本文整理汇总了PHP中AJXP_Utils::detectXSS方法的典型用法代码示例。如果您正苦于以下问题:PHP AJXP_Utils::detectXSS方法的具体用法?PHP AJXP_Utils::detectXSS怎么用?PHP AJXP_Utils::detectXSS使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类AJXP_Utils的用法示例。
在下文中一共展示了AJXP_Utils::detectXSS方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: renderNode
/**
* The basic node
* @static
* @param string $nodeName
* @param string $nodeLabel
* @param bool $isLeaf
* @param array $metaData
* @param bool $close
* @param bool $print
* @return void|string
*/
public static function renderNode($nodeName, $nodeLabel, $isLeaf, $metaData = array(), $close = true, $print = true)
{
$string = "<tree";
$metaData["filename"] = $nodeName;
if (AJXP_Utils::detectXSS($nodeName)) {
$metaData["filename"] = "/XSS Detected - Please contact your admin";
}
if (!isset($metaData["text"])) {
if (AJXP_Utils::detectXSS($nodeLabel)) {
$nodeLabel = "XSS Detected - Please contact your admin";
}
$metaData["text"] = $nodeLabel;
} else {
if (AJXP_Utils::detectXSS($metaData["text"])) {
$metaData["text"] = "XSS Detected - Please contact your admin";
}
}
$metaData["is_file"] = $isLeaf ? "true" : "false";
$metaData["ajxp_im_time"] = time();
foreach ($metaData as $key => $value) {
if (AJXP_Utils::detectXSS($value)) {
$value = "XSS Detected!";
}
$value = AJXP_Utils::xmlEntities($value, true);
$string .= " {$key}=\"{$value}\"";
}
if ($close) {
$string .= "/>";
} else {
$string .= ">";
}
return AJXP_XMLWriter::write($string, $print);
}示例2: write2
/**
* Write text to the log file.
*
* If write is not allowed because the file is not yet open, the message is buffered until
* file becomes available.
*
* @param String $level Log severity: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
* @param String $ip The client ip
* @param String $user The user login
* @param String $source The source of the message
* @param String $prefix The prefix of the message
* @param String $message The message to log
* @throws Exception
* @return void
*/
public function write2($level, $ip, $user, $source, $prefix, $message, $nodePathes = array())
{
if (AJXP_Utils::detectXSS($message)) {
$message = "XSS Detected in message!";
}
$textMessage = date("m-d-y") . " " . date("H:i:s") . "\t";
$textMessage .= "{$ip}\t" . strtoupper((string) $level) . "\t{$user}\t{$source}\t{$prefix}\t{$message}\n";
if ($this->fileHandle !== false) {
if (count($this->stack)) {
$this->stackFlush();
}
if (fwrite($this->fileHandle, $textMessage) === false) {
throw new Exception("There was an error writing to log file ({$this->logFileName})");
}
} else {
$this->stack[] = $textMessage;
}
}示例3: switchAction
//.........这里部分代码省略.........
break;
//------------------------------------
// XML LISTING
//------------------------------------
//------------------------------------
// XML LISTING
//------------------------------------
case "ls":
if (!isset($dir) || $dir == "/") {
$dir = "";
}
$searchMode = $fileListMode = $completeMode = false;
if (isset($mode)) {
if ($mode == "search") {
$searchMode = true;
} else {
if ($mode == "file_list") {
$fileListMode = true;
} else {
if ($mode == "complete") {
$completeMode = true;
}
}
}
}
$link = $this->createDbLink();
//AJXP_Exception::errorToXml($link);
if ($dir == "") {
AJXP_XMLWriter::header();
$tables = $this->listTables();
AJXP_XMLWriter::sendFilesListComponentConfig('<columns switchDisplayMode="list" switchGridMode="filelist"><column messageString="Table Name" attributeName="ajxp_label" sortType="String"/><column messageString="Byte Size" attributeName="bytesize" sortType="NumberKo"/><column messageString="Count" attributeName="count" sortType="Number"/></columns>');
$icon = $mode == "file_list" ? "sql_images/mimes/ICON_SIZE/table_empty.png" : "sql_images/mimes/ICON_SIZE/table_empty_tree.png";
foreach ($tables as $tableName) {
if (AJXP_Utils::detectXSS($tableName)) {
$tableName = "XSS Detected!";
$size = 'N/A';
$count = 'N/A';
} else {
$size = $this->getSize($tableName);
$count = $this->getCount($tableName);
}
print "<tree is_file=\"0\" text=\"{$tableName}\" filename=\"/{$tableName}\" bytesize=\"{$size}\" count=\"{$count}\" icon=\"{$icon}\" ajxp_mime=\"table\" />";
}
print "<tree is_file=\"0\" text=\"Search Results\" ajxp_node=\"true\" filename=\"/ajxpmysqldriver_searchresults\" bytesize=\"-\" count=\"-\" icon=\"search.png\"/>";
AJXP_XMLWriter::close();
} else {
$tableName = basename($dir);
if (isset($page)) {
$currentPage = $page;
} else {
$currentPage = 1;
}
$query = "SELECT * FROM {$tableName}";
$searchQuery = false;
if ($tableName == "ajxpmysqldriver_searchresults") {
if (isset($_SESSION["LAST_SQL_QUERY"])) {
$query = $_SESSION["LAST_SQL_QUERY"];
$matches = array();
if (preg_match("/SELECT [\\S, ]* FROM (\\S*).*/i", $query, $matches) !== false) {
$tableName = $matches[1];
$searchQuery = true;
} else {
break;
}
} else {
break;示例4: write2
/**
* Write an entry to the log.
*
* @param String $level Log severity: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
* @param String $ip The client ip
* @param String $user The user login
* @param String $source The source of the message
* @param String $prefix The prefix of the message
* @param String $message The message to log
* @param array $nodesPathes
*/
public function write2($level, $ip, $user, $source, $prefix, $message, $nodesPathes = array())
{
if ($prefix == "Log In" && $message == "context=API") {
// Limit the number of logs
$test = dibi::query('SELECT [logdate] FROM [ajxp_log] WHERE [user]=%s AND [message]=%s AND [params]=%s ORDER BY [logdate] DESC %lmt %ofs', $user, $prefix, $message, 1, 0);
$lastInsert = $test->fetchSingle();
$now = new DateTime('NOW');
if (is_a($lastInsert, "DibiDateTime")) {
$lastTimestamp = $lastInsert->getTimestamp();
} else {
$lastTimestamp = strtotime($lastInsert);
}
if ($lastInsert !== false && $now->getTimestamp() - $lastTimestamp < 60 * 60) {
// IGNORING, LIMIT API LOGINS TO ONE PER HOUR, OR IT WILL FILL THE LOGS
return;
}
}
$files = array(array("dirname" => "", "basename" => ""));
if (AJXP_Utils::detectXSS($message)) {
$message = "XSS Detected in Message!";
} else {
if (count($nodesPathes)) {
$files = array();
foreach ($nodesPathes as $path) {
$parts = pathinfo($path);
$files[] = array("dirname" => $parts["dirname"], "basename" => $parts["basename"]);
}
}
}
foreach ($files as $fileDef) {
$log_row = array('logdate' => new DateTime('NOW'), 'remote_ip' => $this->inet_ptod($ip), 'severity' => strtoupper((string) $level), 'user' => $user, 'source' => $source, 'message' => $prefix, 'params' => $message, 'repository_id' => ConfService::getInstance()->getContextRepositoryId(), 'device' => $_SERVER['HTTP_USER_AGENT'], 'dirname' => $fileDef["dirname"], 'basename' => $fileDef["basename"]);
//we already handle exception for write2 in core.log
dibi::query('INSERT INTO [ajxp_log]', $log_row);
}
}示例5: write2
/**
* Write an entry to the log.
*
* @param String $level Log severity: one of LOG_LEVEL_* (DEBUG,INFO,NOTICE,WARNING,ERROR)
* @param String $ip The client ip
* @param String $user The user login
* @param String $source The source of the message
* @param String $prefix The prefix of the message
* @param String $message The message to log
*
*/
public function write2($level, $ip, $user, $source, $prefix, $message)
{
if ($prefix == "Log In" && ($message = "context=API")) {
// Limit the number of logs
$test = dibi::query('SELECT [logdate] FROM [ajxp_log] WHERE [user]=%s AND [message]=%s AND [params]=%s ORDER BY [logdate] DESC %lmt %ofs', $user, $prefix, $message, 1, 0);
$lastInsert = $test->fetchSingle();
$now = new DateTime('NOW');
if (is_a($lastInsert, "DibiDateTime")) {
$lastTimestamp = $lastInsert->getTimestamp();
} else {
$lastTimestamp = strtotime($lastInsert);
}
if ($lastInsert !== false && $now->getTimestamp() - $lastTimestamp < 60 * 60) {
// IGNORING, LIMIT API LOGINS TO ONE PER HOUR, OR IT WILL FILL THE LOGS
return;
}
}
if (AJXP_Utils::detectXSS($message)) {
$message = "XSS Detected in Message!";
}
$log_row = array('logdate' => new DateTime('NOW'), 'remote_ip' => $this->inet_ptod($ip), 'severity' => strtoupper((string) $level), 'user' => $user, 'source' => $source, 'message' => $prefix, 'params' => $message);
//we already handle exception for write2 in core.log
dibi::query('INSERT INTO [ajxp_log]', $log_row);
}