Changeset 502 for trunk/lib/App.inc.php
- Timestamp:
- Dec 30, 2014 10:24:51 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r501 r502 40 40 require_once dirname(__FILE__) . '/Utilities.inc.php'; 41 41 42 class App { 42 class App 43 { 43 44 44 45 // Minimum version of PHP required for this version of the Codebase. … … 627 628 } 628 629 629 // Make sure to log in the system's locale.630 $locale = setlocale(LC_TIME, 0);631 setlocale(LC_TIME, 'C');632 633 630 // Strip HTML tags except any with more than 7 characters because that's probably not a HTML tag, e.g. <email@address.com>. 634 631 preg_match_all('/(<[^>\s]{7,})[^>]*>/', $message, $strip_tags_allow); … … 678 675 } 679 676 677 // Make sure to log in the system's locale. 678 $locale = setlocale(LC_TIME, 0); 679 setlocale(LC_TIME, 'C'); 680 680 681 // Data to be stored for a log event. 681 682 $event = array( … … 692 693 $event_short['url'] = truncate($event_short['url'], 120); 693 694 695 // Restore original locale. 696 setlocale(LC_TIME, $locale); 694 697 695 698 // FILE ACTION … … 702 705 if (false !== $this->getParam('log_email_priority') && $priority <= $this->getParam('log_email_priority') && $send_notifications) { 703 706 $hostname = (isset($_SERVER['HTTP_HOST']) && '' != $_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : php_uname('n'); 704 $subject = sprintf('[%s %s] %s', $hostname, $event['type'], mb_substr($ message, 0, 64));707 $subject = sprintf('[%s %s] %s', $hostname, $event['type'], mb_substr($event['message'], 0, 64)); 705 708 $email_msg = sprintf("A %s log event occurred on %s\n\n", $event['type'], $hostname); 706 709 $headers = 'From: ' . $this->getParam('site_email'); … … 724 727 file_put_contents('php://stderr', "[{$event['type']}] [{$event['message']}]\n", FILE_APPEND); 725 728 } 726 727 // Restore original locale.728 setlocale(LC_TIME, $locale);729 730 unset($event, $event_short);731 729 732 730 return true; … … 850 848 * header('Location...') redirections. 851 849 * 850 * @param bool $include_csrf_token Set to true to include the csrf_token in the form. Only use this for forms with action="post" to prevent the token from being revealed in the URL. 852 851 * @return string url with attached queries and, if not using cookies, the session id 853 852 */ 854 public function url($url, $carry_args=null, $always_include_sid=false )853 public function url($url, $carry_args=null, $always_include_sid=false, $include_csrf_token=false) 855 854 { 856 855 if (!$this->running) { 857 856 $this->logMsg(sprintf('Canceled method call %s, application not running.', __FUNCTION__), LOG_NOTICE, __FILE__, __LINE__); 858 857 return false; 858 } 859 860 if ($this->getParam('csrf_token_enabled') && $include_csrf_token) { 861 // Include the csrf_token as a carried query argument. 862 // This token can be validated upon form submission with $app->verifyCSRFToken() or $app->requireValidCSRFToken() 863 $carry_args = is_array($carry_args) ? $carry_args : array(); 864 $carry_args = array_merge($carry_args, array($this->getParam('csrf_token_name') => $this->getCSRFToken())); 859 865 } 860 866 … … 938 944 * 939 945 * @access public 940 * @param string $url Input URL to parse.941 * @return string URL passed through $app->url() and then & turned to $amp;.946 * @param (see param reference for url() method) 947 * @return string URL passed through $app->url() with ampersamds transformed to $amp; 942 948 * @author Quinn Comendant <quinn@strangecode.com> 943 949 * @since 09 Dec 2005 17:58:45 944 950 */ 945 public function oHREF($url, $carry_args=null, $always_include_sid=false) 946 { 947 $url = $this->url($url, $carry_args, $always_include_sid); 948 949 // Replace any & not followed by an html or unicode entity with it's & equivalent. 951 public function oHREF($url, $carry_args=null, $always_include_sid=false, $include_csrf_token=false) 952 { 953 // Process the URL. 954 $url = $this->url($url, $carry_args, $always_include_sid, $include_csrf_token); 955 956 // Replace any & not followed by an html or unicode entity with its & equivalent. 950 957 $url = preg_replace('/&(?![\w\d#]{1,10};)/', '&', $url); 951 958 … … 1093 1100 return false; 1094 1101 } 1095 $this->logMsg(sprintf('Verified CSRF token %s is in %s', $user_submitted_csrf_token, $csrf_token), LOG_DEBUG, __FILE__, __LINE__);1102 $this->logMsg(sprintf('Verified CSRF token %s', $user_submitted_csrf_token), LOG_DEBUG, __FILE__, __LINE__); 1096 1103 return true; 1097 1104 } … … 1142 1149 } 1143 1150 1144 if ( '' ==$url) {1151 if (!$url) { 1145 1152 // If URL is not specified, use the redirect_home_url. 1146 1153 $url = $this->getParam('redirect_home_url'); … … 1295 1302 } 1296 1303 1297 $this->logMsg(sprintf('deleteBoomerangURL(%s): %s', $id, $this->getBoomerangURL($id)), LOG_DEBUG, __FILE__, __LINE__);1298 1299 1304 if (isset($id) && isset($_SESSION['_app'][$this->_ns]['boomerang']['url'][$id])) { 1305 $url = $this->getBoomerangURL($id); 1300 1306 unset($_SESSION['_app'][$this->_ns]['boomerang']['url'][$id]); 1301 1307 } else if (is_array($_SESSION['_app'][$this->_ns]['boomerang']['url'])) { 1302 array_pop($_SESSION['_app'][$this->_ns]['boomerang']['url']); 1303 } 1308 $url = array_pop($_SESSION['_app'][$this->_ns]['boomerang']['url']); 1309 } 1310 $this->logMsg(sprintf('deleteBoomerangURL(%s): %s', $id, $url), LOG_DEBUG, __FILE__, __LINE__); 1304 1311 } 1305 1312
Note: See TracChangeset
for help on using the changeset viewer.