Changeset 549 for branches/1.1dev/lib
- Timestamp:
- Oct 2, 2015 9:02:39 PM (9 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/1.1dev/lib/App.inc.php
r414 r549 8 8 * CONFIG 9 9 ****************************************************************************** 10 10 11 11 This library has some functions that require globally defined values. 12 12 These are defined here. … … 14 14 15 15 // Message Types 16 /** @constant MSG_NOTICE 16 /** @constant MSG_NOTICE 17 17 An informational message: Welcome to asdf, Logout successful, etc. */ 18 18 define('MSG_NOTICE', 0); 19 19 20 /** @constant MSG_SUCCESS 20 /** @constant MSG_SUCCESS 21 21 A success message: Message sent, You are logged-in, etc. */ 22 22 define('MSG_SUCCESS', 1); … … 26 26 define('MSG_WARNING', 2); 27 27 28 /** @constant MSG_ERR 28 /** @constant MSG_ERR 29 29 Unrecoverable failure: Message could not be sent, File not found, etc. */ 30 30 define('MSG_ERR', 4); // PHP user error style. … … 52 52 { 53 53 $_SESSION['_messages'][] = array( 54 'type' => $type, 54 'type' => $type, 55 55 'message' => $message, 56 56 'file' => $file, … … 95 95 $CFG->log_filename = sprintf('%s_%s.log', getenv('USER'), getenv('HTTP_HOST')); 96 96 } 97 97 98 // Serialize multi-line messages. 99 $message = preg_replace('/\s+/m', ' ', trim($message)); 100 98 101 // Data to be stored for a log event. 99 102 $event = array( … … 108 111 109 112 $event_str = strip_tags('[' . preg_replace('/\s{2,}/', ' ', join('] [', $event)) . ']'); 110 113 111 114 // FILE ACTION 112 115 if ($CFG->log_file_priority && $priority <= $CFG->log_file_priority) { … … 127 130 mail($CFG->log_to_email, $subject, $email_msg, $headers, '-f codebase@strangecode.com'); 128 131 } 129 132 130 133 // SMS ACTION 131 134 if ($CFG->log_sms_priority && $priority <= $CFG->log_sms_priority) { … … 184 187 // Delete any boomerang request keys in the query string. 185 188 $url = preg_replace('/boomerang=[\w]+/', '', $url); 186 189 187 190 if (is_array($_SESSION['_boomerang']['url']) && !empty($_SESSION['_boomerang']['url'])) { 188 191 // If the URL currently exists in the boomerang array, delete. … … 191 194 } 192 195 } 193 196 194 197 if (isset($id)) { 195 198 $_SESSION['_boomerang']['url'][$id] = $url; … … 255 258 // or a boomerang being set. 256 259 $boomerang_time = isset($_SESSION['_boomerang']['time']) ? $_SESSION['_boomerang']['time'] : 0; 257 260 258 261 if (isset($id) && isset($_SESSION['_boomerang']['url'][$id])) { 259 262 $url = $_SESSION['_boomerang']['url'][$id]; … … 277 280 return false; 278 281 } 279 282 280 283 return true; 281 284 } … … 318 321 // Delete stored boomerang. 319 322 deleteBoomerangURL($id); 320 323 321 324 // A redirection will never happen immediately twice. 322 325 // Set the time so ensure this doesn't happen. … … 339 342 */ 340 343 function dieURL($url, $carry_args=null, $always_include_sid=false) 341 { 344 { 342 345 global $CFG; 343 346 … … 354 357 355 358 $url = url($url, $carry_args, $always_include_sid); 356 359 357 360 header(sprintf('Location: %s', $url)); 358 361 logMsg(sprintf('dieURL dying to URL: %s', $url), LOG_DEBUG, __FILE__, __LINE__); … … 362 365 /** 363 366 * Prints a hidden form element with the PHPSESSID when cookies are not used, as well 364 * as hidden form elements for GET_VARS that might be in use. 367 * as hidden form elements for GET_VARS that might be in use. 365 368 * 366 369 * @global string $carry_queries An array of keys to define which values to … … 383 386 $_using_trans_sid = ini_get('session.use_trans_sid'); 384 387 } 385 388 386 389 // Initialize the carried queries. 387 390 if (!isset($carry_queries['_carry_queries_init'])) { … … 399 402 } 400 403 401 // Get any additional query names to add to the $carry_queries array 404 // Get any additional query names to add to the $carry_queries array 402 405 // that are found as function arguments. 403 406 // If FALSE is a function argument, DO NOT carry the queries. … … 422 425 } 423 426 } 424 427 425 428 // For each existing POST value, we create a hidden input to carry it through a form. 426 429 if ($do_carry_queries) { … … 431 434 } 432 435 } 433 436 434 437 // Include the SID if cookies are disabled. 435 438 if (!isset($_COOKIE[session_name()]) && !$_using_trans_sid) { … … 531 534 // - the link stays on our site 532 535 // - transparent SID propogation with session.use_trans_sid is not being used OR url begins with protocol (using_trans_sid has no effect here) 533 // OR 536 // OR 534 537 // - we must include the SID because we say so (it's used in a context where cookies will not be effective, ie. moving from http to https) 535 538 // AND … … 539 542 ( 540 543 ( 541 !isset($_COOKIE[session_name()]) 544 !isset($_COOKIE[session_name()]) 542 545 || !$CFG->session_use_cookies 543 ) 546 ) 544 547 && $CFG->enable_session 545 && isMyDomain($url) 546 && 548 && isMyDomain($url) 549 && 547 550 ( 548 551 !$_using_trans_sid 549 552 || preg_match('!^(http|https)://!i', $url) 550 553 ) 551 ) 554 ) 552 555 || $always_include_sid 553 556 ) … … 594 597 $modules = array('mod_ssl'); 595 598 } 596 599 597 600 if ('on' != getenv('HTTPS') && $CFG->ssl_enabled && in_array('mod_ssl', $modules)) { 598 601 raiseMsg(sprintf(_("Secure SSL connection made to %s"), $CFG->ssl_domain), MSG_NOTICE, __FILE__, __LINE__); … … 601 604 } 602 605 } 603 606 604 607 605 608 /** … … 618 621 * prevent from sending sensitive info in a get query (like the SID) to another 619 622 * domain. $method can be "ip" or "domain". The domain method might be preferred 620 * if your domain spans mutiple IP's (load sharing servers) 623 * if your domain spans mutiple IP's (load sharing servers) 621 624 * 622 625 * @param string $url the URI to test. … … 627 630 */ 628 631 function isMyDomain($url) 629 { 632 { 630 633 if (!preg_match('|\w{1,}\.\w{2,5}/|', $url)) { 631 634 // If we can't find a domain we assume the URL is relative. … … 637 640 638 641 /** 639 * Loads a list of tables in the current database into an array, and returns 642 * Loads a list of tables in the current database into an array, and returns 640 643 * true if the requested table is found. Use this function to enable/disable 641 644 * funtionality based upon the current available db tables. … … 646 649 */ 647 650 function dbTableExists($table) 648 { 651 { 649 652 static $existing_tables; 650 653 651 654 // Save the trans_sid setting. 652 655 if (!isset($existing_tables)) { … … 658 661 } 659 662 } 660 663 661 664 // Test if requested table is in database. 662 665 return in_array($table, $existing_tables); … … 664 667 665 668 /** 666 * Takes a URL and returns it without the query or anchor portion 669 * Takes a URL and returns it without the query or anchor portion 667 670 * 668 671 * @param string $url any kind of URI … … 676 679 677 680 /** 678 * Returns the remote IP address, taking into consideration proxy servers. 681 * Returns the remote IP address, taking into consideration proxy servers. 679 682 * 680 683 * @param bool $dolookup If true we resolve to IP to a host name, … … 713 716 $ip_pool = array($ip_pool); 714 717 } 715 718 716 719 $my_ip_binary = sprintf('%032b', ip2long($my_ip)); 717 720 foreach ($ip_pool as $ip) { … … 731 734 } 732 735 } 733 736 734 737 return false; 735 738 } 736 739 737 740 /** 738 * Returns a fully qualified URL to the current script, including the query. 741 * Returns a fully qualified URL to the current script, including the query. 739 742 * 740 743 * @return string a full url to the current script
Note: See TracChangeset
for help on using the changeset viewer.