当前位置: 首页>>代码示例>>PHP>>正文


PHP SEC_setCookie函数代码示例

本文整理汇总了PHP中SEC_setCookie函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_setCookie函数的具体用法?PHP SEC_setCookie怎么用?PHP SEC_setCookie使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了SEC_setCookie函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: SESS_setSessionCookie

 SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
 PLG_loginUser($_USER['uid']);
 // Now that we handled session cookies, handle longterm cookie
 if (!isset($_COOKIE[$_CONF['cookie_name']]) || !isset($_COOKIE['cookie_password'])) {
     // Either their cookie expired or they are new
     $cooktime = COM_getUserCookieTimeout();
     if ($VERBOSE) {
         COM_errorLog("Trying to set permanent cookie with time of {$cooktime}", 1);
     }
     if ($cooktime > 0) {
         // They want their cookie to persist for some amount of time so set it now
         if ($VERBOSE) {
             COM_errorLog('Trying to set permanent cookie', 1);
         }
         SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
         SEC_setCookie($_CONF['cookie_password'], $_USER['passwd'], time() + $cooktime);
     }
 } else {
     $userid = $_COOKIE[$_CONF['cookie_name']];
     if (empty($userid) || $userid === 'deleted') {
         unset($userid);
     } else {
         $userid = COM_applyFilter($userid, true);
         if ($userid > 1) {
             if ($VERBOSE) {
                 COM_errorLog('NOW trying to set permanent cookie', 1);
                 COM_errorLog('Got ' . $userid . ' from perm cookie in users.php', 1);
             }
             // Create new session
             $userdata = SESS_getUserDataFromId($userid);
             $_USER = $userdata;
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:31,代码来源:users.php

示例2: COM_siteHeader

        //profile
    //profile
    case 'p':
        require_once $_CONF['path_system'] . 'lib-user.php';
        $display = COM_siteHeader('menu', $LANG_CLASSIFIEDS_1['profile']);
        $display .= CLASSIFIEDS_user_menu();
        function_exists('USER_showProfile') ? $display .= USER_showProfile($_GET['u'], true) : ($display .= CLASSIFIEDS_showProfile($_GET['u'], true));
        $display .= COM_siteFooter(1);
        break;
        //Offert
    //Offert
    case 'o':
        $_REQUEST['mode'] == 'o' ? SEC_setCookie('ads_type', 'o') : 0;
        //Demand
    //Demand
    case 'd':
        //Ads list
        $_REQUEST['mode'] == 'd' ? SEC_setCookie('ads_type', 'd') : 0;
    default:
        $display = COM_siteHeader('menu', $LANG_CLASSIFIEDS_1['plugin_name']);
        $display .= CLASSIFIEDS_user_menu();
        if ($_CLASSIFIEDS_CONF['classifieds_main_header'] != '') {
            $display .= '<div>' . PLG_replaceTags($_CLASSIFIEDS_CONF['classifieds_main_header']) . '</div>';
        }
        $display .= CLASSIFIEDS_displayAds(1);
        if ($_CLASSIFIEDS_CONF['clasifieds_main_footer'] != '') {
            $display .= '<div>' . PLG_replaceTags($_CLASSIFIEDS_CONF['classifieds_main_footer']) . '</div>';
        }
        $display .= COM_siteFooter(1);
}
COM_output($display);
开发者ID:Geeklog-Plugins,项目名称:classifieds,代码行数:31,代码来源:index.php

示例3: DB_change

    $status = '';
}
$display = '';
if ($status == USER_ACCOUNT_ACTIVE) {
    DB_change($_TABLES['users'], 'pwrequestid', "NULL", 'uid', $uid);
    $_USER = SESS_getUserDataFromId($uid);
    $sessid = SESS_newSession($_USER['uid'], $_SERVER['REMOTE_ADDR'], $_CONF['session_cookie_timeout'], $_CONF['cookie_ip']);
    SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
    PLG_loginUser($_USER['uid']);
    // Now that we handled session cookies, handle longterm cookie
    if (!isset($_COOKIE[$_CONF['cookie_name']])) {
        // Either their cookie expired or they are new
        $cooktime = COM_getUserCookieTimeout();
        if (!empty($cooktime)) {
            // They want their cookie to persist for some amount of time so set it now
            SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
        }
    }
    if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,syndication.edit', 'OR')) {
        COM_redirect($_CONF['site_admin_url'] . '/index.php');
    } else {
        COM_redirect($_CONF['site_url'] . '/index.php');
    }
} elseif (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') && count(PLG_getAdminOptions()) == 0 && !SEC_hasConfigAccess()) {
    COM_updateSpeedlimit('login');
    $display .= COM_startBlock($LANG20[1]);
    if (!$_CONF['user_login_method']['standard']) {
        $display .= '<p>' . $LANG_LOGIN[2] . '</p>';
    } else {
        if (isset($_POST['warn'])) {
            $display .= $LANG20[2] . '<br' . XHTML . '><br' . XHTML . '>' . COM_accessLog($LANG20[3] . ' ' . $_POST['loginname']);
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:31,代码来源:auth.inc.php

示例4: savepreferences


//.........这里部分代码省略.........
            }
        }
    }
    $TIDS = @array_values($A['topics']);
    $AIDS = @array_values($A['selauthors']);
    $BOXES = @array_values($A['blocks']);
    $ETIDS = @array_values($A['dgtopics']);
    $allowed_etids = USER_buildTopicList();
    $AETIDS = explode(' ', $allowed_etids);
    $tids = '';
    if (sizeof($TIDS) > 0) {
        $tids = DB_escapeString(implode(' ', array_intersect($AETIDS, $TIDS)));
    }
    $aids = '';
    if (sizeof($AIDS) > 0) {
        foreach ($AIDS as $key => $val) {
            $AIDS[$key] = intval($val);
        }
        $aids = DB_escapeString(implode(' ', $AIDS));
    }
    $selectedblocks = '';
    $selectedBoxes = array();
    if (count($BOXES) > 0) {
        foreach ($BOXES as $key => $val) {
            $BOXES[$key] = intval($val);
        }
        $boxes = DB_escapeString(implode(',', $BOXES));
        $blockresult = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$boxes})");
        $numRows = DB_numRows($blockresult);
        for ($x = 1; $x <= $numRows; $x++) {
            $row = DB_fetchArray($blockresult);
            if ($row['name'] != 'user_block' and $row['name'] != 'admin_block' and $row['name'] != 'section_block') {
                $selectedblocks .= $row['bid'];
                if ($x != $numRows) {
                    $selectedblocks .= ' ';
                }
            }
        }
    }
    $etids = '';
    if (sizeof($ETIDS) > 0) {
        $etids = DB_escapeString(implode(' ', array_intersect($AETIDS, $ETIDS)));
    }
    if (isset($A['tzid'])) {
        $A['tzid'] = COM_applyFilter($A['tzid']);
    } else {
        $A['tzid'] = '';
    }
    if (isset($A['theme'])) {
        $A['theme'] = COM_applyFilter($A['theme']);
    }
    if (empty($A['theme'])) {
        $A['theme'] = $_CONF['theme'];
    }
    if (isset($A['language'])) {
        $A['language'] = COM_applyFilter($A['language']);
    }
    if (empty($A['language'])) {
        $A['language'] = $_CONF['language'];
    }
    if (isset($A['search_result_format'])) {
        $A['search_result_format'] = COM_applyFilter($A['search_result_format']);
    } else {
        $A['search_result_format'] = 'google';
    }
    // Save theme, when doing so, put in cookie so we can set the user's theme
    // even when they aren't logged in
    $theme = DB_escapeString($A['theme']);
    $language = DB_escapeString($A['language']);
    DB_query("UPDATE {$_TABLES['users']} SET theme='{$theme}',language='{$language}' WHERE uid = {$_USER['uid']}");
    SEC_setCookie($_CONF['cookie_theme'], $A['theme'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    SEC_setCookie($_CONF['cookie_language'], $A['language'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    SEC_setCookie($_CONF['cookie_tzid'], $A['tzid'], time() + 31536000, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    $A['dfid'] = (int) COM_applyFilter($A['dfid'], true);
    DB_query("UPDATE {$_TABLES['userprefs']} SET search_result_format='" . DB_escapeString($A['search_result_format']) . "',noicons=" . (int) $A['noicons'] . ", willing=" . (int) $A['willing'] . ", dfid=" . (int) $A['dfid'] . ", tzid='" . DB_escapeString($A['tzid']) . "', emailfromadmin='" . DB_escapeString($A['emailfromadmin']) . "', emailfromuser=" . (int) $A['emailfromuser'] . ", showonline=" . (int) $A['showonline'] . " WHERE uid=" . (int) $_USER['uid']);
    if (empty($etids)) {
        $etids = '-';
    }
    DB_save($_TABLES['userindex'], "uid,tids,aids,boxes,noboxes,maxstories,etids", "{$_USER['uid']},'{$tids}','{$aids}','{$selectedblocks}'," . (int) $A['noboxes'] . "," . (int) $A['maxstories'] . ",'{$etids}'");
    $A['commentmode'] = COM_applyFilter($A['commentmode']);
    if (empty($A['commentmode'])) {
        $A['commentmode'] = $_CONF['comment_mode'];
    }
    $A['commentmode'] = DB_escapeString($A['commentmode']);
    $A['commentorder'] = COM_applyFilter($A['commentorder']);
    $A['commentorder'] = strtoupper($A['commentorder']) == 'DESC' ? 'DESC' : 'ASC';
    $A['commentorder'] = DB_escapeString($A['commentorder']);
    $A['commentlimit'] = COM_applyFilter($A['commentlimit'], true);
    if ($A['commentlimit'] <= 0) {
        $A['commentlimit'] = $_CONF['comment_limit'];
    }
    DB_save($_TABLES['usercomment'], 'uid,commentmode,commentorder,commentlimit', "{$_USER['uid']},'{$A['commentmode']}','{$A['commentorder']}'," . (int) $A['commentlimit']);
    $subscription_deletes = @array_values($A['subdelete']);
    if (is_array($subscription_deletes)) {
        foreach ($subscription_deletes as $subid) {
            DB_delete($_TABLES['subscriptions'], 'sub_id', (int) $subid);
        }
    }
    PLG_userInfoChanged($_USER['uid']);
}
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:usersettings.php

示例5: saveuser


//.........这里部分代码省略.........
                DB_change($_TABLES['users'], 'username', $A['new_username'], "uid", $_USER['uid']);
            } else {
                return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=51');
            }
        }
    }
    // a quick spam check with the unfiltered field contents
    $profile = '<h1>' . $LANG04[1] . ' ' . $_USER['username'] . '</h1>' . '<p>' . COM_createLink($A['homepage'], $A['homepage']) . '<br' . XHTML . '>' . $A['location'] . '<br' . XHTML . '>' . $A['sig'] . '<br' . XHTML . '>' . $A['about'] . '<br' . XHTML . '>' . $A['pgpkey'] . '</p>';
    $result = PLG_checkforSpam($profile, $_CONF['spamx']);
    if ($result > 0) {
        COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
    }
    $A['email'] = COM_applyFilter($A['email']);
    $A['email_conf'] = COM_applyFilter($A['email_conf']);
    $A['homepage'] = COM_applyFilter($A['homepage']);
    // basic filtering only
    $A['fullname'] = strip_tags(COM_stripslashes($A['fullname']));
    $A['location'] = strip_tags(COM_stripslashes($A['location']));
    $A['sig'] = strip_tags(COM_stripslashes($A['sig']));
    $A['about'] = strip_tags(COM_stripslashes($A['about']));
    $A['pgpkey'] = strip_tags(COM_stripslashes($A['pgpkey']));
    if (!COM_isEmail($A['email'])) {
        return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=52');
    } else {
        if ($A['email'] !== $A['email_conf']) {
            return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=78');
        } else {
            if (emailAddressExists($A['email'], $_USER['uid'])) {
                return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=56');
            } else {
                if (!empty($A['passwd'])) {
                    if ($A['passwd'] == $A['passwd_conf'] && SEC_encryptPassword($A['old_passwd']) == $current_password) {
                        $passwd = SEC_encryptPassword($A['passwd']);
                        DB_change($_TABLES['users'], 'passwd', "{$passwd}", "uid", $_USER['uid']);
                        if ($A['cooktime'] > 0) {
                            $cooktime = $A['cooktime'];
                        } else {
                            $cooktime = -1000;
                        }
                        SEC_setCookie($_CONF['cookie_password'], $passwd, time() + $cooktime);
                    } elseif (SEC_encryptPassword($A['old_passwd']) != $current_password) {
                        return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=68');
                    } elseif ($A['passwd'] != $A['passwd_conf']) {
                        return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=67');
                    }
                }
                if ($_US_VERBOSE) {
                    COM_errorLog('cooktime = ' . $A['cooktime'], 1);
                }
                if ($A['cooktime'] <= 0) {
                    $cooktime = 1000;
                    SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() - $cooktime);
                } else {
                    SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $A['cooktime']);
                }
                if ($_CONF['allow_user_photo'] == 1) {
                    $delete_photo = '';
                    if (isset($A['delete_photo'])) {
                        $delete_photo = $A['delete_photo'];
                    }
                    $filename = handlePhotoUpload($delete_photo);
                }
                if (!empty($A['homepage'])) {
                    $pos = MBYTE_strpos($A['homepage'], ':');
                    if ($pos === false) {
                        $A['homepage'] = 'http://' . $A['homepage'];
                    } else {
                        $prot = substr($A['homepage'], 0, $pos + 1);
                        if ($prot != 'http:' && $prot != 'https:') {
                            $A['homepage'] = 'http:' . substr($A['homepage'], $pos + 1);
                        }
                    }
                    $A['homepage'] = addslashes($A['homepage']);
                }
                $A['fullname'] = addslashes($A['fullname']);
                $A['email'] = addslashes($A['email']);
                $A['location'] = addslashes($A['location']);
                $A['sig'] = addslashes($A['sig']);
                $A['about'] = addslashes($A['about']);
                $A['pgpkey'] = addslashes($A['pgpkey']);
                if (!empty($filename)) {
                    if (!file_exists($_CONF['path_images'] . 'userphotos/' . $filename)) {
                        $filename = '';
                    }
                }
                DB_query("UPDATE {$_TABLES['users']} SET fullname='{$A['fullname']}',email='{$A['email']}',homepage='{$A['homepage']}',sig='{$A['sig']}',cookietimeout={$A['cooktime']},photo='{$filename}' WHERE uid={$_USER['uid']}");
                DB_query("UPDATE {$_TABLES['userinfo']} SET pgpkey='{$A['pgpkey']}',about='{$A['about']}',location='{$A['location']}' WHERE uid={$_USER['uid']}");
                // Call custom registration save function if enabled and exists
                if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
                    CUSTOM_userSave($_USER['uid']);
                }
                PLG_userInfoChanged($_USER['uid']);
                if ($_US_VERBOSE) {
                    COM_errorLog('**** Leaving saveuser in usersettings.php ****', 1);
                }
                return COM_refresh($_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $_USER['uid'] . '&amp;msg=5');
            }
        }
    }
}
开发者ID:hostellerie,项目名称:nexpro,代码行数:101,代码来源:usersettings.php

示例6: SESS_endUserSession

<?php

/* Reminder: always indent with 4 spaces (no tabs). */
//admin/plugins/databox/job/makecache.php
//権限チェックはしていません
//当プログラムを置くディレクトリは、BASIC認証を付加することを推奨します
//デバック用 true にすると、ログを出力します
$_CACHE_VERBOSE = false;
//↓ディレクトリ位置が変わる場合は修正してください
include '../../../../lib-common.php';
//静的ページキャッシュファイル作成
require_once $_CONF['path'] . 'plugins/databox/fnc_databoxcache.inc';
//強制的にログアウトする
if (!empty($_USER['uid']) and $_USER['uid'] > 1) {
    SESS_endUserSession($_USER['uid']);
    PLG_logoutUser($_USER['uid']);
}
SEC_setCookie($_CONF['cookie_session'], '', time() - 10000);
SEC_setCookie($_CONF['cookie_password'], '', time() - 10000);
SEC_setCookie($_CONF['cookie_name'], '', time() - 10000);
//★fnc_putcache("data"	,"データのcode" ,"テンプレートディレクトリ");
//   データ(ヘッダフッタなし)
//★fnc_putcache("category"	,"カテゴリのcode" ,"テンプレートディレクトリ");
//   カテゴリ(ヘッダフッタなし)
//★fnc_putcache("datapage"	,"データのcode" ,"テンプレートディレクトリ");
//	 データページ(ヘッダフッタは、設定による)
//★fnc_putcache("categorypage"	,"カテゴリのcode" ,"テンプレートディレクトリ");
//   カテゴリページ(ヘッダフッタは、設定による)
fnc_databoxcache("category", "xxxx1");
//ホームに遷移
echo COM_refresh($_CONF['site_url'] . '/index.php');
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:31,代码来源:makecache.php

示例7: SESS_setSessionCookie

 SESS_setSessionCookie($sessid, $_CONF['session_cookie_timeout'], $_CONF['cookie_session'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
 PLG_loginUser($_USER['uid']);
 // Now that we handled session cookies, handle longterm cookie
 if (!isset($_COOKIE[$_CONF['cookie_name']]) || !isset($_COOKIE['password'])) {
     // Either their cookie expired or they are new
     $cooktime = COM_getUserCookieTimeout();
     if ($VERBOSE) {
         COM_errorLog("Trying to set permanent cookie with time of {$cooktime}", 1);
     }
     if ($cooktime > 0) {
         // They want their cookie to persist for some amount of time so set it now
         if ($VERBOSE) {
             COM_errorLog('Trying to set permanent cookie', 1);
         }
         SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
         SEC_setCookie($_CONF['cookie_password'], SEC_encryptPassword($passwd), time() + $cooktime);
     }
 } else {
     $userid = $_COOKIE[$_CONF['cookie_name']];
     if (empty($userid) || $userid == 'deleted') {
         unset($userid);
     } else {
         $userid = COM_applyFilter($userid, true);
         if ($userid > 1) {
             if ($VERBOSE) {
                 COM_errorLog('NOW trying to set permanent cookie', 1);
                 COM_errorLog('Got ' . $userid . ' from perm cookie in users.php', 1);
             }
             // Create new session
             $userdata = SESS_getUserDataFromId($userid);
             $_USER = $userdata;
开发者ID:hostellerie,项目名称:nexpro,代码行数:31,代码来源:users.php

示例8: sreq_userinfo_response

 public function sreq_userinfo_response($query)
 {
     $userinfo = array();
     // COM_errorLog("BASE:sreq_userinfo_response()------------------");
     try {
         $this->token = $_COOKIE['request_token'];
         $this->token_secret = $_COOKIE['request_token_secret'];
         $verifier = $query[$this->callback_query_string];
         // clear cookies
         SEC_setCookie($_COOKIE['request_token'], '', time() - 10000);
         SEC_setCookie($_COOKIE['request_token_secret'], '', time() - 10000);
         $this->consumer = new HTTP_OAuth_Consumer($this->consumer_key, $this->consumer_secret, $this->token, $this->token_secret);
         $this->consumer->accept($this->request);
         $this->consumer->getAccessToken($this->url_accessToken, $verifier, array(), $this->method_accessToken);
         $this->token = $this->consumer->getToken();
         $this->token_secret = $this->consumer->getTokenSecret();
         $this->consumer->setToken($this->token);
         $this->consumer->setTokenSecret($this->token_secret);
         $response = $this->consumer->sendRequest($this->url_userinfo, array(), $this->method_userinfo);
         if ($response->getStatus() !== 200) {
             $this->errormsg = $response->getStatus() . ' : ' . $response->getBody();
         } else {
             $userinfo = simplexml_load_string($response->getBody());
         }
     } catch (HTTP_OAuth_Consumer_Exception_Invalid_Response $e) {
         $this->errormsg = get_class($e) . ': ' . $e->getBody();
     } catch (Exception $e) {
         $this->errormsg = get_class($e) . ': ' . $e->getMessage();
     }
     return $userinfo;
 }
开发者ID:alxstuart,项目名称:ajfs.me,代码行数:31,代码来源:oauthhelper.class.php

示例9: urldecode

         $getdata = urldecode($_POST['token_getdata']);
     }
     $filedata = '';
     if (isset($_POST['token_filedata'])) {
         $filedata = urldecode($_POST['token_filedata']);
     }
     $display = COM_siteHeader('menu');
     $display .= SEC_reauthform($destination, $LANG20[9], $method, $postdata, $getdata, $filedata);
     $display .= COM_siteFooter();
     echo $display;
     exit;
 }
 COM_resetSpeedlimit('login', $_SERVER['REMOTE_ADDR']);
 if ($_SYSTEM['admin_session'] != 0) {
     $token = SEC_createTokenGeneral('administration', $_SYSTEM['admin_session']);
     SEC_setCookie('token', $token, 0, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
 }
 if ($currentUID != $_USER['uid']) {
     // remove tokens for previous user
     if ($currentUID > 1) {
         DB_delete($_TABLES['tokens'], 'owner_id', (int) $currentUID);
     }
     echo COM_refresh($destination);
     exit;
 }
 $method = '';
 if (isset($_POST['token_requestmethod'])) {
     $method = COM_applyFilter($_POST['token_requestmethod']);
 }
 $postdata = '';
 if (isset($_POST['token_postdata'])) {
开发者ID:spacequad,项目名称:glfusion,代码行数:31,代码来源:auth.inc.php

示例10: STORY_edit


//.........这里部分代码省略.........
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
        $featured_options_data = COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured'));
        $story_templates->set_var('featured_options_data', $featured_options_data);
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"/>";
        $story_templates->unset_var('featured_options_data');
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('lang_publishdate', $LANG24[69]);
    $story_templates->set_var('lang_nojavascript', $LANG24[77]);
    $story_templates->set_var('postmode', $story->EditElements('postmode'));
    if ($story->EditElements('postmode') == 'plaintext' || $story->EditElements('postmode') == 'text') {
        $allowedHTML = '';
    } else {
        $allowedHTML = COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>';
    }
    $allowedHTML .= COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story');
    $story_templates->set_var('lang_allowed_html', $allowedHTML);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($story->getSid()));
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($story->getSid()) . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']" /><br />';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file[]' . '" />';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br />';
            }
        }
        $fileinputs .= '<br />' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br />';
    }
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($_CONF['rating_enabled']) {
        $rating = @number_format($story->EditElements('rating'), 2);
        $votes = $story->EditElements('votes');
        $story_templates->set_var('rating', $rating);
        $story_templates->set_var('votes', $votes);
    }
    $story_templates->set_var('attribution_url', $story->EditElements('attribution_url'));
    $story_templates->set_var('attribution_name', $story->EditElements('attribution_name'));
    $story_templates->set_var('attribution_author', $story->EditElements('attribution_author'));
    $story_templates->set_var('lang_attribution_url', $LANG24[105]);
    $story_templates->set_var('lang_attribution_name', $LANG24[106]);
    $story_templates->set_var('lang_attribution_author', $LANG24[107]);
    $story_templates->set_var('lang_attribution', $LANG24[108]);
    $sec_token_name = CSRF_TOKEN;
    $sec_token = SEC_createToken();
    $story_templates->set_var('story_id', $story->getSid());
    $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $saveoption);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('lang_timeout', $LANG_ADMIN['timeout_msg']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $story_templates->set_var('gltoken', $sec_token);
    $story_templates->set_var('security_token', $sec_token);
    $story_templates->set_var('security_token_name', $sec_token_name);
    $story_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    PLG_templateSetVars('storyeditor', $story_templates);
    if ($story->EditElements('postmode') != 'html') {
        $story_templates->unset_var('wysiwyg');
    }
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    $story_templates->parse('output', 'editor');
    $display .= $story_templates->finish($story_templates->get_var('output'));
    return $display;
}
开发者ID:spacequad,项目名称:glfusion,代码行数:101,代码来源:story.php

示例11: USER_mergeAccounts

/**
* Merge User Accounts
*
* This validates the entered password and then merges a remote
* account with a local account.
*
* @return   string          HTML merge form if error, redirect on success
*
*/
function USER_mergeAccounts()
{
    global $_CONF, $_SYSTEM, $_TABLES, $_USER, $LANG04, $LANG12, $LANG20;
    $retval = '';
    $remoteUID = COM_applyFilter($_POST['remoteuid'], true);
    $localUID = COM_applyFilter($_POST['localuid'], true);
    $localpwd = $_POST['localp'];
    $localResult = DB_query("SELECT * FROM {$_TABLES['users']} WHERE uid=" . (int) $localUID);
    $localRow = DB_fetchArray($localResult);
    if (SEC_check_hash($localpwd, $localRow['passwd'])) {
        // password is valid
        $sql = "SELECT * FROM {$_TABLES['users']} WHERE remoteusername <> '' and email='" . DB_escapeString($localRow['email']) . "'";
        $result = DB_query($sql);
        $numRows = DB_numRows($result);
        if ($numRows == 1) {
            $remoteRow = DB_fetchArray($result);
            if ($remoteUID == $remoteRow['uid']) {
                $remoteUID = (int) $remoteRow['uid'];
                $remoteService = substr($remoteRow['remoteservice'], 6);
            } else {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
            }
        } else {
            echo COM_refresh($_CONF['site_url'] . '/index.php');
        }
        $sql = "UPDATE {$_TABLES['users']} SET remoteusername='" . DB_escapeString($remoteRow['remoteusername']) . "'," . "remoteservice='" . DB_escapeString($remoteRow['remoteservice']) . "', " . "account_type=3 " . " WHERE uid=" . (int) $localUID;
        DB_query($sql);
        $_USER['uid'] = $localRow['uid'];
        $local_login = true;
        SESS_completeLogin($localUID);
        $_GROUPS = SEC_getUserGroups($_USER['uid']);
        $_RIGHTS = explode(',', SEC_getUserPermissions());
        if ($_SYSTEM['admin_session'] > 0 && $local_login) {
            if (SEC_isModerator() || SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') || count(PLG_getAdminOptions()) > 0) {
                $admin_token = SEC_createTokenGeneral('administration', $_SYSTEM['admin_session']);
                SEC_setCookie('token', $admin_token, 0, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], true);
            }
        }
        COM_resetSpeedlimit('login');
        // log the user out
        SESS_endUserSession($remoteUID);
        // Let plugins know a user is being merged
        PLG_moveUser($remoteUID, $_USER['uid']);
        // Ok, now delete everything related to this user
        // let plugins update their data for this user
        PLG_deleteUser($remoteUID);
        if (function_exists('CUSTOM_userDeleteHook')) {
            CUSTOM_userDeleteHook($remoteUID);
        }
        // Call custom account profile delete function if enabled and exists
        if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDelete')) {
            CUSTOM_userDelete($remoteUID);
        }
        // remove from all security groups
        DB_delete($_TABLES['group_assignments'], 'ug_uid', $remoteUID);
        // remove user information and preferences
        DB_delete($_TABLES['userprefs'], 'uid', $remoteUID);
        DB_delete($_TABLES['userindex'], 'uid', $remoteUID);
        DB_delete($_TABLES['usercomment'], 'uid', $remoteUID);
        DB_delete($_TABLES['userinfo'], 'uid', $remoteUID);
        // delete user photo, if enabled & exists
        if ($_CONF['allow_user_photo'] == 1) {
            $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$remoteUID}");
            USER_deletePhoto($photo, false);
        }
        // delete subscriptions
        DB_delete($_TABLES['subscriptions'], 'uid', $remoteUID);
        // in case the user owned any objects that require Admin access, assign
        // them to the Root user with the lowest uid
        $rootgroup = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
        $result = DB_query("SELECT DISTINCT ug_uid FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = '{$rootgroup}' ORDER BY ug_uid LIMIT 1");
        $A = DB_fetchArray($result);
        $rootuser = $A['ug_uid'];
        if ($rootuser == '' || $rootuser < 2) {
            $rootuser = 2;
        }
        DB_query("UPDATE {$_TABLES['blocks']} SET owner_id = {$rootuser} WHERE owner_id = {$remoteUID}");
        DB_query("UPDATE {$_TABLES['topics']} SET owner_id = {$rootuser} WHERE owner_id = {$remoteUID}");
        // now delete the user itself
        DB_delete($_TABLES['users'], 'uid', $remoteUID);
    } else {
        // invalid password - let's try one more time
        // need to set speed limit and give them 3 tries
        COM_clearSpeedlimit($_CONF['login_speedlimit'], 'merge');
        $last = COM_checkSpeedlimit('merge', 4);
        if ($last > 0) {
            COM_setMsg($LANG04[190], 'error');
            echo COM_refresh($_CONF['site_url'] . '/users.php');
        } else {
            COM_updateSpeedlimit('merge');
            USER_mergeAccountScreen($remoteUID, $localUID, $LANG20[3]);
//.........这里部分代码省略.........
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:lib-user.php

示例12: BLOCK_save

/**
* Saves a block
*
* @param    string  $bid            Block ID
* @param    string  $name           Block name
* @param    string  $title          Block title
* @param    string  $type           Type of block
* @param    int     $blockorder     Order block appears relative to the others
* @param    string  $content        Content of block
* @param    string  $tid            Topic block should appear in
* @param    string  $rdfurl         URL to headline feed for portal blocks
* @param    string  $rdfupdated     Date RSS/RDF feed was last updated
* @param    string  $rdflimit       max. number of entries to import from feed
* @param    string  $phpblockfn     Name of php function to call to get content
* @param    int     $onleft         Flag indicates if block shows up on left or right
* @param    int     $owner_id       ID of owner
* @param    int     $group_id       ID of group block belongs to
* @param    array   $perm_owner     Permissions the owner has on the object
* @param    array   $perm_group     Permissions the group has on the object
* @param    array   $perm_members   Permissions the logged in members have
* @param    array   $perm_anon      Permissinos anonymous users have
* @param    int     $is_enabled     Flag, indicates if block is enabled or not
* @param    int     $allow_autotags Flag, indicates if autotags are enabed or not
* @return   string                  HTML redirect or error message
*
*/
function BLOCK_save($bid, $name, $title, $help, $type, $blockorder, $content, $tid, $rdfurl, $rdfupdated, $rdflimit, $phpblockfn, $onleft, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_enabled, $allow_autotags)
{
    global $_CONF, $_TABLES, $LANG01, $LANG21, $MESSAGE;
    $retval = '';
    $B['bid'] = (int) $bid;
    $B['name'] = $name;
    $B['title'] = $title;
    $B['type'] = $type;
    $B['blockorder'] = $blockorder;
    $B['content'] = $content;
    $B['tid'] = $tid;
    $B['rdfurl'] = $rdfurl;
    $B['rdfupdated'] = $rdfupdated;
    $B['rdflimit'] = $rdflimit;
    $B['phpblockfn'] = $phpblockfn;
    $B['onleft'] = $onleft;
    $B['owner_id'] = $owner_id;
    $B['group_id'] = $group_id;
    $B['perm_owner'] = $perm_owner;
    $B['perm_group'] = $perm_group;
    $B['perm_members'] = $perm_members;
    $B['perm_anon'] = $perm_anon;
    $B['is_enabled'] = $is_enabled;
    $B['allow_autotags'] = $allow_autotags;
    $bid = (int) $bid;
    $MenuElementAllowedHTML = "i[class|style],div[class|style],span[class|style],img[src|class|style],em,strong,del,ins,q,abbr,dfn,small";
    $filter = sanitizer::getInstance();
    $allowedElements = $filter->makeAllowedElements($MenuElementAllowedHTML);
    $filter->setAllowedElements($allowedElements);
    $filter->setPostmode('html');
    $title = $filter->filterHTML($title);
    $title = DB_escapeString($title);
    $phpblockfn = DB_escapeString(trim($phpblockfn));
    if (empty($title) || !BLOCK_validateName($name)) {
        if (empty($title)) {
            $msg = $LANG21[64];
        } else {
            $msg = $LANG21[70];
        }
        SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
        $retval .= COM_siteHeader('menu', $LANG21[63]) . COM_showMessageText($msg, $LANG21[63], true) . BLOCK_edit($bid, $B) . COM_siteFooter();
        return $retval;
    }
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $access = 0;
    if ($bid > 0 && DB_count($_TABLES['blocks'], 'bid', $bid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['blocks']} WHERE bid = '{$bid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !BLOCK_hasTopicAccess($tid) || !SEC_inGroup($group_id)) {
        $retval .= COM_siteHeader('menu', $MESSAGE[30]);
        $retval .= COM_showMessageText($MESSAGE[33], $MESSAGE[30], true);
        $retval .= COM_siteFooter();
        COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
        return $retval;
    } elseif ($type == 'normal' && !empty($title) && !empty($content) or $type == 'portal' && !empty($title) && !empty($rdfurl) or $type == 'gldefault' && strlen($blockorder) > 0 or $type == 'phpblock' && !empty($phpblockfn) && !empty($title)) {
        if ($is_enabled == 'on') {
            $is_enabled = 1;
        } else {
            $is_enabled = 0;
        }
        if ($allow_autotags == 1) {
            $allow_autotags = 1;
        } else {
            $allow_autotags = 0;
        }
        if ($type == 'portal') {
            $content = '';
            $rdfupdated = '';
            $phpblockfn = '';
//.........这里部分代码省略.........
开发者ID:spacequad,项目名称:glfusion,代码行数:101,代码来源:block.php

示例13: DB_escapeString

    die;
}
if (!isset($_COOKIE['token'])) {
    die;
}
$sql = "SELECT * FROM {$_TABLES['tokens']} WHERE token='" . DB_escapeString($token) . "'";
$result = DB_query($sql);
if (DB_numRows($result) != 1) {
    die;
}
$advtoken = COM_applyFilter($_COOKIE[$_CONF['cookie_name'] . 'adveditor']);
$sql = "SELECT * FROM {$_TABLES['tokens']} WHERE token='" . DB_escapeString($advtoken) . "'";
$result = DB_query($sql);
if (DB_numRows($result) != 1) {
    die;
}
$admtoken = COM_applyFilter($_COOKIE['token']);
$sql = "SELECT * FROM {$_TABLES['tokens']} WHERE token='" . DB_escapeString($admtoken) . "'";
$result = DB_query($sql);
if (DB_numRows($result) != 1) {
    die;
}
// refresh tokens
$sql = "UPDATE {$_TABLES['tokens']} SET created=NOW() WHERE token='" . DB_escapeString($token) . "'";
DB_query($sql);
$sql = "UPDATE {$_TABLES['tokens']} SET created=NOW() WHERE token='" . DB_escapeString($advtoken) . "'";
DB_query($sql);
SEC_setCookie($_CONF['cookie_name'] . 'adveditor', $advtoken, time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
$sql = "UPDATE {$_TABLES['tokens']} SET created=NOW() WHERE token='" . DB_escapeString($admtoken) . "'";
DB_query($sql);
exit;
开发者ID:spacequad,项目名称:glfusion,代码行数:31,代码来源:refresh.php

示例14: saveuser


//.........这里部分代码省略.........
    $profile .= $A['location'] . '<br' . XHTML . '>' . $A['sig'] . '<br' . XHTML . '>' . $A['about'] . '<br' . XHTML . '>' . $A['pgpkey'] . '</p>';
    $result = PLG_checkforSpam($profile, $_CONF['spamx']);
    if ($result > 0) {
        COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
    }
    $A['email'] = COM_applyFilter($A['email']);
    $A['email_conf'] = COM_applyFilter($A['email_conf']);
    $A['homepage'] = COM_applyFilter($A['homepage']);
    // basic filtering only
    $A['fullname'] = strip_tags(COM_stripslashes($A['fullname']));
    $A['location'] = strip_tags(COM_stripslashes($A['location']));
    $A['sig'] = strip_tags(COM_stripslashes($A['sig']));
    $A['about'] = strip_tags(COM_stripslashes($A['about']));
    $A['pgpkey'] = strip_tags(COM_stripslashes($A['pgpkey']));
    if (!COM_isEmail($A['email'])) {
        return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=52');
    } else {
        if ($A['email'] !== $A['email_conf']) {
            return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=78');
        } else {
            if (emailAddressExists($A['email'], $_USER['uid'])) {
                return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=56');
            } else {
                $passwd = '';
                if ($service == '') {
                    if (!empty($A['passwd'])) {
                        if ($A['passwd'] == $A['passwd_conf'] && SEC_encryptUserPassword($A['old_passwd'], $_USER['uid']) == 0) {
                            SEC_updateUserPassword($A['passwd'], $_USER['uid']);
                            if ($A['cooktime'] > 0) {
                                $cooktime = $A['cooktime'];
                            } else {
                                $cooktime = -1000;
                            }
                            SEC_setCookie($_CONF['cookie_password'], $passwd, time() + $cooktime);
                        } elseif (SEC_encryptUserPassword($A['old_passwd'], $_USER['uid']) < 0) {
                            return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=68');
                        } elseif ($A['passwd'] != $A['passwd_conf']) {
                            return COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=67');
                        }
                    }
                } else {
                    // Cookie
                    if ($A['cooktime'] > 0) {
                        $cooktime = $A['cooktime'];
                    } else {
                        $cooktime = -1000;
                    }
                    SEC_setCookie($_CONF['cookie_password'], $passwd, time() + $cooktime);
                }
                if ($_US_VERBOSE) {
                    COM_errorLog('cooktime = ' . $A['cooktime'], 1);
                }
                if ($A['cooktime'] <= 0) {
                    $cooktime = 1000;
                    SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() - $cooktime);
                } else {
                    SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $A['cooktime']);
                }
                if ($_CONF['allow_user_photo'] == 1) {
                    $delete_photo = '';
                    if (isset($A['delete_photo'])) {
                        $delete_photo = $A['delete_photo'];
                    }
                    $filename = handlePhotoUpload($delete_photo);
                }
                if (!empty($A['homepage'])) {
开发者ID:milk54,项目名称:geeklog-japan,代码行数:67,代码来源:usersettings.php

示例15: FF_postEditor


//.........这里部分代码省略.........
            } else {
                $notify_val = '';
            }
            $notify_prompt = $LANG_GF02['msg38'] . '<br/><input type="checkbox" name="notify" ' . $notify_val . '/>';
            $locked_prompt = '';
        } else {
            $notify_prompt = '';
            $locked_prompt = '';
        }
    }
    if ($postData['postmode'] == 'html' || $postData['postmode'] == 'HTML') {
        $postmode_msg = $LANG_GF01['TEXTMODE'];
        $postData['postmode'] = 'html';
    } else {
        $peTemplate->unset_var('show_htmleditor');
        $postmode_msg = $LANG_GF01['HTMLMODE'];
    }
    if ($_FF_CONF['allow_html'] || SEC_inGroup('Root') || SEC_hasRights('forum.html')) {
        if ($action == 'edittopic') {
            $mode_prompt = $postmode_msg . '<br/><input type="checkbox" name="postmode_switch" value="1"/><input type="hidden" name="postmode" value="' . $postData['postmode'] . '"/>';
        }
    }
    if ($action == 'edittopic') {
        $peTemplate->set_var('bbcodeeditor', true);
    }
    $postData['subject'] = str_replace('"', '&quot;', $postData['subject']);
    if (!$_FF_CONF['allow_smilies']) {
        $smilies = '';
    } else {
        $smilies = forumPLG_showsmilies(0);
    }
    $disable_bbcode_prompt = $LANG_GF01['disable_bbcode'] . '&nbsp;<input type="checkbox" name="disable_bbcode" value="1" ' . $disable_bbcode_val . '/>';
    if ($_FF_CONF['allow_smilies']) {
        $disable_smilies_prompt = $LANG_GF01['disable_smilies'] . '&nbsp;<input type="checkbox" name="disable_smilies" value="1"' . $disable_smilies_val . ' />';
    } else {
        $disable_smilies_prompt = '';
    }
    $disable_urlparse_prompt = $LANG_GF01['disable_urlparse'] . '&nbsp;<input type="checkbox" name="disable_urlparse" value="1"' . $disable_urlparse_val . ' />';
    $peTemplate->set_var('comment', @htmlspecialchars($postData['comment'], ENT_QUOTES, COM_getEncodingt()));
    $peTemplate->set_var(array('edit_val' => $edit_val, 'sticky_val' => $sticky_val, 'postmode_msg' => $postmode_msg, 'notify_val' => $notify_val, 'disable_bbcode_val' => $disable_bbcode_val, 'disable_smilies_val' => $disable_smilies_val, 'disable_urlparse_val' => $disable_urlparse_val, 'bbcode_prompt' => $disable_bbcode_prompt, 'smilies_prompt' => $disable_smilies_prompt, 'urlparse_prompt' => $disable_urlparse_prompt, 'LANG_SUBJECT' => $LANG_GF01['SUBJECT'], 'LANG_OPTIONS' => $LANG_GF01['OPTIONS'], 'mode_prompt' => isset($mode_prompt) ? $mode_prompt : '', 'notify_prompt' => $notify_prompt, 'locked_prompt' => $locked_prompt, 'sticky_prompt' => isset($sticky_prompt) ? $sticky_prompt : '', 'edit_prompt' => $edit_prompt, 'LANG_SUBMIT' => $LANG_GF01['SUBMIT'], 'LANG_PREVIEW' => $LANG_GF01['PREVIEW'], 'subject' => $postData['subject'], 'smilies' => $smilies, 'LANG_attachments' => $LANG_GF10['attachments'], 'LANG_maxattachments' => sprintf($LANG_GF10['maxattachments'], $_FF_CONF['maxattachments']), 'postmode' => $postData['postmode']));
    // Check and see if the filemgmt plugin is installed and enabled
    if (function_exists('filemgmt_buildAccessSql') && $_FF_CONF['enable_fm_integration'] == 1) {
        $peTemplate->set_var('filemgmt_category_options', gf_makeFilemgmtCatSelect($uid));
        $peTemplate->set_var('LANG_usefilemgmt', $LANG_GF10['usefilemgmt']);
        $peTemplate->set_var('LANG_description', $LANG_GF10['description']);
        $peTemplate->set_var('LANG_category', $LANG_GF10['category']);
    } else {
        $peTemplate->set_var('show_filemgmt_option', 'none');
    }
    if (COM_isAnonUser()) {
        $peTemplate->set_var('hide_notify', 'none');
    }
    if (function_exists('plugin_templatesetvars_captcha')) {
        plugin_templatesetvars_captcha('forum', $peTemplate);
    } else {
        $peTemplate->set_var('captcha', '');
    }
    if ($postData['id'] > 0) {
        $peTemplate->set_var('topic_id', $postData['id']);
    }
    $peTemplate->set_var(array('navbreadcrumbsimg' => _ff_getImage('nav_breadcrumbs'), 'navtopicimg' => _ff_getImage('nav_topic'), 'form_action' => $_CONF['site_url'] . '/forum/createtopic.php', 'referer' => $forumData['referer'], 'forum_id' => $forumData['forum'], 'cat_name' => $postData['cat_name'], 'cat_id' => $forumData['forum_cat'], 'forum_name' => $postData['forum_name'], 'subject' => @htmlspecialchars($postData['subject'], ENT_QUOTES, COM_getEncodingt()), 'LANG_HOME' => $LANG_GF01['HOMEPAGE'], 'forum_home' => $LANG_GF01['INDEXPAGE'], 'hidden_id' => $postData['id'], 'page' => $forumData['page'], 'LANG_bhelp' => $LANG_GF01['b_help'], 'LANG_ihelp' => $LANG_GF01['i_help'], 'LANG_uhelp' => $LANG_GF01['u_help'], 'LANG_qhelp' => $LANG_GF01['q_help'], 'LANG_chelp' => $LANG_GF01['c_help'], 'LANG_lhelp' => $LANG_GF01['l_help'], 'LANG_ohelp' => $LANG_GF01['o_help'], 'LANG_phelp' => $LANG_GF01['p_help'], 'LANG_whelp' => $LANG_GF01['w_help'], 'LANG_ahelp' => $LANG_GF01['a_help'], 'LANG_shelp' => $LANG_GF01['s_help'], 'LANG_fhelp' => $LANG_GF01['f_help'], 'LANG_hhelp' => $LANG_GF01['h_help'], 'LANG_thelp' => $LANG_GF01['t_help'], 'LANG_ehelp' => $LANG_GF01['e_help'], 'LANG_code' => $LANG_GF01['CODE'], 'LANG_fontcolor' => $LANG_GF01['FONTCOLOR'], 'LANG_fontsize' => $LANG_GF01['FONTSIZE'], 'LANG_closetags' => $LANG_GF01['CLOSETAGS'], 'LANG_codetip' => $LANG_GF01['CODETIP'], 'LANG_tiny' => $LANG_GF01['TINY'], 'LANG_small' => $LANG_GF01['SMALL'], 'LANG_normal' => $LANG_GF01['NORMAL'], 'LANG_large' => $LANG_GF01['LARGE'], 'LANG_huge' => $LANG_GF01['HUGE'], 'LANG_default' => $LANG_GF01['DEFAULT'], 'LANG_dkred' => $LANG_GF01['DKRED'], 'LANG_red' => $LANG_GF01['RED'], 'LANG_orange' => $LANG_GF01['ORANGE'], 'LANG_brown' => $LANG_GF01['BROWN'], 'LANG_yellow' => $LANG_GF01['YELLOW'], 'LANG_green' => $LANG_GF01['GREEN'], 'LANG_olive' => $LANG_GF01['OLIVE'], 'LANG_cyan' => $LANG_GF01['CYAN'], 'LANG_blue' => $LANG_GF01['BLUE'], 'LANG_dkblue' => $LANG_GF01['DKBLUE'], 'LANG_indigo' => $LANG_GF01['INDIGO'], 'LANG_violet' => $LANG_GF01['VIOLET'], 'LANG_white' => $LANG_GF01['WHITE'], 'LANG_black' => $LANG_GF01['BLACK']));
    $peTemplate->set_var('token_name', CSRF_TOKEN);
    $peTemplate->set_var('token', SEC_createToken());
    $peTemplate->set_var('postmode', $postData['postmode']);
    $peTemplate->unset_var('show_htmleditor');
    if ($_FF_CONF['use_wysiwyg_editor'] && $postData['postmode'] == 'html') {
        // hook into wysiwyg here
        switch (PLG_getEditorType()) {
            case 'ckeditor':
                $peTemplate->set_var('show_htmleditor', true);
                PLG_requestEditor('forum', 'forum_entry', 'ckeditor_forum.thtml');
                PLG_templateSetVars('forum_entry', $peTemplate);
                break;
            case 'tinymce':
                $peTemplate->set_var('show_htmleditor', true);
                PLG_requestEditor('forum', 'forum_entry', 'tinymce_forum.thtml');
                PLG_templateSetVars('forum_entry', $peTemplate);
                break;
            default:
                // don't support others right now
                break;
        }
    }
    $peTemplate->parse('output', 'posteditor');
    $retval .= $peTemplate->finish($peTemplate->get_var('output'));
    $urlfor = 'advancededitor';
    if ($uid == 1) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    }
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    if (!isset($_POST['editpost'])) {
        $_POST['editpost'] = '';
    }
    if ($action != 'newtopic' && $_POST['editpost'] != 'yes' && ($action == 'newreply' || $viewMode)) {
        if ($FF_userprefs['showiframe']) {
            $retval .= "<iframe src=\"{$_CONF['site_url']}/forum/viewtopic.php?mode=preview&amp;showtopic=" . $postData['id'] . "&amp;onlytopic=1&amp;lastpost=true\" height=\"300\" width=\"100%\"></iframe>";
        }
    }
    return $retval;
}
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:createtopic.php


注:本文中的SEC_setCookie函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。