p>
|
||||
|
@ -1,207 +0,0 @@
|
||||
<?php
|
||||
session_start(); // this MUST be called prior to any output including whitespaces and line breaks!
|
||||
|
||||
$GLOBALS['ct_recipient'] = 'YOU@EXAMPLE.COM'; // Change to your email address!
|
||||
$GLOBALS['ct_msg_subject'] = 'Securimage Test Contact Form';
|
||||
|
||||
$GLOBALS['DEBUG_MODE'] = 1;
|
||||
// CHANGE TO 0 TO TURN OFF DEBUG MODE
|
||||
// IN DEBUG MODE, ONLY THE CAPTCHA CODE IS VALIDATED, AND NO EMAIL IS SENT
|
||||
|
||||
|
||||
// Process the form, if it was submitted
|
||||
process_si_contact_form();
|
||||
|
||||
?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
|
||||
<title>Securimage Example Form</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
#success_message { border: 1px solid #000; width: 550px; text-align: left; padding: 10px 7px; background: #33ff33; color: #000; font-weight; bold; font-size: 1.2em; border-radius: 4px; -moz-border-radius: 4px; -webkit-border-radius: 4px; }
|
||||
fieldset { width: 90%; }
|
||||
legend { font-size: 24px; }
|
||||
.note { font-size: 18px; }
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<fieldset>
|
||||
<legend>Example Form</legend>
|
||||
|
||||
<p class="note">
|
||||
This is an example PHP form that processes user information, checks for errors, and validates the captcha code.<br />
|
||||
This example form also demonstrates how to submit a form to itself to display error messages.
|
||||
</p>
|
||||
|
||||
<div id="success_message" style="display: none">Your message has been sent!<br />We will contact you as soon as possible.</div>
|
||||
|
||||
<form method="post" action="" id="contact_form" onsubmit="return processForm()">
|
||||
<input type="hidden" name="do" value="contact" />
|
||||
|
||||
<p>
|
||||
<strong>Name*:</strong><br />
|
||||
<input type="text" name="ct_name" size="35" value="" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<strong>Email*:</strong><br />
|
||||
<input type="text" name="ct_email" size="35" value="" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<strong>URL:</strong><br />
|
||||
<input type="text" name="ct_URL" size="35" value="" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<strong>Message*:</strong><br />
|
||||
<textarea name="ct_message" rows="12" cols="60"></textarea>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<img id="siimage" style="border: 1px solid #000; margin-right: 15px" src="./securimage_show.php?sid=<?php echo md5(uniqid()) ?>" alt="CAPTCHA Image" align="left" />
|
||||
<object type="application/x-shockwave-flash" data="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" height="32" width="32">
|
||||
<param name="movie" value="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" />
|
||||
</object>
|
||||
|
||||
<a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false"><img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0" /></a><br />
|
||||
<strong>Enter Code*:</strong><br />
|
||||
<input type="text" name="ct_captcha" size="12" maxlength="8" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<br />
|
||||
<input type="submit" value="Submit Message" />
|
||||
</p>
|
||||
|
||||
</form>
|
||||
</fieldset>
|
||||
|
||||
<script src="http://code.jquery.com/jquery-1.10.1.min.js"></script>
|
||||
<script type="text/javascript">
|
||||
$.noConflict();
|
||||
|
||||
function reloadCaptcha()
|
||||
{
|
||||
jQuery('#siimage').src = './securimage_show.php?sid=' + Math.random();
|
||||
}
|
||||
|
||||
function processForm()
|
||||
{
|
||||
jQuery.ajax({
|
||||
url: '<?php echo $_SERVER['PHP_SELF'] ?>',
|
||||
type: 'POST',
|
||||
data: jQuery('#contact_form').serialize(),
|
||||
dataType: 'json',
|
||||
}).done(function(data) {
|
||||
if (data.error === 0) {
|
||||
jQuery('#success_message').show();
|
||||
jQuery('#contact_form')[0].reset();
|
||||
reloadCaptcha();
|
||||
setTimeout("jQuery('#success_message').fadeOut()", 30000);
|
||||
} else {
|
||||
alert("There was an error with your submission.\n\n" + data.message);
|
||||
}
|
||||
});
|
||||
|
||||
return false;
|
||||
}
|
||||
</script>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
<?php
|
||||
|
||||
// The form processor PHP code
|
||||
function process_si_contact_form()
|
||||
{
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'POST' && @$_POST['do'] == 'contact') {
|
||||
// if the form has been submitted
|
||||
|
||||
foreach($_POST as $key => $value) {
|
||||
if (!is_array($key)) {
|
||||
// sanitize the input data
|
||||
if ($key != 'ct_message') $value = strip_tags($value);
|
||||
$_POST[$key] = htmlspecialchars(stripslashes(trim($value)));
|
||||
}
|
||||
}
|
||||
|
||||
$name = @$_POST['ct_name']; // name from the form
|
||||
$email = @$_POST['ct_email']; // email from the form
|
||||
$URL = @$_POST['ct_URL']; // url from the form
|
||||
$message = @$_POST['ct_message']; // the message from the form
|
||||
$captcha = @$_POST['ct_captcha']; // the user's entry for the captcha code
|
||||
$name = substr($name, 0, 64); // limit name to 64 characters
|
||||
|
||||
$errors = array(); // initialize empty error array
|
||||
|
||||
if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
|
||||
// only check for errors if the form is not in debug mode
|
||||
|
||||
if (strlen($name) < 3) {
|
||||
// name too short, add error
|
||||
$errors['name_error'] = 'Your name is required';
|
||||
}
|
||||
|
||||
if (strlen($email) == 0) {
|
||||
// no email address given
|
||||
$errors['email_error'] = 'Email address is required';
|
||||
} else if ( !preg_match('/^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$/i', $email)) {
|
||||
// invalid email format
|
||||
$errors['email_error'] = 'Email address entered is invalid';
|
||||
}
|
||||
|
||||
if (strlen($message) < 20) {
|
||||
// message length too short
|
||||
$errors['message_error'] = 'Please enter a message';
|
||||
}
|
||||
}
|
||||
|
||||
// Only try to validate the captcha if the form has no errors
|
||||
// This is especially important for ajax calls
|
||||
if (sizeof($errors) == 0) {
|
||||
require_once dirname(__FILE__) . '/securimage.php';
|
||||
$securimage = new Securimage();
|
||||
|
||||
if ($securimage->check($captcha) == false) {
|
||||
$errors['captcha_error'] = 'Incorrect security code entered';
|
||||
}
|
||||
}
|
||||
|
||||
if (sizeof($errors) == 0) {
|
||||
// no errors, send the form
|
||||
$time = date('r');
|
||||
$message = "A message was submitted from the contact form. The following information was provided.<br /><br />"
|
||||
. "Name: $name<br />"
|
||||
. "Email: $email<br />"
|
||||
. "URL: $URL<br />"
|
||||
. "Message:<br />"
|
||||
. "<pre>$message</pre>"
|
||||
. "<br /><br />IP Address: {$_SERVER['REMOTE_ADDR']}<br />"
|
||||
. "Time: $time<br />"
|
||||
. "Browser: {$_SERVER['HTTP_USER_AGENT']}<br />";
|
||||
|
||||
if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
|
||||
// send the message with mail()
|
||||
mail($GLOBALS['ct_recipient'], $GLOBALS['ct_msg_subject'], $message, "From: {$GLOBALS['ct_recipient']}\r\nReply-To: {$email}\r\nContent-type: text/html; charset=ISO-8859-1\r\nMIME-Version: 1.0");
|
||||
}
|
||||
|
||||
$return = array('error' => 0, 'message' => 'OK');
|
||||
die(json_encode($return));
|
||||
} else {
|
||||
$errmsg = '';
|
||||
foreach($errors as $key => $error) {
|
||||
// set up error messages to display with each field
|
||||
$errmsg .= " - {$error}\n";
|
||||
}
|
||||
|
||||
$return = array('error' => 1, 'message' => $errmsg);
|
||||
die(json_encode($return));
|
||||
}
|
||||
} // POST
|
||||
} // function process_si_contact_form()
|
@ -1,192 +0,0 @@
|
||||
<?php
|
||||
session_start(); // this MUST be called prior to any output including whitespaces and line breaks!
|
||||
|
||||
$GLOBALS['DEBUG_MODE'] = 1;
|
||||
// CHANGE TO 0 TO TURN OFF DEBUG MODE
|
||||
// IN DEBUG MODE, ONLY THE CAPTCHA CODE IS VALIDATED, AND NO EMAIL IS SENT
|
||||
|
||||
$GLOBALS['ct_recipient'] = 'YOU@EXAMPLE.COM'; // Change to your email address!
|
||||
$GLOBALS['ct_msg_subject'] = 'Securimage Test Contact Form';
|
||||
|
||||
?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
|
||||
<title>Securimage Example Form</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
.error { color: #f00; font-weight: bold; font-size: 1.2em; }
|
||||
.success { color: #00f; font-weight: bold; font-size: 1.2em; }
|
||||
fieldset { width: 90%; }
|
||||
legend { font-size: 24px; }
|
||||
.note { font-size: 18px;
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
|
||||
<fieldset>
|
||||
<legend>Example Form</legend>
|
||||
|
||||
<p class="note">
|
||||
This is an example PHP form that processes user information, checks for errors, and validates the captcha code.<br />
|
||||
This example form also demonstrates how to submit a form to itself to display error messages.
|
||||
</p>
|
||||
|
||||
<?php
|
||||
|
||||
process_si_contact_form(); // Process the form, if it was submitted
|
||||
|
||||
if (isset($_SESSION['ctform']['error']) && $_SESSION['ctform']['error'] == true): /* The last form submission had 1 or more errors */ ?>
|
||||
<span class="error">There was a problem with your submission. Errors are displayed below in red.</span><br /><br />
|
||||
<?php elseif (isset($_SESSION['ctform']['success']) && $_SESSION['ctform']['success'] == true): /* form was processed successfully */ ?>
|
||||
<span class="success">The captcha was correct and the message has been sent!</span><br /><br />
|
||||
<?php endif; ?>
|
||||
|
||||
<form method="post" action="<?php echo htmlspecialchars($_SERVER['REQUEST_URI'] . $_SERVER['QUERY_STRING']) ?>" id="contact_form">
|
||||
<input type="hidden" name="do" value="contact" />
|
||||
|
||||
<p>
|
||||
<strong>Name*:</strong> <?php echo @$_SESSION['ctform']['name_error'] ?><br />
|
||||
<input type="text" name="ct_name" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_name']) ?>" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<strong>Email*:</strong> <?php echo @$_SESSION['ctform']['email_error'] ?><br />
|
||||
<input type="text" name="ct_email" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_email']) ?>" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<strong>URL:</strong> <?php echo @$_SESSION['ctform']['URL_error'] ?><br />
|
||||
<input type="text" name="ct_URL" size="35" value="<?php echo htmlspecialchars(@$_SESSION['ctform']['ct_URL']) ?>" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<strong>Message*:</strong> <?php echo @$_SESSION['ctform']['message_error'] ?><br />
|
||||
<textarea name="ct_message" rows="12" cols="60"><?php echo htmlspecialchars(@$_SESSION['ctform']['ct_message']) ?></textarea>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<img id="siimage" style="border: 1px solid #000; margin-right: 15px" src="./securimage_show.php?sid=<?php echo md5(uniqid()) ?>" alt="CAPTCHA Image" align="left" />
|
||||
<object type="application/x-shockwave-flash" data="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" height="32" width="32">
|
||||
<param name="movie" value="./securimage_play.swf?bgcol=#ffffff&icon_file=./images/audio_icon.png&audio_file=./securimage_play.php" />
|
||||
</object>
|
||||
|
||||
<a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false"><img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0" /></a><br />
|
||||
<strong>Enter Code*:</strong><br />
|
||||
<?php echo @$_SESSION['ctform']['captcha_error'] ?>
|
||||
<input type="text" name="ct_captcha" size="12" maxlength="16" />
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<br />
|
||||
<input type="submit" value="Submit Message" />
|
||||
</p>
|
||||
|
||||
</form>
|
||||
</fieldset>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
<?php
|
||||
|
||||
// The form processor PHP code
|
||||
function process_si_contact_form()
|
||||
{
|
||||
$_SESSION['ctform'] = array(); // re-initialize the form session data
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] == 'POST' && @$_POST['do'] == 'contact') {
|
||||
// if the form has been submitted
|
||||
|
||||
foreach($_POST as $key => $value) {
|
||||
if (!is_array($key)) {
|
||||
// sanitize the input data
|
||||
if ($key != 'ct_message') $value = strip_tags($value);
|
||||
$_POST[$key] = htmlspecialchars(stripslashes(trim($value)));
|
||||
}
|
||||
}
|
||||
|
||||
$name = @$_POST['ct_name']; // name from the form
|
||||
$email = @$_POST['ct_email']; // email from the form
|
||||
$URL = @$_POST['ct_URL']; // url from the form
|
||||
$message = @$_POST['ct_message']; // the message from the form
|
||||
$captcha = @$_POST['ct_captcha']; // the user's entry for the captcha code
|
||||
$name = substr($name, 0, 64); // limit name to 64 characters
|
||||
|
||||
$errors = array(); // initialize empty error array
|
||||
|
||||
if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
|
||||
// only check for errors if the form is not in debug mode
|
||||
|
||||
if (strlen($name) < 3) {
|
||||
// name too short, add error
|
||||
$errors['name_error'] = 'Your name is required';
|
||||
}
|
||||
|
||||
if (strlen($email) == 0) {
|
||||
// no email address given
|
||||
$errors['email_error'] = 'Email address is required';
|
||||
} else if ( !preg_match('/^(?:[\w\d]+\.?)+@(?:(?:[\w\d]\-?)+\.)+\w{2,4}$/i', $email)) {
|
||||
// invalid email format
|
||||
$errors['email_error'] = 'Email address entered is invalid';
|
||||
}
|
||||
|
||||
if (strlen($message) < 20) {
|
||||
// message length too short
|
||||
$errors['message_error'] = 'Please enter a message';
|
||||
}
|
||||
}
|
||||
|
||||
// Only try to validate the captcha if the form has no errors
|
||||
// This is especially important for ajax calls
|
||||
if (sizeof($errors) == 0) {
|
||||
require_once dirname(__FILE__) . '/securimage.php';
|
||||
$securimage = new Securimage();
|
||||
|
||||
if ($securimage->check($captcha) == false) {
|
||||
$errors['captcha_error'] = 'Incorrect security code entered<br />';
|
||||
}
|
||||
}
|
||||
|
||||
if (sizeof($errors) == 0) {
|
||||
// no errors, send the form
|
||||
$time = date('r');
|
||||
$message = "A message was submitted from the contact form. The following information was provided.<br /><br />"
|
||||
. "Name: $name<br />"
|
||||
. "Email: $email<br />"
|
||||
. "URL: $URL<br />"
|
||||
. "Message:<br />"
|
||||
. "<pre>$message</pre>"
|
||||
. "<br /><br />IP Address: {$_SERVER['REMOTE_ADDR']}<br />"
|
||||
. "Time: $time<br />"
|
||||
. "Browser: {$_SERVER['HTTP_USER_AGENT']}<br />";
|
||||
|
||||
$message = wordwrap($message, 70);
|
||||
|
||||
if (isset($GLOBALS['DEBUG_MODE']) && $GLOBALS['DEBUG_MODE'] == false) {
|
||||
// send the message with mail()
|
||||
mail($GLOBALS['ct_recipient'], $GLOBALS['ct_msg_subject'], $message, "From: {$GLOBALS['ct_recipient']}\r\nReply-To: {$email}\r\nContent-type: text/html; charset=ISO-8859-1\r\nMIME-Version: 1.0");
|
||||
}
|
||||
|
||||
$_SESSION['ctform']['error'] = false; // no error with form
|
||||
$_SESSION['ctform']['success'] = true; // message sent
|
||||
} else {
|
||||
// save the entries, this is to re-populate the form
|
||||
$_SESSION['ctform']['ct_name'] = $name; // save name from the form submission
|
||||
$_SESSION['ctform']['ct_email'] = $email; // save email
|
||||
$_SESSION['ctform']['ct_URL'] = $URL; // save URL
|
||||
$_SESSION['ctform']['ct_message'] = $message; // save message
|
||||
|
||||
foreach($errors as $key => $error) {
|
||||
// set up error messages to display with each field
|
||||
$_SESSION['ctform'][$key] = "<span style=\"font-weight: bold; color: #f00\">$error</span>";
|
||||
}
|
||||
|
||||
$_SESSION['ctform']['error'] = true; // set error floag
|
||||
}
|
||||
} // POST
|
||||
}
|
||||
|
||||
$_SESSION['ctform']['success'] = false; // clear success value after running
|
@ -853,13 +853,13 @@ class Securimage
|
||||
try {
|
||||
$audio = $this->getAudibleCode();
|
||||
} catch (Exception $ex) {
|
||||
if (($fp = @fopen(dirname(__FILE__) . '/si.error_log', 'a+')) !== false) {
|
||||
fwrite($fp, date('Y-m-d H:i:s') . ': Securimage audio error "' . $ex->getMessage() . '"' . "\n");
|
||||
fclose($fp);
|
||||
if (($fp = @fopen(dirname(__FILE__) . '/si.error_log', 'a+')) !== false) {
|
||||
fwrite($fp, date('Y-m-d H:i:s') . ': Securimage audio error "' . $ex->getMessage() . '"' . "\n");
|
||||
fclose($fp);
|
||||
}
|
||||
|
||||
$audio = $this->audioError();
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->canSendHeaders() || $this->send_headers == false) {
|
||||
if ($this->send_headers) {
|
||||
@ -890,15 +890,15 @@ class Securimage
|
||||
if (!$this->no_exit) exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the code from the session or sqlite database if used. If none exists yet, an empty string is returned
|
||||
*
|
||||
* @param $array bool True to receive an array containing the code and properties
|
||||
* @return array|string Array if $array = true, otherwise a string containing the code
|
||||
*/
|
||||
public function getCode($array = false, $returnExisting = false)
|
||||
{
|
||||
$code = '';
|
||||
/**
|
||||
* Return the code from the session or sqlite database if used. If none exists yet, an empty string is returned
|
||||
*
|
||||
* @param $array bool True to receive an array containing the code and properties
|
||||
* @return array|string Array if $array = true, otherwise a string containing the code
|
||||
*/
|
||||
public function getCode($array = false, $returnExisting = false)
|
||||
{
|
||||
$code = '';
|
||||
$time = 0;
|
||||
$disp = 'error';
|
||||
|
||||
@ -911,31 +911,31 @@ class Securimage
|
||||
} else {
|
||||
return $this->code;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($this->no_session != true) {
|
||||
if (isset($_SESSION['securimage_code_value'][$this->namespace]) &&
|
||||
trim($_SESSION['securimage_code_value'][$this->namespace]) != '') {
|
||||
if ($this->isCodeExpired(
|
||||
$_SESSION['securimage_code_ctime'][$this->namespace]) == false) {
|
||||
$code = $_SESSION['securimage_code_value'][$this->namespace];
|
||||
$time = $_SESSION['securimage_code_ctime'][$this->namespace];
|
||||
$disp = $_SESSION['securimage_code_disp'] [$this->namespace];
|
||||
}
|
||||
if ($this->no_session != true) {
|
||||
if (isset($_SESSION['securimage_code_value'][$this->namespace]) &&
|
||||
trim($_SESSION['securimage_code_value'][$this->namespace]) != '') {
|
||||
if ($this->isCodeExpired(
|
||||
$_SESSION['securimage_code_ctime'][$this->namespace]) == false) {
|
||||
$code = $_SESSION['securimage_code_value'][$this->namespace];
|
||||
$time = $_SESSION['securimage_code_ctime'][$this->namespace];
|
||||
$disp = $_SESSION['securimage_code_disp'] [$this->namespace];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (empty($code) && $this->use_database) {
|
||||
// no code in session - may mean user has cookies turned off
|
||||
$this->openDatabase();
|
||||
$code = $this->getCodeFromDatabase();
|
||||
} else { /* no code stored in session or sqlite database, validation will fail */ }
|
||||
|
||||
if ($array == true) {
|
||||
return array('code' => $code, 'ctime' => $time, 'display' => $disp);
|
||||
} else {
|
||||
return $code;
|
||||
}
|
||||
if (empty($code) && $this->use_database) {
|
||||
// no code in session - may mean user has cookies turned off
|
||||
$this->openDatabase();
|
||||
$code = $this->getCodeFromDatabase();
|
||||
} else { /* no code stored in session or sqlite database, validation will fail */ }
|
||||
|
||||
if ($array == true) {
|
||||
return array('code' => $code, 'ctime' => $time, 'display' => $disp);
|
||||
} else {
|
||||
return $code;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1378,24 +1378,24 @@ class Securimage
|
||||
header("Pragma: no-cache");
|
||||
}
|
||||
|
||||
switch ($this->image_type) {
|
||||
case self::SI_IMAGE_JPEG:
|
||||
if ($this->send_headers) header("Content-Type: image/jpeg");
|
||||
imagejpeg($this->im, null, 90);
|
||||
break;
|
||||
case self::SI_IMAGE_GIF:
|
||||
if ($this->send_headers) header("Content-Type: image/gif");
|
||||
imagegif($this->im);
|
||||
break;
|
||||
default:
|
||||
if ($this->send_headers) header("Content-Type: image/png");
|
||||
imagepng($this->im);
|
||||
break;
|
||||
switch ($this->image_type) {
|
||||
case self::SI_IMAGE_JPEG:
|
||||
if ($this->send_headers) header("Content-Type: image/jpeg");
|
||||
imagejpeg($this->im, null, 90);
|
||||
break;
|
||||
case self::SI_IMAGE_GIF:
|
||||
if ($this->send_headers) header("Content-Type: image/gif");
|
||||
imagegif($this->im);
|
||||
break;
|
||||
default:
|
||||
if ($this->send_headers) header("Content-Type: image/png");
|
||||
imagepng($this->im);
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
echo '<hr /><strong>'
|
||||
.'Failed to generate captcha image, content has already been '
|
||||
.'output.<br />This is most likely due to misconfiguration or '
|
||||
} else {
|
||||
echo '<hr /><strong>'
|
||||
.'Failed to generate captcha image, content has already been '
|
||||
.'output.<br />This is most likely due to misconfiguration or '
|
||||
.'a PHP error was sent to the browser.</strong>';
|
||||
}
|
||||
|
||||
@ -1943,10 +1943,10 @@ class Securimage
|
||||
if ($this->audio_gap_max > 0 && $this->audio_gap_max > $this->audio_gap_min) {
|
||||
$wavCaptcha->insertSilence( mt_rand($this->audio_gap_min, $this->audio_gap_max) / 1000.0 );
|
||||
}
|
||||
} catch (Exception $ex) {
|
||||
} catch (Exception $ex) {
|
||||
// failed to open file, or the wav file is broken or not supported
|
||||
// 2 wav files were not compatible, different # channels, bits/sample, or sample rate
|
||||
throw $ex;
|
||||
throw $ex;
|
||||
}
|
||||
}
|
||||
|
||||
@ -2038,18 +2038,18 @@ class Securimage
|
||||
*
|
||||
* @return bool true if headers haven't been sent and no output/errors will break audio/images, false if unsafe
|
||||
*/
|
||||
protected function canSendHeaders()
|
||||
{
|
||||
if (headers_sent()) {
|
||||
// output has been flushed and headers have already been sent
|
||||
return false;
|
||||
} else if (strlen((string)ob_get_contents()) > 0) {
|
||||
// headers haven't been sent, but there is data in the buffer that will break image and audio data
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
protected function canSendHeaders()
|
||||
{
|
||||
if (headers_sent()) {
|
||||
// output has been flushed and headers have already been sent
|
||||
return false;
|
||||
} else if (strlen((string)ob_get_contents()) > 0) {
|
||||
// headers haven't been sent, but there is data in the buffer that will break image and audio data
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a random float between 0 and 0.9999
|
||||
|
@ -86,9 +86,10 @@ class Controller {
|
||||
|
||||
|
||||
protected function fetch(){
|
||||
$session = Registry::get('session');
|
||||
|
||||
if(isset($_SESSION['theme']) && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $_SESSION['theme']) && file_exists(DIR_THEME . $_SESSION['theme']) ) {
|
||||
$file = DIR_THEME . $_SESSION['theme'] . '/templates/' . $this->template;
|
||||
if($session->get("theme") && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $session->get("theme")) && file_exists(DIR_THEME . $session->get("theme")) ) {
|
||||
$file = DIR_THEME . $session->get("theme") . '/templates/' . $this->template;
|
||||
} else {
|
||||
$file = DIR_THEME . THEME . '/templates/' . $this->template;
|
||||
}
|
||||
|
@ -8,10 +8,11 @@ class Language {
|
||||
global $langs;
|
||||
|
||||
$lang = '';
|
||||
$session = Registry::get('session');
|
||||
|
||||
if(isset($_SESSION['lang']) && $_SESSION['lang'] != '') {
|
||||
$file = DIR_LANGUAGE . $_SESSION['lang'] . '/messages.php';
|
||||
define('LANG', $_SESSION['lang']);
|
||||
if($session->get("lang")) {
|
||||
$file = DIR_LANGUAGE . $session->get("lang") . '/messages.php';
|
||||
define('LANG', $session->get("lang"));
|
||||
}
|
||||
else {
|
||||
$pref_langs = $this->get_preferred_languages();
|
||||
@ -26,7 +27,7 @@ class Language {
|
||||
|
||||
if($lang == '') { $lang = DEFAULT_LANG; }
|
||||
|
||||
$_SESSION['lang'] = $lang;
|
||||
$session->set("lang", $lang);
|
||||
|
||||
$file = DIR_LANGUAGE . $lang . '/messages.php';
|
||||
}
|
||||
|
@ -3,8 +3,10 @@
|
||||
function LOGGER($event = '', $username = '') {
|
||||
if($event == "") { return 0; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($username == '') {
|
||||
if(isset($_SESSION['username'])) { $username = $_SESSION['username']; }
|
||||
if($session->get("username")) { $username = $session->get("username"); }
|
||||
else { $username = 'unknown'; }
|
||||
}
|
||||
|
||||
@ -16,8 +18,10 @@ function AUDIT($action = 0, $email = '', $ipaddr = '', $id = 0, $description = '
|
||||
|
||||
if(ENABLE_AUDIT == 0) { return 0; }
|
||||
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($ipaddr == '' && isset($_SERVER['REMOTE_ADDR'])) { $ipaddr = $_SERVER['REMOTE_ADDR']; }
|
||||
if($email == '') { $email = $_SESSION['email']; }
|
||||
if($email == '') { $email = $session->get("email"); }
|
||||
|
||||
$a = explode("@", $email);
|
||||
|
||||
@ -30,42 +34,51 @@ function AUDIT($action = 0, $email = '', $ipaddr = '', $id = 0, $description = '
|
||||
|
||||
|
||||
function getAuthenticatedUsername() {
|
||||
$session = Registry::get('session');
|
||||
|
||||
if(isset($_SESSION['username'])){ return $_SESSION['username']; }
|
||||
if($session->get("username")) { return $session->get("username"); }
|
||||
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
function isAdminUser() {
|
||||
if(isset($_SESSION['admin_user']) && $_SESSION['admin_user'] == 1){ return 1; }
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($session->get("admin_user") == 1){ return 1; }
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
function isAuditorUser() {
|
||||
if(isset($_SESSION['admin_user']) && $_SESSION['admin_user'] == 2){ return 1; }
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($session->get("admin_user") == 2){ return 1; }
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
function isReadonlyAdmin() {
|
||||
if(isset($_SESSION['admin_user']) && $_SESSION['admin_user'] == 3){ return 1; }
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($session->get("admin_user") == 3){ return 1; }
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
function logout() {
|
||||
AUDIT(ACTION_LOGOUT, $_SESSION['email'], '', '', '');
|
||||
$session = Registry::get('session');
|
||||
|
||||
$_SESSION['username'] = "";
|
||||
$_SESSION['admin_user'] = 0;
|
||||
AUDIT(ACTION_LOGOUT, $session->get("email"), '', '', '');
|
||||
|
||||
unset($_SESSION['username']);
|
||||
unset($_SESSION['admin_user']);
|
||||
$session->set("username", "");
|
||||
$session->set("admin_user", 0);
|
||||
|
||||
$session->remove("username");
|
||||
$session->remove("admin_user");
|
||||
|
||||
Registry::set('username', '');
|
||||
|
||||
@ -82,9 +95,10 @@ function isBinary($num = '') {
|
||||
|
||||
function get_page_length() {
|
||||
$page_len = PAGE_LEN;
|
||||
|
||||
if(isset($_SESSION['pagelen']) && is_numeric($_SESSION['pagelen']) && $_SESSION['pagelen'] >= 10 && $_SESSION['pagelen'] <= MAX_SEARCH_HITS) {
|
||||
$page_len = $_SESSION['pagelen'];
|
||||
$session = Registry::get('session');
|
||||
|
||||
if($session->get("pagelen") && is_numeric($session->get("pagelen")) && $session->get("pagelen") >= 10 && $session->get("pagelen") <= MAX_SEARCH_HITS) {
|
||||
$page_len = $session->get("pagelen");
|
||||
}
|
||||
|
||||
return $page_len;
|
||||
|
@ -27,12 +27,12 @@ class Request {
|
||||
class Session {
|
||||
|
||||
public function __construct() {
|
||||
//session_start();
|
||||
session_start();
|
||||
}
|
||||
|
||||
|
||||
public function get($s = '') {
|
||||
if($s && isset($_SESSION[$s])) { return $_SESSION[$s]; }
|
||||
public function get($k = '') {
|
||||
if($k && isset($_SESSION[$k])) { return $_SESSION[$k]; }
|
||||
|
||||
return '';
|
||||
}
|
||||
@ -44,6 +44,12 @@ class Session {
|
||||
|
||||
}
|
||||
|
||||
|
||||
public function remove($k = '') {
|
||||
if($k) { unset($_SESSION[$k]); }
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
@ -6,8 +6,8 @@ require(DIR_SYSTEM . "/front.php");
|
||||
require(DIR_SYSTEM . "/language.php");
|
||||
require(DIR_SYSTEM . "/loader.php");
|
||||
require(DIR_SYSTEM . "/model.php");
|
||||
require(DIR_SYSTEM . "/registry.php");
|
||||
require(DIR_SYSTEM . "/request.php");
|
||||
//require(DIR_SYSTEM . "/registry.php");
|
||||
//require(DIR_SYSTEM . "/request.php");
|
||||
require(DIR_SYSTEM . "/router.php");
|
||||
|
||||
require(DIR_SYSTEM . "/misc.php");
|
||||
|
@ -26,7 +26,7 @@
|
||||
|
||||
<body id="loginpage">
|
||||
|
||||
<?php if(!isset($_SESSION['username'])){ ?>
|
||||
<?php if(!Registry::get('username')) { ?>
|
||||
|
||||
<div id="logincontainer" class="container">
|
||||
<div id="logo-lg"><img src="<?php print SITE_URL; ?><?php print SITE_LOGO_LG; ?>" alt="Archive Logo Image" title="Login" /></div>
|
||||
|
@ -42,7 +42,7 @@
|
||||
<div class="controls">
|
||||
<select name="domain" id="domain">
|
||||
<?php asort($domains); foreach ($domains as $domain) { ?>
|
||||
<option value="<?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?>"<?php if( (isset($post) && $domain == $post['domain']) || (!isset($post) && isset($_SESSION['last_domain']) && $domain == $_SESSION['last_domain']) ){ ?> selected="selected"<?php } ?>><?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?></option>
|
||||
<option value="<?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?>"<?php if( (isset($post) && $domain == $post['domain']) || (!isset($post) && $domain == $last_domain) ){ ?> selected="selected"<?php } ?>><?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
<?php if ( isset($errors['domain']) ) { ?><span class="help-inline"><?php print $errors['domain']; ?></span><?php } ?>
|
||||
|
@ -66,7 +66,7 @@
|
||||
<div class="controls">
|
||||
<select name="theme">
|
||||
<?php foreach(Registry::get('themes') as $t) { ?>
|
||||
<option value="<?php print $t; ?>"<?php if(isset($_SESSION['theme']) && $_SESSION['theme'] == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<option value="<?php print $t; ?>"<?php if($theme == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
@ -77,7 +77,7 @@
|
||||
<select name="lang">
|
||||
<option value=""><?php print $text_use_browser_settings; ?></option>
|
||||
<?php foreach(Registry::get('langs') as $t) { ?>
|
||||
<option value="<?php print $t; ?>"<?php if(isset($_SESSION['lang']) && $_SESSION['lang'] == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<option value="<?php print $t; ?>"<?php if($lang == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
|
@ -30,7 +30,7 @@
|
||||
|
||||
<body class="loginpage">
|
||||
|
||||
<?php if(!isset($_SESSION['username'])){ ?>
|
||||
<?php if(!Registry::get('username')) { ?>
|
||||
|
||||
<div id="logincontainer" class="container">
|
||||
<div id="logo-lg"><img src="<?php print SITE_URL; ?><?php print SITE_LOGO_LG; ?>" alt="Archive Logo Image" title="<?php print $text_login; ?>" /></div>
|
||||
|
@ -26,7 +26,7 @@
|
||||
<div class="domaincell">
|
||||
<select name="domain" class="span5">
|
||||
<?php asort($domains); foreach ($domains as $domain) { ?>
|
||||
<option value="<?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?>"<?php if( (isset($post) && $domain == $post['domain']) || (!isset($post) && isset($_SESSION['last_domain']) && $domain == $_SESSION['last_domain']) ){ ?> selected="selected"<?php } ?>><?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?></option>
|
||||
<option value="<?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?>"<?php if( (isset($post) && $domain == $post['domain']) || (!isset($post) && $domain == $last_domain) ){ ?> selected="selected"<?php } ?>><?php if(is_array($domain)){ print $domain['mapped']; } else { print $domain; } ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
|
@ -73,7 +73,7 @@
|
||||
<div class="tcell">
|
||||
<select name="theme">
|
||||
<?php foreach(Registry::get('themes') as $t) { ?>
|
||||
<option value="<?php print $t; ?>"<?php if(isset($_SESSION['theme']) && $_SESSION['theme'] == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<option value="<?php print $t; ?>"<?php if($theme == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
@ -85,7 +85,7 @@
|
||||
<select name="lang">
|
||||
<option value=""><?php print $text_use_browser_settings; ?></option>
|
||||
<?php foreach(Registry::get('langs') as $t) { ?>
|
||||
<option value="<?php print $t; ?>"<?php if(isset($_SESSION['lang']) && $_SESSION['lang'] == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<option value="<?php print $t; ?>"<?php if($lang == $t) { ?> selected="selected"<?php } ?>><?php print $t; ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
|
Loading…
x
Reference in New Issue
Block a user