本文整理汇总了PHP中COM_clearSpeedlimit函数的典型用法代码示例。如果您正苦于以下问题:PHP COM_clearSpeedlimit函数的具体用法?PHP COM_clearSpeedlimit怎么用?PHP COM_clearSpeedlimit使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了COM_clearSpeedlimit函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: MG_approveSubmission
function MG_approveSubmission($media_id)
{
global $_CONF, $_TABLES, $LANG_MG01;
$mid = addslashes($media_id);
$owner_uid = DB_getItem($_TABLES['mg_mediaqueue'], 'media_user_id', "media_id='" . $mid . "'");
DB_delete($_TABLES['mg_mediaqueue'], 'media_id', $mid);
$album_id = DB_getItem($_TABLES['mg_media_album_queue'], 'album_id', "media_id='" . $mid . "'");
DB_save($_TABLES['mg_media_albums'], 'album_id, media_id, media_order', "{$album_id}, '{$mid}', 0");
require_once $_CONF['path'] . 'plugins/mediagallery/include/sort.php';
MG_SortMedia($album_id);
DB_delete($_TABLES['mg_media_album_queue'], 'media_id', $mid);
$sql = "SELECT media_filename, media_type " . "FROM {$_TABLES['mg_media']} WHERE media_id='" . $mid . "'";
$result = DB_query($sql);
list($media_filename, $media_type) = DB_fetchArray($result);
$media_count = DB_getItem($_TABLES['mg_albums'], 'media_count', 'album_id=' . $album_id);
$media_count++;
DB_change($_TABLES['mg_albums'], 'media_count', $media_count, 'album_id', $album_id);
MG_updateAlbumLastUpdate($album_id);
$album_cover = DB_getItem($_TABLES['mg_albums'], 'album_cover', 'album_id=' . $album_id);
if ($album_cover == -1 && $media_type == 0) {
DB_change($_TABLES['mg_albums'], 'album_cover_filename', $media_filename, 'album_id', $album_id);
}
// email the owner / uploader that the item has been approved.
COM_clearSpeedlimit(600, 'mgapprove');
$last = COM_checkSpeedlimit('mgapprove');
if ($last == 0) {
$result2 = DB_query("SELECT username, fullname, email FROM {$_TABLES['users']} WHERE uid='" . $owner_uid . "'");
list($username, $fullname, $email) = DB_fetchArray($result2);
if ($email != '') {
$subject = $LANG_MG01['upload_approved'];
$body = $LANG_MG01['upload_approved'];
$body .= '<br' . XHTML . '><br' . XHTML . '>';
$body .= $LANG_MG01['thanks_submit'];
$body .= '<br' . XHTML . '><br' . XHTML . '>';
$body .= $_CONF['site_name'] . '<br' . XHTML . '>';
$body .= $_CONF['site_url'] . '<br' . XHTML . '>';
$to = array();
$from = array();
$to = COM_formatEmailAddress($username, $email);
$from = COM_formatEmailAddress($_CONF['site_name'], $_CONF['site_mail']);
if (!COM_mail($to, $subject, $body, $from, true)) {
COM_errorLog("Media Gallery Error - Unable to send queue notification email");
}
COM_updateSpeedlimit('mgapprove');
}
}
// PLG_itemSaved($media_id, 'mediagallery');
// COM_rdfUpToDateCheck();
// COM_olderStuff();
return;
}示例2: CMT_sendReport
/**
* Send report about abusive comment
*
* @param string $cid comment id
* @param string $type type of comment ('article', 'poll', ...)
* @return string Meta refresh or HTML for error message
*
*/
function CMT_sendReport($cid, $type)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG09, $LANG_LOGIN;
if (COM_isAnonUser()) {
$retval = COM_siteHeader('menu', $LANG_LOGIN[1]);
$retval .= SEC_loginRequiredForm();
$retval .= COM_siteFooter();
return $retval;
}
COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
if (COM_checkSpeedlimit('mail') > 0) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}");
$result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = " . (int) $cid . " AND type = '" . DB_escapeString($type) . "'");
$A = DB_fetchArray($result);
$title = $A['title'];
$comment = $A['comment'];
// strip HTML if posted in HTML mode
if (preg_match('/<.*>/', $comment) != 0) {
$comment = strip_tags($comment);
}
$author = COM_getDisplayName($A['uid']);
if ($A['uid'] <= 1 && !empty($A['ipaddress'])) {
// add IP address for anonymous posters
$author .= ' (' . $A['ipaddress'] . ')';
}
$mailbody = sprintf($LANG03[26], $username);
$mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n";
if ($type != 'article' && $type != 'poll') {
$mailbody .= "{$LANG09['5']}: {$type}\n";
}
if ($_CONF['emailstorieslength'] > 0) {
if ($_CONF['emailstorieslength'] > 1) {
$comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...';
}
$mailbody .= $comment . "\n\n";
}
$mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n";
$mailbody .= "\n------------------------------\n";
$mailbody .= "\n{$LANG08['34']}\n";
$mailbody .= "\n------------------------------\n";
$mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27];
$to = array();
$to = COM_formatEmailAddress('', $_CONF['site_mail']);
COM_mail($to, $mailsubject, $mailbody);
COM_updateSpeedlimit('mail');
return COM_refresh($_CONF['site_url'] . '/index.php?msg=27');
}示例3: PNB_handlePingback
/**
* Handle a pingback for an entry.
* Also takes care of the speedlimit and spam. Assumes that the caller of this
* function has already checked permissions!
*
* @param string $id ID of entry that got pinged
* @param string $type type of that entry ('article' for stories, etc.)
* @param string $url URL of the page that pinged us
* @param string $oururl URL that got pinged on our site
* @return object XML-RPC response
*/
function PNB_handlePingback($id, $type, $url, $oururl)
{
global $_CONF, $_TABLES, $PNB_ERROR;
require_once 'HTTP/Request.php';
if (!isset($_CONF['check_trackback_link'])) {
$_CONF['check_trackback_link'] = 2;
}
// handle pingbacks to articles on our own site
$skip_speedlimit = false;
if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR']) {
if (!isset($_CONF['pingback_self'])) {
$_CONF['pingback_self'] = 0;
// default: skip self-pingbacks
}
if ($_CONF['pingback_self'] == 0) {
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['skipped']));
} elseif ($_CONF['pingback_self'] == 2) {
$skip_speedlimit = true;
}
}
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'pingback');
if (!$skip_speedlimit) {
$last = COM_checkSpeedlimit('pingback');
if ($last > 0) {
return new XML_RPC_Response(0, 49, sprintf($PNB_ERROR['speedlimit'], $last, $_CONF['commentspeedlimit']));
}
}
// update speed limit in any case
COM_updateSpeedlimit('pingback');
if ($_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
if ($_CONF['check_trackback_link'] & 4) {
$parts = parse_url($url);
if (empty($parts['host'])) {
TRB_logRejected('Pingback: No valid URL', $url);
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
} else {
$ip = gethostbyname($parts['host']);
if ($ip != $_SERVER['REMOTE_ADDR']) {
TRB_logRejected('Pingback: IP address mismatch', $url);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
}
}
// See if we can read the page linking to us and extract at least
// the page's title out of it ...
$title = '';
$excerpt = '';
$req = new HTTP_Request2($url, HTTP_Request2::METHOD_GET);
$req->setHeader('User-Agent', 'Geeklog/' . VERSION);
try {
$response = $req->send();
$status = $response->getStatus();
if ($status == 200) {
$body = $response->getBody();
if ($_CONF['check_trackback_link'] & 3) {
if (!TRB_containsBacklink($body, $oururl)) {
TRB_logRejected('Pingback: No link to us', $url);
$comment = TRB_formatComment($url);
PLG_spamAction($comment, $_CONF['spamx']);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
preg_match(':<title>(.*)</title>:i', $body, $content);
if (empty($content[1])) {
$title = '';
// no title found
} else {
$title = trim(COM_undoSpecialChars($content[1]));
}
if ($_CONF['pingback_excerpt']) {
// Check which character set the site that sent the Pingback
// is using
$charset = 'ISO-8859-1';
// default, see RFC 2616, 3.7.1
$ctype = $response->getHeader('content-type');
$c = explode(';', $ctype);
foreach ($c as $ct) {
$ch = explode('=', trim($ct));
if (count($ch) === 2) {
if (trim($ch[0]) === 'charset') {
$charset = trim($ch[1]);
break;
}
}
}
if (!empty($charset) && strcasecmp($charset, COM_getCharset()) !== 0) {
if (function_exists('mb_convert_encoding')) {
$body = @mb_convert_encoding($body, COM_getCharset(), $charset);
//.........这里部分代码省略.........
示例4: _userGetnewtoken
function _userGetnewtoken()
{
global $_CONF, $_TABLES, $_USER, $LANG04;
$retval = '';
$uid = 0;
if ($_CONF['passwordspeedlimit'] == 0) {
$_CONF['passwordspeedlimit'] = 300;
// 5 minutes
}
COM_clearSpeedlimit($_CONF['passwordspeedlimit'], 'verifytoken');
$last = COM_checkSpeedlimit('verifytoken');
if ($last > 0) {
$retval .= COM_showMessageText(sprintf($LANG04[93], $last, $_CONF['passwordspeedlimit']), $LANG12[26], true, 'error');
} else {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$passwd = isset($_POST['passwd']) ? $_POST['passwd'] : '';
if (!empty($username) && !empty($passwd) && USER_validateUsername($username, 1)) {
$encryptedPassword = '';
$uid = 0;
$result = DB_query("SELECT uid,passwd FROM {$_TABLES['users']} WHERE username='" . DB_escapeString($username) . "'");
if (DB_numRows($result) > 0) {
$row = DB_fetchArray($result);
$encryptedPassword = $row['passwd'];
$uid = $row['uid'];
}
if ($encryptedPassword != '' && SEC_check_hash($passwd, $encryptedPassword)) {
$retval .= requesttoken($uid, 3);
} else {
$retval .= newtokenform($uid);
}
} else {
$retval .= newtokenform($uid);
}
}
return $retval;
}示例5: savesubmission
/**
* This will save a submission
*
* @param string $type Type of submission we are dealing with
* @param array $A Data for that submission
*
*/
function savesubmission($type, $A)
{
global $_CONF, $_TABLES, $LANG12;
COM_clearSpeedlimit($_CONF['speedlimit'], 'submit');
$last = COM_checkSpeedlimit('submit');
if ($last > 0) {
$retval = COM_showMessageText($LANG12[30] . $last . $LANG12[31], $LANG12[26]);
$retval = COM_createHTMLDocument($retval);
return $retval;
}
if (!empty($type) && $type !== 'story') {
// Update the submitspeedlimit for user - assuming Plugin approves
// submission record
COM_updateSpeedlimit('submit');
// see if this is a submission that needs to be handled by a plugin
// and should include its own redirect
$retval = PLG_saveSubmission($type, $A);
if ($retval === false) {
COM_errorLog("Could not save your submission. Bad type: {$type}");
} elseif (empty($retval)) {
// plugin should include its own redirect - but in case handle
// it here and redirect to the main page
PLG_submissionSaved($type);
COM_redirect($_CONF['site_url'] . '/index.php');
} else {
PLG_submissionSaved($type);
return $retval;
}
}
if (!empty($A['title']) && !empty($A['introtext']) && TOPIC_checkTopicSelectionControl()) {
$retval = savestory($A);
PLG_submissionSaved($type);
} else {
$retval = COM_showMessageText($LANG12[23], $LANG12[22]) . submissionform($type);
$retval = COM_createHTMLDocument($retval);
}
return $retval;
}示例6: WS_authenticate
//.........这里部分代码省略.........
if (!empty($pwd)) {
$mydigest = pack('H*', sha1($nonce . $created . $pwd));
$mydigest = base64_encode($mydigest);
if ($pwdigest == $mydigest) {
$password = $pwd;
}
}
}
if ($WS_VERBOSE) {
COM_errorLog("WS: Attempting to log in user '$username' (via WSSE)");
}
******************************************************************************/
} elseif (!empty($_SERVER['REMOTE_USER'])) {
/* PHP installed as CGI may not have access to authorization headers of
* Apache. In that case, use .htaccess to store the auth header as
* explained at
* http://wiki.geeklog.net/wiki/index.php/Webservices_API#Authentication
*/
list($auth_type, $auth_data) = explode(' ', $_SERVER['REMOTE_USER']);
list($username, $password) = explode(':', base64_decode($auth_data));
$username = COM_applyBasicFilter($username);
if ($WS_VERBOSE) {
COM_errorLog("WS: Attempting to log in user '{$username}' (via \$_SERVER['REMOTE_USER'])");
}
} else {
if ($WS_VERBOSE) {
COM_errorLog("WS: No login given");
}
// fallthrough (see below)
}
COM_clearSpeedlimit($_CONF['login_speedlimit'], 'wsauth');
if (COM_checkSpeedlimit('wsauth', $_CONF['login_attempts']) > 0) {
WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded');
}
if (!empty($username) && !empty($password)) {
if ($_CONF['user_login_method']['3rdparty']) {
// remote users will have to use username@servicename
$u = explode('@', $username);
if (count($u) > 1) {
$sv = $u[count($u) - 1];
if (!empty($sv)) {
$modules = SEC_collectRemoteAuthenticationModules();
foreach ($modules as $smod) {
if (strcasecmp($sv, $smod) == 0) {
array_pop($u);
// drop the service name
$uname = implode('@', $u);
$status = SEC_remoteAuthentication($uname, $password, $smod, $uid);
break;
}
}
}
}
}
if ($status == -1 && $_CONF['user_login_method']['standard']) {
$status = SEC_authenticate($username, $password, $uid);
}
}
if ($status == USER_ACCOUNT_ACTIVE) {
$_USER = SESS_getUserDataFromId($uid);
PLG_loginUser($_USER['uid']);
// Global array of groups current user belongs to
$_GROUPS = SEC_getUserGroups($_USER['uid']);示例7: MG_notifyModerators
function MG_notifyModerators($aid)
{
global $LANG_DIRECTION, $_USER, $_MG_CONF, $_CONF, $_TABLES, $LANG_MG01;
$sql = "SELECT moderate, album_title, mod_group_id " . "FROM {$_TABLES['mg_albums']} WHERE album_id = " . intval($aid);
$result = DB_query($sql);
$A = DB_fetchArray($result);
if ($A['moderate'] != 1 || SEC_hasRights('mediagallery.admin')) {
return true;
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib/phpmailer/class.phpmailer.php';
$media_user_id = $_USER['uid'];
if (empty($LANG_DIRECTION)) {
// default to left-to-right
$direction = 'ltr';
} else {
$direction = $LANG_DIRECTION;
}
$charset = COM_getCharset();
COM_clearSpeedlimit(600, 'mgnotify');
$last = COM_checkSpeedlimit('mgnotify');
if ($last == 0) {
$mail = new PHPMailer();
$mail->CharSet = $charset;
if ($_CONF['mail_settings']['backend'] == 'smtp') {
$mail->Host = $_CONF['mail_settings']['host'] . ':' . $_CONF['mail_settings']['port'];
$mail->SMTPAuth = $_CONF['mail_settings']['auth'];
$mail->Username = $_CONF['mail_settings']['username'];
$mail->Password = $_CONF['mail_settings']['password'];
$mail->Mailer = "smtp";
} elseif ($_CONF['mail_settings']['backend'] == 'sendmail') {
$mail->Mailer = "sendmail";
$mail->Sendmail = $_CONF['mail_settings']['sendmail_path'];
} else {
$mail->Mailer = "mail";
}
$mail->WordWrap = 76;
$mail->IsHTML(true);
$mail->Subject = $LANG_MG01['new_upload_subject'] . $_CONF['site_name'];
if (!isset($_USER['uid']) || $_USER['uid'] < 2) {
$uname = 'Anonymous';
} else {
$uname = DB_getItem($_TABLES['users'], 'username', 'uid=' . intval($media_user_id));
}
// build the template...
$T = COM_newTemplate(MG_getTemplatePath($aid));
$T->set_file('email', 'modemail.thtml');
$T->set_var(array('direction' => $direction, 'charset' => $charset, 'lang_new_upload' => $LANG_MG01['new_upload_body'], 'lang_details' => $LANG_MG01['details'], 'lang_album_title' => 'Album', 'lang_uploaded_by' => $LANG_MG01['uploaded_by'], 'username' => $uname, 'album_title' => strip_tags($A['title']), 'url_moderate' => '<a href="' . $_MG_CONF['site_url'] . '/admin.php?album_id=' . $aid . '&mode=moderate">Click here to view</a>', 'site_name' => $_CONF['site_name'] . ' - ' . $_CONF['site_slogan'], 'site_url' => $_CONF['site_url']));
$body .= $T->finish($T->parse('output', 'email'));
$mail->Body = $body;
$altbody = $LANG_MG01['new_upload_body'] . $A['title'];
$altbody .= "\n\r\n\r";
$altbody .= $LANG_MG01['details'];
$altbody .= "\n\r";
$altbody .= $LANG_MG01['uploaded_by'] . ' ' . $uname . "\n\r";
$altbody .= "\n\r\n\r";
$altbody .= $_CONF['site_name'] . "\n\r";
$altbody .= $_CONF['site_url'] . "\n\r";
$mail->AltBody = $altbody;
$mail->From = $_CONF['site_mail'];
$mail->FromName = $_CONF['site_name'];
$groups = MG_getGroupList($A['mod_group_id']);
$groupList = implode(',', $groups);
$sql = "SELECT DISTINCT {$_TABLES['users']}.uid,username,fullname,email " . "FROM {$_TABLES['group_assignments']},{$_TABLES['users']} " . "WHERE {$_TABLES['users']}.uid > 1 " . "AND {$_TABLES['users']}.uid = {$_TABLES['group_assignments']}.ug_uid " . "AND ({$_TABLES['group_assignments']}.ug_main_grp_id IN ({$groupList}))";
$result = DB_query($sql);
$nRows = DB_numRows($result);
$toCount = 0;
for ($i = 0; $i < $nRows; $i++) {
$row = DB_fetchArray($result);
if ($row['email'] != '') {
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Sending notification email to: " . $row['email'] . " - " . $row['username']);
}
$toCount++;
$mail->AddAddress($row['email'], $row['username']);
}
}
if ($toCount > 0) {
if (!$mail->Send()) {
COM_errorLog("MG Upload: Unable to send moderation email - error:" . $mail->ErrorInfo);
}
} else {
COM_errorLog("MG Upload: Error - Did not find any moderators to email");
}
COM_updateSpeedlimit('mgnotify');
}
return true;
}示例8: CMT_sendReport
/**
* Send report about abusive comment
*
* @param string $cid comment id
* @param string $type type of comment ('article', 'poll', ...)
* @return string Meta refresh or HTML for error message
*
*/
function CMT_sendReport($cid, $type)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
if (empty($_USER['username'])) {
$retval = COM_siteHeader('menu', $LANG_LOGIN[1]);
$retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$loginreq = new Template($_CONF['path_layout'] . 'submit');
$loginreq->set_file('loginreq', 'submitloginrequired.thtml');
$loginreq->set_var('xhtml', XHTML);
$loginreq->set_var('login_message', $LANG_LOGIN[2]);
$loginreq->set_var('site_url', $_CONF['site_url']);
$loginreq->set_var('lang_login', $LANG_LOGIN[3]);
$loginreq->set_var('lang_newuser', $LANG_LOGIN[4]);
$loginreq->parse('errormsg', 'loginreq');
$retval .= $loginreq->finish($loginreq->get_var('errormsg'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= COM_siteFooter();
return $retval;
}
COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
if (COM_checkSpeedlimit('mail') > 0) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}");
$result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = {$cid} AND type = '{$type}'");
$A = DB_fetchArray($result);
$title = stripslashes($A['title']);
$comment = stripslashes($A['comment']);
// strip HTML if posted in HTML mode
if (preg_match('/<.*>/', $comment) != 0) {
$comment = strip_tags($comment);
}
$author = COM_getDisplayName($A['uid']);
if ($A['uid'] <= 1 && !empty($A['ipaddress'])) {
// add IP address for anonymous posters
$author .= ' (' . $A['ipaddress'] . ')';
}
$mailbody = sprintf($LANG03[26], $username);
$mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n";
if ($type != 'article' && $type != 'poll') {
$mailbody .= "{$LANG09['5']}: {$type}\n";
}
if ($_CONF['emailstorieslength'] > 0) {
if ($_CONF['emailstorieslength'] > 1) {
$comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...';
}
$mailbody .= $comment . "\n\n";
}
$mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n";
$mailbody .= "\n------------------------------\n";
$mailbody .= "\n{$LANG08['34']}\n";
$mailbody .= "\n------------------------------\n";
$mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27];
if (COM_mail($_CONF['site_mail'], $mailsubject, $mailbody)) {
$msg = 27;
// message sent
} else {
$msg = 85;
// problem sending the email
}
COM_updateSpeedlimit('mail');
return COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}");
}示例9: CALENDAR_siteHeader
}
if (isset($_GET['op'])) {
if ($_GET['op'] == 'add') {
$_POST['addevent'] = 1;
}
}
if (isset($_POST['addevent']) || isset($_POST['addpersonalevent'])) {
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['submitloginrequired'] == 1)) {
$display = CALENDAR_siteHeader($LANG_CAL_1[41]);
$display .= SEC_loginRequiredForm();
$display .= CALENDAR_siteFooter();
echo $display;
exit;
}
$slerror = '';
COM_clearSpeedlimit($_CONF['speedlimit'], 'submit');
$last = COM_checkSpeedlimit('submit');
if ($last > 0) {
$slerror .= COM_showMessageText($LANG12[30] . $last . $LANG12[31], $LANG12[26], true);
}
echo CALENDAR_siteHeader();
if ($slerror != '') {
echo $slerror;
} else {
if ($mode != 'personal' && $_CA_CONF['only_admin_submit'] == 1 && !SEC_hasRights('calendar.edit')) {
echo 'Invalid request';
} else {
echo plugin_submit_calendar($mode);
}
}
echo CALENDAR_siteFooter();示例10: COM_applyFilter
$type = COM_applyFilter($_GET['type']);
if ($type != 'article') {
if (!in_array($type, $_PLUGINS)) {
$type = 'article';
}
}
$pageBody .= handleunSubscribe($sid, $type);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
default:
// New Comment
// do our speed limit check here
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = 0;
$last = COM_checkSpeedlimit('comment');
if ($last > 0) {
$goBack = '<br/><br/>' . $LANG03[48];
$pageBody .= COM_showMessageText($LANG03[7] . $last . $LANG03[8] . $goBack, $LANG12[26], true, 'error');
} else {
$sid = isset($_REQUEST['sid']) ? COM_sanitizeID(COM_applyFilter($_REQUEST['sid'])) : '';
$type = isset($_REQUEST['type']) ? COM_applyFilter($_REQUEST['type']) : '';
$title = isset($_REQUEST['title']) ? strip_tags($_REQUEST['title']) : '';
$postmode = $_CONF['comment_postmode'];
$pid = isset($_REQUEST['pid']) ? COM_applyFilter($_REQUEST['pid'], true) : 0;
if ($type != 'article') {
if (!in_array($type, $_PLUGINS)) {
$type = '';
}示例11: die
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
// this file can't be used on its own
if (strpos(strtolower($_SERVER['PHP_SELF']), 'auth.inc.php') !== false) {
die('This file can not be used on its own.');
}
// MAIN
COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login');
if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) {
COM_displayMessageAndAbort(82, '', 403, 'Access denied');
}
$uid = '';
if (!empty($_POST['loginname']) && !empty($_POST['passwd'])) {
if ($_CONF['user_login_method']['standard']) {
$status = SEC_authenticate(COM_applyFilter($_POST['loginname']), $_POST['passwd'], $uid);
} else {
$status = '';
}
} else {
$status = '';
}
$display = '';
if ($status == USER_ACCOUNT_ACTIVE) {示例12: SESS_sessionCheck
/**
* This gets the state for the user
*
* Much of this code if from phpBB (www.phpbb.org). This checks the session
* cookie and long term cookie to get the users state.
*
* @return array returns $_USER array
*
*/
function SESS_sessionCheck()
{
global $_CONF, $_TABLES, $_USER, $_SESS_VERBOSE;
if ($_SESS_VERBOSE) {
COM_errorLog("***Inside SESS_sessionCheck***", 1);
}
unset($_USER);
// We MUST do this up here, so it's set even if the cookie's not present.
$user_logged_in = 0;
$logged_in = 0;
$userdata = array();
// Check for a cookie on the users's machine. If the cookie exists, build
// an array of the users info and setup the theme.
if (isset($_COOKIE[$_CONF['cookie_session']])) {
$sessid = COM_applyFilter($_COOKIE[$_CONF['cookie_session']]);
if ($_SESS_VERBOSE) {
COM_errorLog("got {$sessid} as the session id from lib-sessions.php", 1);
}
$userid = SESS_getUserIdFromSession($sessid, $_CONF['session_cookie_timeout'], $_SERVER['REMOTE_ADDR'], $_CONF['cookie_ip']);
if ($_SESS_VERBOSE) {
COM_errorLog("Got {$userid} as User ID from the session ID", 1);
}
if ($userid > 1) {
// Check user status
$status = SEC_checkUserStatus($userid);
if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) {
$user_logged_in = 1;
SESS_updateSessionTime($sessid, $_CONF['cookie_ip']);
$userdata = SESS_getUserDataFromId($userid);
if ($_SESS_VERBOSE) {
COM_errorLog("Got " . count($userdata) . " pieces of data from userdata", 1);
COM_errorLog(COM_debug($userdata), 1);
}
$_USER = $userdata;
$_USER['auto_login'] = false;
}
} else {
// Session probably expired, now check permanent cookie
if (isset($_COOKIE[$_CONF['cookie_name']])) {
$userid = $_COOKIE[$_CONF['cookie_name']];
if (empty($userid) || $userid == 'deleted') {
unset($userid);
} else {
$userid = COM_applyFilter($userid, true);
$cookie_password = '';
$userpass = '';
if ($userid > 1 && isset($_COOKIE[$_CONF['cookie_password']])) {
$cookie_password = $_COOKIE[$_CONF['cookie_password']];
$userpass = DB_getItem($_TABLES['users'], 'passwd', "uid = {$userid}");
}
if (empty($cookie_password) || $cookie_password != $userpass) {
// Invalid or manipulated cookie data
SEC_setCookie($_CONF['cookie_session'], '', time() - 10000);
SEC_setCookie($_CONF['cookie_password'], '', time() - 10000);
SEC_setCookie($_CONF['cookie_name'], '', time() - 10000);
COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login');
if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) {
if (!defined('XHTML')) {
define('XHTML', '');
}
COM_displayMessageAndAbort(82, '', 403, 'Access denied');
}
COM_updateSpeedlimit('login');
} else {
if ($userid > 1) {
// Check user status
$status = SEC_checkUserStatus($userid);
if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) {
$user_logged_in = 1;
$sessid = SESS_newSession($userid, $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
$userdata = SESS_getUserDataFromId($userid);
$_USER = $userdata;
$_USER['auto_login'] = true;
}
}
}
}
}
}
} else {
if ($_SESS_VERBOSE) {
COM_errorLog('session cookie not found from lib-sessions.php', 1);
}
// Check if the persistent cookie exists
if (isset($_COOKIE[$_CONF['cookie_name']])) {
// Session cookie doesn't exist but a permanent cookie does.
// Start a new session cookie;
if ($_SESS_VERBOSE) {
COM_errorLog('perm cookie found from lib-sessions.php', 1);
}
//.........这里部分代码省略.........
示例13: FF_saveTopic
function FF_saveTopic($forumData, $postData, $action)
{
global $_CONF, $_TABLES, $_FF_CONF, $_USER, $LANG03, $LANG_GF01, $LANG_GF02;
$retval = '';
$uploadErrors = '';
$msg = '';
$errorMessages = '';
$email = '';
$forumfiles = array();
$okToSave = true;
$dt = new Date('now', $_USER['tzid']);
$date = $dt->toUnix();
$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// verify postmode is allowed
if (strtolower($postData['postmode']) == 'html') {
if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
$postData['postmode'] = 'html';
} else {
$postData['postmode'] = 'text';
}
}
// is forum readonly?
if ($forumData['is_readonly'] == 1) {
// Check if this user has moderation rights now to allow a post to a locked topic
if (!forum_modPermission($forumData['forum'], $uid, 'mod_edit')) {
_ff_accessError();
}
}
if ($action == 'saveedit') {
// does the forum match the forum id of the posted data?
if ($forumData['forum'] != 0 && $forumData['forum'] != $postData['forum']) {
_ff_accessError();
}
$editid = COM_applyFilter($postData['editid'], true);
$forum = COM_applyFilter($postData['forum'], true);
$editAllowed = false;
if (forum_modPermission($forumData['forum'], $_USER['uid'], 'mod_edit')) {
$editAllowed = true;
} else {
if ($_FF_CONF['allowed_editwindow'] > 0) {
$t1 = DB_getItem($_TABLES['ff_topic'], 'date', "id=" . (int) $postData['id']);
$t2 = $_FF_CONF['allowed_editwindow'];
$time = time();
if (time() - $t2 < $t1) {
$editAllowed = true;
}
} else {
$editAllowed = true;
}
}
if ($postData['editpid'] < 1 && trim($postData['subject']) == '') {
$retval .= FF_BlockMessage('', $LANG_GF02['msg18'], false);
$okToSave = false;
} elseif (!$editAllowed) {
$link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . (int) $postData['$id'];
$retval .= _ff_alertMessage('', $LANG_GF02['msg189'], sprintf($LANG_GF02['msg187'], $link));
$okToSave = false;
}
} else {
if (!COM_isAnonUser() && $_FF_CONF['use_sfs']) {
$email = isset($_USER['email']) ? $_USER['email'] : '';
}
}
if (isset($postData['name']) && $postData['name'] != '') {
$name = _ff_preparefordb(@htmlspecialchars(strip_tags(trim(COM_checkWords(USER_sanitizeName($postData['name'])))), ENT_QUOTES, COM_getEncodingt()), 'text');
$name = urldecode($name);
} else {
$okToSave = false;
$errorMessages .= $LANG_GF02['invalid_name'] . '<br />';
}
// speed limit check
if (!SEC_hasRights('forum.edit')) {
COM_clearSpeedlimit($_FF_CONF['post_speedlimit'], 'forum');
$last = COM_checkSpeedlimit('forum');
if ($last > 0) {
$errorMessages .= sprintf($LANG_GF01['SPEEDLIMIT'], $last, $_FF_CONF['post_speedlimit']) . '<br/>';
$okToSave = false;
}
}
// standard edit checks
if (strlen(trim($postData['name'])) < $_FF_CONF['min_username_length'] || strlen(trim($postData['subject'])) < $_FF_CONF['min_subject_length'] || strlen(trim($postData['comment'])) < $_FF_CONF['min_comment_length']) {
$errorMessages .= $LANG_GF02['msg18'] . '<br/>';
$okToSave = false;
}
// CAPTCHA check
if (function_exists('plugin_itemPreSave_captcha') && $okToSave == true) {
if (!isset($postData['captcha'])) {
$postData['captcha'] = '';
}
$msg = plugin_itemPreSave_captcha('forum', $postData['captcha']);
if ($msg != '') {
$errorMessages .= $msg . '<br/>';
$okToSave = false;
}
}
//.........这里部分代码省略.........
示例14: SEC_authenticate
if (!empty($loginname) && !empty($passwd) && empty($service)) {
if (empty($service) && $_CONF['user_login_method']['standard']) {
$status = SEC_authenticate($loginname, $passwd, $uid);
} else {
$status = -1;
}
} elseif ($_CONF['usersubmission'] == 0 && $_CONF['user_login_method']['3rdparty'] && $service != '') {
/* Distributed Authentication */
//pass $loginname by ref so we can change it ;-)
$status = SEC_remoteAuthentication($loginname, $passwd, $service, $uid);
} elseif ($_CONF['user_login_method']['openid'] && $_CONF['usersubmission'] == 0 && !$_CONF['disable_new_user_registration'] && (isset($_GET['openid_login']) && $_GET['openid_login'] == '1')) {
// Here we go with the handling of OpenID authentification.
$query = array_merge($_GET, $_POST);
if (isset($query['identity_url']) && $query['identity_url'] != 'http://') {
$property = sprintf('%x', crc32($query['identity_url']));
COM_clearSpeedlimit($_CONF['login_speedlimit'], 'openid');
if (COM_checkSpeedlimit('openid', $_CONF['login_attempts'], $property) > 0) {
displayLoginErrorAndAbort(82, $LANG12[26], $LANG04[112]);
}
}
require_once $_CONF['path_system'] . 'classes/openidhelper.class.php';
$consumer = new SimpleConsumer();
$handler = new SimpleActionHandler($query, $consumer);
if (isset($query['identity_url']) && $query['identity_url'] != 'http://') {
$identity_url = $query['identity_url'];
$ret = $consumer->find_identity_info($identity_url);
if (!$ret) {
COM_updateSpeedlimit('login');
$property = sprintf('%x', crc32($query['identity_url']));
COM_updateSpeedlimit('openid', $property);
COM_errorLog('Unable to find an OpenID server for the identity URL ' . $identity_url);示例15: SESS_sessionCheck
/**
* This gets the state for the user
*
* Much of this code if from phpBB (www.phpbb.org). This checks the session
* cookie and long term cookie to get the users state.
*
* @return void
*
*/
function SESS_sessionCheck()
{
global $_CONF, $_TABLES, $_USER, $_SESS_VERBOSE;
if ($_SESS_VERBOSE) {
COM_errorLog("*** Inside SESS_sessionCheck ***", 1);
}
$_USER = array();
// Check for a cookie on the users's machine. If the cookie exists, build
// an array of the users info and setup the theme.
// Flag indicates if session cookie and session data exist
$session_exists = true;
if (isset($_COOKIE[$_CONF['cookie_session']])) {
$sessid = COM_applyFilter($_COOKIE[$_CONF['cookie_session']]);
if ($_SESS_VERBOSE) {
COM_errorLog("Got {$sessid} as the session ID", 1);
}
$userid = SESS_getUserIdFromSession($sessid, $_CONF['session_cookie_timeout'], $_SERVER['REMOTE_ADDR'], $_CONF['cookie_ip']);
if ($_SESS_VERBOSE) {
COM_errorLog("Got {$userid} as User ID from the session ID", 1);
}
if ($userid > 1) {
// Check user status
$status = SEC_checkUserStatus($userid);
if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) {
SESS_updateSessionTime($sessid, $_CONF['cookie_ip']);
$_USER = SESS_getUserDataFromId($userid);
if ($_SESS_VERBOSE) {
$str = "Got " . count($_USER) . " pieces of data from userdata \n";
foreach ($_USER as $k => $v) {
$str .= sprintf("%15s [%s] \n", $k, $v);
}
COM_errorLog($str, 1);
}
$_USER['auto_login'] = false;
}
} elseif ($userid == 1) {
// Anonymous User has session so update any information
SESS_updateSessionTime($sessid, $_CONF['cookie_ip']);
} else {
// Session probably expired
$session_exists = false;
}
} else {
if ($_SESS_VERBOSE) {
COM_errorLog("Session cookie not found", 1);
}
$session_exists = false;
}
if ($session_exists === false) {
// Check if the permanent cookie exists
$userid = '';
if (isset($_COOKIE[$_CONF['cookie_name']])) {
$userid = COM_applyFilter($_COOKIE[$_CONF['cookie_name']], true);
}
if (!empty($userid)) {
// Session cookie or session data don't exist, but a permanent cookie does.
// Start a new session cookie and session data;
if ($_SESS_VERBOSE) {
COM_errorLog("Got {$userid} as User ID from the permanent cookie", 1);
}
$cookie_password = '';
$userpass = '';
if ($userid > 1 && isset($_COOKIE[$_CONF['cookie_password']])) {
$cookie_password = $_COOKIE[$_CONF['cookie_password']];
$userpass = DB_getItem($_TABLES['users'], 'passwd', "uid = {$userid}");
}
if (empty($cookie_password) || $cookie_password != $userpass) {
if ($_SESS_VERBOSE) {
COM_errorLog("Password comparison failed or cookie password missing", 1);
}
// Invalid or manipulated cookie data
$ctime = time() - 10000;
SEC_setCookie($_CONF['cookie_session'], '', $ctime);
SEC_setCookie($_CONF['cookie_password'], '', $ctime);
SEC_setCookie($_CONF['cookie_name'], '', $ctime);
COM_clearSpeedlimit($_CONF['login_speedlimit'], 'login');
if (COM_checkSpeedlimit('login', $_CONF['login_attempts']) > 0) {
if (!defined('XHTML')) {
define('XHTML', '');
}
COM_displayMessageAndAbort(82, '', 403, 'Access denied');
}
COM_updateSpeedlimit('login');
} elseif ($userid > 1) {
if ($_SESS_VERBOSE) {
COM_errorLog("Password comparison passed", 1);
}
// Check user status
$status = SEC_checkUserStatus($userid);
if ($status == USER_ACCOUNT_ACTIVE || $status == USER_ACCOUNT_AWAITING_ACTIVATION) {
if ($_SESS_VERBOSE) {
//.........这里部分代码省略.........