- Timestamp:
- Sep 15, 2014 9:44:27 PM (10 years ago)
- Location:
- trunk/lib
- Files:
-
- 1 added
- 9 edited
-
App.inc.php (modified) (1 diff)
-
Auth_SQL.inc.php (modified) (1 diff)
-
DB.inc.php (modified) (1 diff)
-
FormValidator.inc.php (modified) (2 diffs)
-
HTML.inc.php (added)
-
Lock.inc.php (modified) (1 diff)
-
Navigation.inc.php (modified) (5 diffs)
-
SortOrder.inc.php (modified) (1 diff)
-
Utilities.inc.php (modified) (4 diffs)
-
Version.inc.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r492 r497 537 537 switch ($m['type']) { 538 538 case MSG_ERR: 539 echo '<div class="sc-msg-error">' . $m['message'] . '</div>';539 echo '<div data-alert class="sc-msg-error alert-box alert">' . $m['message'] . '<a href="#" class="close">×</a></div>'; 540 540 break; 541 541 542 542 case MSG_WARNING: 543 echo '<div class="sc-msg-warning">' . $m['message'] . '</div>';543 echo '<div data-alert class="sc-msg-warning alert-box warning">' . $m['message'] . '<a href="#" class="close">×</a></div>'; 544 544 break; 545 545 546 546 case MSG_SUCCESS: 547 echo '<div class="sc-msg-success">' . $m['message'] . '</div>';547 echo '<div data-alert class="sc-msg-success alert-box success">' . $m['message'] . '<a href="#" class="close">×</a></div>'; 548 548 break; 549 549 550 550 case MSG_NOTICE: 551 551 default: 552 echo '<div class="sc-msg-notice">' . $m['message'] . '</div>';552 echo '<div data-alert class="sc-msg-notice alert-box info">' . $m['message'] . '<a href="#" class="close">×</a></div>'; 553 553 break; 554 555 554 } 556 555 } -
trunk/lib/Auth_SQL.inc.php
r484 r497 471 471 * (2) If this number exceeds the login_abuse_max_ips, assume multiple people are logging in under the same account. 472 472 **/ 473 // TODO: make this ipv6 compatible. At the moment, ipv6 addresses are converted into zero for remote_ip_binary. 474 // http://www.highonphp.com/5-tips-for-working-with-ipv6-in-php 475 // https://stackoverflow.com/questions/444966/working-with-ipv6-addresses-in-php 473 476 if ($this->getParam('abuse_detection') && !$this->get('login_abuse_exempt')) { 474 477 $qid = $db->query(" -
trunk/lib/DB.inc.php
r484 r497 441 441 } 442 442 443 /** 444 * Returns the values of an ENUM or SET column, returning them as an array. 445 * 446 * @param string $db_table database table to lookup 447 * @param string $db_col database column to lookup 448 * @param bool $sort Sort the output. 449 * @return array Array of the set/enum values on success, false on failure. 450 */ 451 public function getEnumValues($db_table, $db_col, $sort=false) 452 { 453 $app =& App::getInstance(); 454 455 $qid = $this->query("SHOW COLUMNS FROM " . $this->escapeString($db_table) . " LIKE '" . $this->escapeString($db_col) . "'", false); 456 457 $row = mysql_fetch_row($qid); 458 if (preg_match('/^enum|^set/i', $row[1]) && preg_match_all("/'([^']*)'/", $row[1], $matches)) { 459 if ($sort) { 460 natsort($matches[1]); 461 } 462 return $matches[1]; 463 } else { 464 $app->logMsg(sprintf('No set or enum fields found in %s.%s', $db_table, $db_col), LOG_ERR, __FILE__, __LINE__); 465 return false; 466 } 467 } 468 469 443 470 } // End. 444 471 -
trunk/lib/FormValidator.inc.php
r494 r497 209 209 switch ($e['type']) { 210 210 case MSG_ERR: 211 echo '<div class="sc-msg-error">' . $e['message'] . '</div>';211 echo '<div data-alert class="sc-msg-error alert-box alert">' . $e['message'] . '<a href="#" class="close">×</a></div>'; 212 212 break; 213 213 214 214 case MSG_WARNING: 215 echo '<div class="sc-msg-warning">' . $e['message'] . '</div>';215 echo '<div data-alert class="sc-msg-warning alert-box warning">' . $e['message'] . '<a href="#" class="close">×</a></div>'; 216 216 break; 217 217 218 218 case MSG_SUCCESS: 219 echo '<div class="sc-msg-success">' . $e['message'] . '</div>';219 echo '<div data-alert class="sc-msg-success alert-box alert">' . $e['message'] . '<a href="#" class="close">×</a></div>'; 220 220 break; 221 221 222 222 case MSG_NOTICE: 223 223 default: 224 echo '<div class="sc-msg-notice">' . $e['message'] . '</div>';224 echo '<div data-alert class="sc-msg-notice alert-box info">' . $e['message'] . '<a href="#" class="close">×</a></div>'; 225 225 break; 226 226 } … … 304 304 public function isEmpty($form_name, $msg='') 305 305 { 306 $this->notEmpty($form_name, $msg);306 return $this->notEmpty($form_name, $msg); 307 307 } 308 308 -
trunk/lib/Lock.inc.php
r484 r497 384 384 { 385 385 $app =& App::getInstance(); 386 387 386 ?> 388 387 <form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>"> -
trunk/lib/Navigation.inc.php
r485 r497 254 254 // A crumb with no link. 255 255 $breadcrumbs[] = array( 256 'url' => false, 257 'title' => sprintf($this->getParam('last_crumb_format'), $page['title']) 256 'url' => $_SERVER['REQUEST_URI'], 257 'title' => sprintf($this->getParam('last_crumb_format'), $page['title']), 258 'class' => 'current' 258 259 ); 259 260 } else if ($crumb_count > $this->getParam('chop_breadcrumb_links')) { … … 261 262 $breadcrumbs[] = array( 262 263 'url' => $page['url'], 263 'title' => sprintf($this->getParam('last_crumb_format'), $page['title']) 264 'title' => sprintf($this->getParam('last_crumb_format'), $page['title']), 265 'class' => '', 264 266 ); 265 267 } … … 269 271 $breadcrumbs[] = array( 270 272 'url' => false, 271 'title' => $page['title'] 273 'title' => $page['title'], 274 'class' => 'unavailable', 272 275 ); 273 276 } else { … … 275 278 $breadcrumbs[] = array( 276 279 'url' => $page['url'], 277 'title' => $page['title'] 280 'title' => $page['title'], 281 'class' => '', 278 282 ); 279 283 } … … 334 338 } 335 339 340 /* 341 * 342 * 343 * @access public 344 * @param 345 * @return 346 * @author Quinn Comendant <quinn@strangecode.com> 347 * @version 1.0 348 * @since 07 Sep 2014 12:22:19 349 */ 350 public function getBreadcrumbsUL() 351 { 352 $breadcrumbs = $this->getBreadcrumbsArray(); 353 if (!empty($breadcrumbs)) { 354 ?><ul class="breadcrumbs"><?php 355 foreach ($breadcrumbs as $b) { 356 $printclass = '' != $b['class'] ? sprintf(' class="%s"', $b['class']) : ''; 357 printf('<li%s><a href="%s">%s</a></li>', $printclass, $b['url'], $b['title']); 358 } 359 ?></ul><?php 360 } 361 unset($key, $value); 362 } 363 336 364 /** 337 365 * Test if the given URI matches the URL of the current page. By default the URI is tested -
trunk/lib/SortOrder.inc.php
r484 r497 212 212 if ($this->sort_by == $col) { 213 213 if (mb_strtolower($this->order) == 'desc') { 214 ?><a href="<?php echo $app->oHREF($_SERVER['PHP_SELF'] . '?sort=' . $col . '&order=ASC'); ?>" title="<?php echo _("Change to ascending sort order"); ?>" ><?php echo $this->desc_widget; ?></a><?php echo $col_name; ?><?php214 ?><a href="<?php echo $app->oHREF($_SERVER['PHP_SELF'] . '?sort=' . $col . '&order=ASC'); ?>" title="<?php echo _("Change to ascending sort order"); ?>" class="sc-sort sc-desc"><?php echo $this->desc_widget; ?></a><?php echo $col_name; ?><?php 215 215 } else { 216 ?><a href="<?php echo $app->oHREF($_SERVER['PHP_SELF'] . '?sort=' . $col . '&order=DESC'); ?>" title="<?php echo _("Change to descending sort order"); ?>" ><?php echo $this->asc_widget; ?></a><?php echo $col_name; ?><?php216 ?><a href="<?php echo $app->oHREF($_SERVER['PHP_SELF'] . '?sort=' . $col . '&order=DESC'); ?>" title="<?php echo _("Change to descending sort order"); ?>" class="sc-sort sc-asc"><?php echo $this->asc_widget; ?></a><?php echo $col_name; ?><?php 217 217 } 218 218 } else { 219 ?><a href="<?php echo $app->oHREF($_SERVER['PHP_SELF'] . '?sort=' . $col . '&order=' . $default_order); ?>" title="<?php echo sprintf(_("Sort by %s"), $col_name); ?>" ><?php echo $col_name; ?></a><?php219 ?><a href="<?php echo $app->oHREF($_SERVER['PHP_SELF'] . '?sort=' . $col . '&order=' . $default_order); ?>" title="<?php echo sprintf(_("Sort by %s"), $col_name); ?>" class="sc-sort"><?php echo $col_name; ?></a><?php 220 220 } 221 221 } else { -
trunk/lib/Utilities.inc.php
r487 r497 1082 1082 } 1083 1083 1084 /** 1085 * Returns the remote IP address, taking into consideration proxy servers. 1086 * 1087 * @param bool $dolookup If true we resolve to IP to a host name, 1088 * if false we don't. 1089 * @return string IP address if $dolookup is false or no arg 1090 * Hostname if $dolookup is true 1091 */ 1092 function getRemoteAddr($dolookup=false) 1093 { 1094 $ip = getenv('HTTP_CLIENT_IP'); 1095 if (in_array($ip, array('', 'unknown', 'localhost', '127.0.0.1'))) { 1096 $ip = getenv('HTTP_X_FORWARDED_FOR'); 1097 if (mb_strpos($ip, ',') !== false) { 1098 // If HTTP_X_FORWARDED_FOR returns a comma-delimited list of IPs then return the first one (assuming the first is the original). 1099 $ips = explode(',', $ip, 2); 1100 $ip = $ips[0]; 1101 } 1102 if (in_array($ip, array('', 'unknown', 'localhost', '127.0.0.1'))) { 1103 $ip = getenv('REMOTE_ADDR'); 1104 } 1105 } 1106 return $dolookup && '' != $ip ? gethostbyaddr($ip) : $ip; 1084 /* 1085 * Returns the remote IP address, taking into consideration proxy servers. 1086 * 1087 * If strict checking is enabled, we will only trust REMOTE_ADDR or an HTTP header 1088 * value if REMOTE_ADDR is a trusted proxy (configured as an array in $cfg['trusted_proxies']). 1089 * 1090 * @access public 1091 * @param bool $dolookup Resolve to IP to a hostname? 1092 * @param bool $trust_all_proxies Should we trust any IP address set in HTTP_* variables? Set to FALSE for secure usage. 1093 * @return mixed Canonicalized IP address (or a corresponding hostname if $dolookup is true), or false if no IP was found. 1094 * @author Alix Axel <http://stackoverflow.com/a/2031935/277303> 1095 * @author Corey Ballou <http://blackbe.lt/advanced-method-to-obtain-the-client-ip-in-php/> 1096 * @author Quinn Comendant <quinn@strangecode.com> 1097 * @version 1.0 1098 * @since 12 Sep 2014 19:07:46 1099 */ 1100 function getRemoteAddr($dolookup=false, $trust_all_proxies=true) 1101 { 1102 global $cfg; 1103 1104 if (!isset($_SERVER['REMOTE_ADDR'])) { 1105 // Must be a CLI. 1106 return false; 1107 } 1108 1109 // Use an HTTP header value only if $trust_all_proxies is true or when REMOTE_ADDR is in our $cfg['trusted_proxies'] array. 1110 // $cfg['trusted_proxies'] is an array of proxy server addresses we expect to see in REMOTE_ADDR. 1111 if ($trust_all_proxies || isset($cfg['trusted_proxies']) && is_array($cfg['trusted_proxies']) && in_array($_SERVER['REMOTE_ADDR'], $cfg['trusted_proxies'], true)) { 1112 // Then it's probably safe to use an IP address value set in an HTTP header. 1113 // Loop through possible IP address headers. 1114 foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED') as $key) { 1115 // Loop through and if 1116 if (array_key_exists($key, $_SERVER)) { 1117 foreach (explode(',', $_SERVER[$key]) as $addr) { 1118 $addr = canonicalIPAddr(trim($addr)); 1119 if (false !== filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { 1120 return $dolookup && '' != $addr ? gethostbyaddr($addr) : $addr; 1121 } 1122 } 1123 } 1124 } 1125 } 1126 1127 $addr = canonicalIPAddr(trim($_SERVER['REMOTE_ADDR'])); 1128 return $dolookup && $addr ? gethostbyaddr($addr) : $addr; 1129 } 1130 1131 /* 1132 * Converts an ipv4 IP address in hexadecimal form into canonical form (i.e., it removes the prefix). 1133 * 1134 * @access public 1135 * @param string $addr IP address. 1136 * @return string Canonical IP address. 1137 * @author Sander Steffann <http://stackoverflow.com/a/12436099/277303> 1138 * @author Quinn Comendant <quinn@strangecode.com> 1139 * @version 1.0 1140 * @since 15 Sep 2012 1141 */ 1142 function canonicalIPAddr($addr) 1143 { 1144 // Known prefix 1145 $v4mapped_prefix_bin = pack('H*', '00000000000000000000ffff'); 1146 1147 // Parse 1148 $addr_bin = inet_pton($addr); 1149 1150 // Check prefix 1151 if (substr($addr_bin, 0, strlen($v4mapped_prefix_bin)) == $v4mapped_prefix_bin) { 1152 // Strip prefix 1153 echo 'prefix matches'; 1154 $addr_bin = substr($addr_bin, strlen($v4mapped_prefix_bin)); 1155 } 1156 1157 // Convert back to printable address in canonical form 1158 return inet_ntop($addr_bin); 1107 1159 } 1108 1160 … … 1117 1169 * @return mixed Returns the network that matched on success, false on failure. 1118 1170 */ 1119 function ipInRange($ ip, $networks)1171 function ipInRange($addr, $networks) 1120 1172 { 1121 1173 if (!is_array($networks)) { … … 1123 1175 } 1124 1176 1125 $ ip_binary = sprintf('%032b', ip2long($ip));1177 $addr_binary = sprintf('%032b', ip2long($addr)); 1126 1178 foreach ($networks as $network) { 1127 1179 if (preg_match('![\d\.]{7,15}/\d{1,2}!', $network)) { … … 1129 1181 list($cidr_ip, $cidr_bitmask) = explode('/', $network); 1130 1182 $cidr_ip_binary = sprintf('%032b', ip2long($cidr_ip)); 1131 if (mb_substr($ ip_binary, 0, $cidr_bitmask) === mb_substr($cidr_ip_binary, 0, $cidr_bitmask)) {1183 if (mb_substr($addr_binary, 0, $cidr_bitmask) === mb_substr($cidr_ip_binary, 0, $cidr_bitmask)) { 1132 1184 // IP address is within the specified IP range. 1133 1185 return $network; 1134 1186 } 1135 1187 } else { 1136 if ($ ip=== $network) {1188 if ($addr === $network) { 1137 1189 // IP address exactly matches. 1138 1190 return $network; -
trunk/lib/Version.inc.php
r484 r497 266 266 "); 267 267 if (!$record = mysql_fetch_assoc($qid)) { 268 $app->raiseMsg(sprintf(_("Version ID%s%s not found."), $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), MSG_WARNING, __FILE__, __LINE__);269 $app->logMsg(sprintf('Version ID%s%s not found.', $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), LOG_WARNING, __FILE__, __LINE__);268 $app->raiseMsg(sprintf(_("Version %s%s not found."), $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), MSG_WARNING, __FILE__, __LINE__); 269 $app->logMsg(sprintf('Version %s%s not found.', $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), LOG_WARNING, __FILE__, __LINE__); 270 270 return false; 271 271 } … … 274 274 // Ensure saved db columns match current table schema. 275 275 if (!$db->columnExists($record['record_table'], array_keys($data), $this->getParam('db_schema_strict'))) { 276 $app->raiseMsg(sprintf(_("Version ID%s%s is not compatible with the current database table."), $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), MSG_ERR, __FILE__, __LINE__);277 $app->logMsg(sprintf('Version ID%s%s restoration failed, DB schema does not match for table %s.', $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')'), $record['record_table']), LOG_ALERT, __FILE__, __LINE__);276 $app->raiseMsg(sprintf(_("Version %s%s is not compatible with the current database table."), $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')')), MSG_ERR, __FILE__, __LINE__); 277 $app->logMsg(sprintf('Version %s%s restoration failed, DB schema does not match for table %s.', $version_id, (empty($record['version_title']) ? '' : ' (' . $record['version_title'] . ')'), $record['record_table']), LOG_ALERT, __FILE__, __LINE__); 278 278 return false; 279 279 }
Note: See TracChangeset
for help on using the changeset viewer.
