Menu
▾
▴
[xoops-svn] SF.net SVN: xoops:[8359] XoopsCore/branches/2.6.x/2.6.0/htdocs
|
From: <tr...@us...> - 2011-11-26 22:30:20
|
Revision: 8359
http://xoops.svn.sourceforge.net/xoops/?rev=8359&view=rev
Author: trabis
Date: 2011-11-26 22:30:11 +0000 (Sat, 26 Nov 2011)
Log Message:
-----------
Adding some of 254 changes
Modified Paths:
--------------
XoopsCore/branches/2.6.x/2.6.0/htdocs/browse.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/protector/admin/index.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/user.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/advisory.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/index.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/prefix_manager.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin_menu.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/class/protector.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/postcheck_functions.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/version.txt
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/admin.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/modinfo.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/notification.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/oninstall.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/onuninstall.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/onupdate.php
XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/xoops_version.php
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/browse.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/browse.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/browse.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -83,7 +83,12 @@
exit();
}
-//Output now
+// Output now
+// seconds, minutes, hours, days
+$expires = 60*60*24*15;
+header("Pragma: public");
+header("Cache-Control: maxage=" . $expires);
+header('Expires: ' . gmdate('D, d M Y H:i:s', time() + $expires) . ' GMT');
header('Content-type: ' . $types[$ext]);
$handle = fopen($file, "rb");
while (!feof($handle)) {
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/protector/admin/index.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/protector/admin/index.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/modules/protector/admin/index.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -7,6 +7,6 @@
$mydirpath = dirname( dirname( __FILE__ ) ) ;
require $mydirpath.'/mytrustdirname.php' ; // set $mytrustdirname
-require XOOPS_TRUST_PATH.'/modules/'.$mytrustdirname.'/admin.php' ;
+require XOOPS_TRUST_PATH.'/modules/'.$mytrustdirname.'/admin/index.php' ;
?>
\ No newline at end of file
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/user.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/user.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/user.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -12,6 +12,9 @@
/**
* XOOPS User
*
+ * See the enclosed file license.txt for licensing information.
+ * If you did not receive this file, get it at http://www.fsf.org/copyleft/gpl.html
+ *
* @copyright The XOOPS Project http://sourceforge.net/projects/xoops/
* @license http://www.fsf.org/copyleft/gpl.html GNU General Public License (GPL)
* @package core
@@ -21,6 +24,8 @@
*/
include dirname(__FILE__) . DIRECTORY_SEPARATOR . 'mainfile.php';
+$xoopsPreload =& XoopsPreload::getInstance();
+$xoopsPreload->triggerEvent('core.user.start');
$xoops = Xoops::getInstance();
$xoops->preload->triggerEvent('core.user.start');
@@ -76,15 +81,15 @@
exit();
}
}
- header('Location: ' . XOOPS_URL . '/userinfo.php?uid=' . $xoops->user->getVar('uid'));
+ header('Location: ' . XOOPS_URL . '/userinfo.php?uid=' . $xoopsUser->getVar('uid'));
exit();
}
if ($op == 'logout') {
$message = '';
- $_SESSION = array();
// Regenerate a new session id and destroy old session
- session_regenerate_id(true);
+ $xoops->sess_handler->regenerate_id(true);
+ $SESSION = array();
setcookie($xoops->getConfig('usercookie'), 0, -1, '/', XOOPS_COOKIE_DOMAIN, 0);
setcookie($xoops->getConfig('usercookie'), 0, -1, '/');
// clear entry from online users table
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/advisory.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/advisory.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/advisory.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1,6 +1,6 @@
<?php
-$db = XoopsDatabaseFactory::getDatabaseConnection();
+$db =& XoopsDatabaseFactory::getDatabaseConnection();
// beggining of Output
xoops_cp_header();
@@ -21,58 +21,59 @@
// the path of XOOPS_TRUST_PATH accessible check
echo "<dl><dt>'XOOPS_TRUST_PATH' : " ;
echo "<img src='".XOOPS_URL.'/'.htmlspecialchars($relative_path)."/modules/protector/public_check.png' width='40' height='20' alt='' style='border:1px solid black;' /><br /><a href='".XOOPS_URL.'/'.htmlspecialchars($relative_path)."/modules/protector/public_check.php'>"._AM_ADV_TRUSTPATHPUBLICLINK."</a></dt>\n" ;
-echo "<dd>"._AM_ADV_TRUSTPATHPUBLIC."</dd></dl>" ;
+echo "<dd>"._AM_ADV_TRUSTPATHPUBLIC."</b><br /><br /></dd></dl>" ;
// register_globals
echo "<dl><dt>'register_globals' : " ;
$safe = ! ini_get( "register_globals" ) ;
if( $safe ) {
- echo "off <span style='color:green;font-weight:bold;'>ok</span></dt>\n" ;
+ echo "off <span style='color:green;font-weight:bold;'>OK</span></dt>\n" ;
} else {
echo "on <span style='color:red;font-weight:bold;'>"._AM_ADV_NOTSECURE."</span></dt>\n" ;
- echo "<dd>"._AM_ADV_REGISTERGLOBALS."<br /><br />
+ echo "<dd><br /><br />"._AM_ADV_REGISTERGLOBALS."<br /><br />
".XOOPS_ROOT_PATH."/.htaccess<br /><br />
- <b>php_flag register_globals off</b>
+ "._AM_ADV_REGISTERGLOBALS2."<br /><br />
+ <b>php_flag register_globals off
</dd>" ;
}
-echo "</dl>\n" ;
+echo "</b><br /><br /></dl>\n" ;
// allow_url_fopen
echo "<dl><dt>'allow_url_fopen' : " ;
$safe = ! ini_get( "allow_url_fopen" ) ;
if( $safe ) {
- echo "off <span style='color:green;font-weight:bold;'>ok</span></dt>\n" ;
+ echo "off <span style='color:green;font-weight:bold;'>OK</span></dt>\n" ;
} else {
echo "on <span style='color:red;font-weight:bold;'>"._AM_ADV_NOTSECURE."</span></dt>\n" ;
echo "<dd>"._AM_ADV_ALLOWURLFOPEN."</dd>" ;
}
-echo "</dl>\n" ;
+echo "</b><br /><br /></dl>\n" ;
// session.use_trans_sid
echo "<dl><dt>'session.use_trans_sid' : " ;
$safe = ! ini_get( "session.use_trans_sid" ) ;
if( $safe ) {
- echo "off <span style='color:green;font-weight:bold;'>ok</span></dt>\n" ;
+ echo "off <span style='color:green;font-weight:bold;'>OK</span></dt>\n" ;
} else {
echo "on <span style='color:red;font-weight:bold;'>"._AM_ADV_NOTSECURE."</span></dt>\n" ;
echo "<dd>"._AM_ADV_USETRANSSID."</dd>" ;
}
-echo "</dl>\n" ;
+echo "</b><br /><br /></dl>\n" ;
// XOOPS_DB_PREFIX
echo "<dl><dt>'XOOPS_DB_PREFIX' : " ;
$safe = strtolower( XOOPS_DB_PREFIX ) != 'xoops' ;
if( $safe ) {
- echo XOOPS_DB_PREFIX." <span style='color:green;font-weight:bold;'>ok</span></dt>\n<dd>" ;
+ echo XOOPS_DB_PREFIX." <span style='color:green;font-weight:bold;'>OK</span></dt>\n<dd>" ;
} else {
echo XOOPS_DB_PREFIX." <span style='color:red;font-weight:bold;'>"._AM_ADV_NOTSECURE."</span></dt>\n" ;
echo "<dd>"._AM_ADV_DBPREFIX."<br />\n" ;
}
echo "<a href='index.php?page=prefix_manager'>"._AM_ADV_LINK_TO_PREFIXMAN."</a></dd>" ;
-echo "</dl>\n" ;
+echo "</b><br /><br /></dl>\n" ;
// patch to mainfile.php
@@ -84,17 +85,17 @@
echo "missing postcheck <span style='color:red;font-weight:bold;'>"._AM_ADV_NOTSECURE."</span></dt>\n" ;
echo "<dd>"._AM_ADV_MAINUNPATCHED."</dd>" ;
} else {
- echo "patched <span style='color:green;font-weight:bold;'>ok</span></dt>\n" ;
+ echo "patched <span style='color:green;font-weight:bold;'>OK</span></dt>\n" ;
}
-echo "</dl>\n" ;
+echo "</b><br /><br /></dl>\n" ;
// patch to databasefactory.php
echo "<dl><dt>'databasefactory.php' : " ;
-$db = XoopsDatabaseFactory::getDatabaseConnection();
-if( strtolower( get_class( $db ) ) != 'protectormysqldatabase' ) {
+$db =& XoopsDatabaseFactory::getDatabaseConnection();
+if(substr(@XOOPS_VERSION , 6 , 3) < 2.4 && strtolower( get_class( $db ) ) != 'protectormysqldatabase' ) {
echo "<span style='color:red;font-weight:bold;'>"._AM_ADV_DBFACTORYUNPATCHED."</span></dt>\n" ;
} else {
- echo _AM_ADV_DBFACTORYPATCHED."<span style='color:green;font-weight:bold;'>ok</span></dt>\n" ;
+ echo _AM_ADV_DBFACTORYPATCHED."<span style='color:green;font-weight:bold;'> OK</span></dt>\n" ;
}
echo "</dl>\n" ;
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/index.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/index.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/index.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1,281 +1,40 @@
<?php
+// $Id$
+// ------------------------------------------------------------------------ //
+// XOOPS - PHP Content Management System //
+// Copyright (c) 2000 XOOPS.org //
+// <http://www.xoops.org/> //
+// ------------------------------------------------------------------------ //
+// This program is free software; you can redistribute it and/or modify //
+// it under the terms of the GNU General Public License as published by //
+// the Free Software Foundation; either version 2 of the License, or //
+// (at your option) any later version. //
+// //
+// You may not change or alter any portion of this comment or credits //
+// of supporting developers from this source code or any supporting //
+// source code which is considered copyrighted (c) material of the //
+// original comment or credit authors. //
+// //
+// This program is distributed in the hope that it will be useful, //
+// but WITHOUT ANY WARRANTY; without even the implied warranty of //
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
+// GNU General Public License for more details. //
+// //
+// You should have received a copy of the GNU General Public License //
+// along with this program; if not, write to the Free Software //
+// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
+// ------------------------------------------------------------------------ //
+// Author: Raul Recio (AKA UNFOR) //
+// Project: The XOOPS Project //
+// ------------------------------------------------------------------------- //
-require_once XOOPS_ROOT_PATH.'/class/pagenav.php' ;
-require_once dirname(dirname(__FILE__)).'/class/gtickets.php' ;
-$myts = MyTextSanitizer::getInstance() ;
-$db = XoopsDatabaseFactory::getDatabaseConnection();
-
-// GET vars
-$pos = empty( $_GET[ 'pos' ] ) ? 0 : intval( $_GET[ 'pos' ] ) ;
-$num = empty( $_GET[ 'num' ] ) ? 20 : intval( $_GET[ 'num' ] ) ;
-
-// Table Name
-$log_table = $db->prefix( $mydirname."_log" ) ;
-
-// Protector object
-require_once dirname(dirname(__FILE__)).'/class/protector.php' ;
-$db = XoopsDatabaseFactory::getDatabaseConnection();
-$protector = Protector::getInstance( $db->conn ) ;
-$conf = $protector->getConf() ;
-
-
-//
-// transaction stage
-//
-
-if( ! empty( $_POST['action'] ) ) {
-
- // Ticket check
- if ( ! $xoopsGTicket->check( true , 'protector_admin' ) ) {
- $xoops->redirect(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
- }
-
- if( $_POST['action'] == 'update_ips' ) {
- $error_msg = '' ;
-
- $lines = empty( $_POST['bad_ips'] ) ? array() : explode( "\n" , trim( $_POST['bad_ips'] ) ) ;
- $bad_ips = array() ;
- foreach( $lines as $line ) {
- @list( $bad_ip , $jailed_time ) = explode( ':' , $line , 2 ) ;
- $bad_ips[ trim( $bad_ip ) ] = empty( $jailed_time ) ? 0x7fffffff : intval( $jailed_time ) ;
- }
- if( ! $protector->write_file_badips( $bad_ips ) ) {
- $error_msg .= _AM_MSG_BADIPSCANTOPEN ;
- }
-
- $group1_ips = empty( $_POST['group1_ips'] ) ? array() : explode( "\n" , trim( $_POST['group1_ips'] ) ) ;
- foreach( array_keys( $group1_ips ) as $i ) {
- $group1_ips[$i] = trim( $group1_ips[$i] ) ;
- }
- $fp = @fopen( $protector->get_filepath4group1ips() , 'w' ) ;
- if( $fp ) {
- @flock( $fp , LOCK_EX ) ;
- fwrite( $fp , serialize( array_unique( $group1_ips ) ) . "\n" ) ;
- @flock( $fp , LOCK_UN ) ;
- fclose( $fp ) ;
- } else {
- $error_msg .= _AM_MSG_GROUP1IPSCANTOPEN ;
- }
-
- $redirect_msg = $error_msg ? $error_msg : _AM_MSG_IPFILESUPDATED ;
- $xoops->redirect( "index.php" , 2 , $redirect_msg ) ;
- exit ;
-
- } else if( $_POST['action'] == 'delete' && isset( $_POST['ids'] ) && is_array( $_POST['ids'] ) ) {
- // remove selected records
- foreach( $_POST['ids'] as $lid ) {
- $lid = intval( $lid ) ;
- $db->query( "DELETE FROM $log_table WHERE lid='$lid'" ) ;
- }
- $xoops->redirect( "index.php" , 2 , _AM_MSG_REMOVED ) ;
- exit ;
-
- } else if( $_POST['action'] == 'deleteall' ) {
- // remove all records
- $db->query( "DELETE FROM $log_table" ) ;
- $xoops->redirect( "index.php" , 2 , _AM_MSG_REMOVED ) ;
- exit ;
-
- } else if( $_POST['action'] == 'compactlog' ) {
- // compactize records (removing duplicated records (ip,type)
- $result = $db->query( "SELECT `lid`,`ip`,`type` FROM $log_table ORDER BY lid DESC" ) ;
- $buf = array() ;
- $ids = array() ;
- while( list( $lid , $ip , $type ) = $db->fetchRow( $result ) ) {
- if( isset( $buf[ $ip . $type ] ) ) {
- $ids[] = $lid ;
- } else {
- $buf[ $ip . $type ] = true ;
- }
- }
- $db->query( "DELETE FROM $log_table WHERE lid IN (".implode(',',$ids).")" ) ;
- $xoops->redirect( "index.php" , 2 , _AM_MSG_REMOVED ) ;
- exit ;
- }
-}
-
-
-//
-// display stage
-//
-
-// query for listing
-$rs = $db->query( "SELECT count(lid) FROM $log_table" ) ;
-list( $numrows ) = $db->fetchRow( $rs ) ;
-$prs = $db->query( "SELECT l.lid, l.uid, l.ip, l.agent, l.type, l.description, UNIX_TIMESTAMP(l.timestamp), u.uname FROM $log_table l LEFT JOIN ".$db->prefix("users")." u ON l.uid=u.uid ORDER BY timestamp DESC LIMIT $pos,$num" ) ;
-
-// Page Navigation
-$nav = new XoopsPageNav( $numrows , $num , $pos , 'pos' , "num=$num" ) ;
-$nav_html = $nav->renderNav( 10 ) ;
-
-// Number selection
-$num_options = '' ;
-$num_array = array( 20 , 100 , 500 , 2000 ) ;
-foreach( $num_array as $n ) {
- if( $n == $num ) {
- $num_options .= "<option value='$n' selected='selected'>$n</option>\n" ;
- } else {
- $num_options .= "<option value='$n'>$n</option>\n" ;
- }
-}
-
-// beggining of Output
+include_once 'admin_header.php';
xoops_cp_header();
-include dirname(__FILE__).'/mymenu.php' ;
-// title
-echo "<h3 style='text-align:left;'>".$xoopsModule->name()."</h3>\n" ;
+$indexAdmin = new ModuleAdmin();
-// configs writable check
-if( ! is_writable( dirname(dirname(__FILE__)).'/configs' ) ) {
- printf( "<p style='color:red;font-weight:bold;'>"._AM_FMT_CONFIGSNOTWRITABLE."</p>\n" , dirname(dirname(__FILE__)).'/configs' ) ;
-}
+echo $indexAdmin->addNavigation('index.php');
+echo $indexAdmin->renderIndex();
-// bad_ips
-$bad_ips = $protector->get_bad_ips( true ) ;
-uksort( $bad_ips , 'protector_ip_cmp' ) ;
-$bad_ips4disp = '' ;
-foreach( $bad_ips as $bad_ip => $jailed_time ) {
- $line = $jailed_time ? $bad_ip . ':' . $jailed_time : $bad_ip ;
- $line = str_replace( ':2147483647' , '' , $line ) ; // remove :0x7fffffff
- $bad_ips4disp .= htmlspecialchars( $line , ENT_QUOTES ) . "\n" ;
-}
-
-// group1_ips
-$group1_ips = $protector->get_group1_ips() ;
-usort( $group1_ips , 'protector_ip_cmp' ) ;
-$group1_ips4disp = htmlspecialchars(implode("\n",$group1_ips),ENT_QUOTES) ;
-
-// edit configs about IP ban and IPs for group=1
-echo "
-<form name='ConfigForm' action='' method='POST'>
-".$xoopsGTicket->getTicketHtml(__LINE__,1800,'protector_admin')."
-<input type='hidden' name='action' value='update_ips' />
-<table width='95%' class='outer' cellpadding='4' cellspacing='1'>
- <tr valign='top' align='left'>
- <td class='head'>
- "._AM_TH_BADIPS."
- </td>
- <td class='even'>
- <textarea name='bad_ips' id='bad_ips' style='width:200px;height:60px;'>$bad_ips4disp</textarea>
- <br />
- ".htmlspecialchars($protector->get_filepath4badips())."
- </td>
- </tr>
- <tr valign='top' align='left'>
- <td class='head'>
- "._AM_TH_GROUP1IPS."
- </td>
- <td class='even'>
- <textarea name='group1_ips' id='group1_ips' style='width:200px;height:60px;'>$group1_ips4disp</textarea>
- <br />
- ".htmlspecialchars($protector->get_filepath4group1ips())."
- </td>
- </tr>
- <tr valign='top' align='left'>
- <td class='head'>
- </td>
- <td class='even'>
- <input type='submit' value='"._GO."' />
- </td>
- </tr>
-</table>
-</form>
-" ;
-
-
-// header of log listing
-echo "
-<table width='95%' border='0' cellpadding='4' cellspacing='0'><tr><td>
-<form action='' method='GET' style='margin-bottom:0px;'>
- <table width='95%' border='0' cellpadding='4' cellspacing='0'>
- <tr>
- <td align='left'>
- <select name='num' onchange='submit();'>$num_options</select>
- <input type='submit' value='"._SUBMIT."'>
- </td>
- <td align='right'>
- $nav_html
- </td>
- </tr>
- </table>
-</form>
-<form name='MainForm' action='' method='POST' style='margin-top:0px;'>
-".$xoopsGTicket->getTicketHtml(__LINE__,1800,'protector_admin')."
-<input type='hidden' name='action' value='' />
-<table width='95%' class='outer' cellpadding='4' cellspacing='1'>
- <tr valign='middle'>
- <th width='5'><input type='checkbox' name='dummy' onclick=\"with(document.MainForm){for(i=0;i<length;i++){if(elements[i].type=='checkbox'){elements[i].checked=this.checked;}}}\" /></th>
- <th>"._AM_TH_DATETIME."</th>
- <th>"._AM_TH_USER."</th>
- <th>"._AM_TH_IP."<br />"._AM_TH_AGENT."</th>
- <th>"._AM_TH_TYPE."</th>
- <th>"._AM_TH_DESCRIPTION."</th>
- </tr>
-" ;
-
-// body of log listing
-$oddeven = 'odd' ;
-while( list( $lid , $uid , $ip , $agent , $type , $description , $timestamp , $uname ) = $db->fetchRow( $prs ) ) {
- $oddeven = ( $oddeven == 'odd' ? 'even' : 'odd' ) ;
-
- $ip = htmlspecialchars( $ip , ENT_QUOTES ) ;
- $type = htmlspecialchars( $type , ENT_QUOTES ) ;
- $description = htmlspecialchars( $description , ENT_QUOTES ) ;
- $uname = htmlspecialchars( ( $uid ? $uname : _GUESTS ) , ENT_QUOTES ) ;
-
- // make agents shorter
- if( preg_match( '/MSIE\s+([0-9.]+)/' , $agent , $regs ) ) {
- $agent_short = 'IE ' . $regs[1] ;
- } else if( stristr( $agent , 'Gecko' ) !== false ) {
- $agent_short = strrchr( $agent , ' ' ) ;
- } else {
- $agent_short = substr( $agent , 0 , strpos( $agent , ' ' ) ) ;
- }
- $agent4disp = htmlspecialchars( $agent , ENT_QUOTES ) ;
- $agent_desc = $agent == $agent_short ? $agent4disp : htmlspecialchars( $agent_short , ENT_QUOTES ) . "<img src='../images/dotdotdot.gif' alt='$agent4disp' title='$agent4disp' />" ;
-
- echo "
- <tr>
- <td class='$oddeven'><input type='checkbox' name='ids[]' value='$lid' /></td>
- <td class='$oddeven'>".XoopsLocal::formatTimestamp($timestamp)."</td>
- <td class='$oddeven'>$uname</td>
- <td class='$oddeven'>$ip<br />$agent_desc</td>
- <td class='$oddeven'>$type</td>
- <td class='$oddeven' width='100%'>$description</td>
- </tr>\n" ;
-}
-
-// footer of log listing
-echo "
- <tr>
- <td colspan='8' align='left'>"._AM_LABEL_REMOVE."<input type='button' value='"._AM_BUTTON_REMOVE."' onclick='if(confirm(\""._AM_JS_REMOVECONFIRM."\")){document.MainForm.action.value=\"delete\"; submit();}' /></td>
- </tr>
-</table>
-<div align='right'>
- $nav_html
-</div>
-<div style='clear:both;'><br /><br /></div>
-<div align='right'>
-"._AM_LABEL_COMPACTLOG."<input type='button' value='"._AM_BUTTON_COMPACTLOG."' onclick='if(confirm(\""._AM_JS_COMPACTLOGCONFIRM."\")){document.MainForm.action.value=\"compactlog\"; submit();}' />
-
-"._AM_LABEL_REMOVEALL."<input type='button' value='"._AM_BUTTON_REMOVEALL."' onclick='if(confirm(\""._AM_JS_REMOVEALLCONFIRM."\")){document.MainForm.action.value=\"deleteall\"; submit();}' />
-</div>
-</form>
-</td></tr></table>
-" ;
-
-xoops_cp_footer();
-
-
-function protector_ip_cmp( $a , $b )
-{
- $as = explode( '.' , $a ) ;
- $aval = @$as[0] * 167777216 + @$as[1] * 65536 + @$as[2] * 256 + @$as[3] ;
- $bs = explode( '.' , $b ) ;
- $bval = @$bs[0] * 167777216 + @$bs[1] * 65536 + @$bs[2] * 256 + @$bs[3] ;
-
- return $aval > $bval ? 1 : -1 ;
-}
-
-?>
+include 'admin_footer.php';
+//xoops_cp_footer();
\ No newline at end of file
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/prefix_manager.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/prefix_manager.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin/prefix_manager.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1,7 +1,7 @@
<?php
require_once dirname(dirname(__FILE__)).'/class/gtickets.php' ;
-$db = XoopsDatabaseFactory::getDatabaseConnection();
+$db =& XoopsDatabaseFactory::getDatabaseConnection();
// COPY TABLES
if( ! empty( $_POST['copy'] ) && ! empty( $_POST['old_prefix'] ) ) {
@@ -10,7 +10,7 @@
// Ticket check
if ( ! $xoopsGTicket->check( true , 'protector_admin' ) ) {
- $xoops->redirect(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
+ redirect_header(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
}
$new_prefix = empty( $_POST['new_prefix'] ) ? 'x' . substr( md5( time() ) , -5 ) : $_POST['new_prefix'] ;
@@ -50,9 +50,9 @@
}
- $_SESSION['protector_logger'] = $xoopsLogger->dumpQueries() ;
+ $_SESSION['protector_logger'] = $xoopsLogger->dump('queries') ;
- $xoops->redirect( 'index.php?page=prefix_manager' , 1 , _AM_MSG_DBUPDATED ) ;
+ redirect_header( 'index.php?page=prefix_manager' , 1 , _AM_MSG_DBUPDATED ) ;
exit ;
// DUMP INTO A LOCAL FILE
@@ -62,7 +62,7 @@
// Ticket check
if ( ! $xoopsGTicket->check( true , 'protector_admin' ) ) {
- $xoops->redirect(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
+ redirect_header(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
}
$prefix = $_POST['prefix'] ;
@@ -141,7 +141,7 @@
// Ticket check
if ( ! $xoopsGTicket->check( true , 'protector_admin' ) ) {
- $xoops->redirect(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
+ redirect_header(XOOPS_URL.'/',3,$xoopsGTicket->getErrors());
}
$prefix = $_POST['prefix'] ;
@@ -163,9 +163,9 @@
$drs = $db->queryF( "DROP TABLE `$table`" ) ;
}
- $_SESSION['protector_logger'] = $xoopsLogger->dumpQueries() ;
+ $_SESSION['protector_logger'] = $xoopsLogger->dump('queries') ;
- $xoops->redirect( 'index.php?page=prefix_manager' , 1 , _AM_MSG_DBUPDATED ) ;
+ redirect_header( 'index.php?page=prefix_manager' , 1 , _AM_MSG_DBUPDATED ) ;
exit ;
}
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1,92 +1,81 @@
<?php
// start hack by Trabis
-if (!class_exists('ProtectorRegistry')) {
- exit('Registry not found');
-}
+if (!class_exists('ProtectorRegistry')) exit('Registry not found');
-$xoops = Xoops::getInstance();
-$registry = ProtectorRegistry::getInstance();
-$mydirname = $registry->getEntry('mydirname');
-$mydirpath = $registry->getEntry('mydirpath');
-$language = $registry->getEntry('language');
+$registry =& ProtectorRegistry::getInstance();
+$mydirname = $registry->getEntry('mydirname');
+$mydirpath = $registry->getEntry('mydirpath');
+$language = $registry->getEntry('language');
// end hack by Trabis
-$mytrustdirname = basename(dirname(__FILE__));
-$mytrustdirpath = dirname(__FILE__);
+$mytrustdirname = basename( dirname( __FILE__ ) ) ;
+$mytrustdirpath = dirname( __FILE__ ) ;
// environment
-$module_handler = xoops_gethandler('module');
-$xoopsModule = $module_handler->getByDirname($mydirname);
-$config_handler = xoops_gethandler('config');
-$xoopsModuleConfig = $config_handler->getConfigsByCat(0, $xoopsModule->getVar('mid'));
+require_once XOOPS_ROOT_PATH.'/class/template.php' ;
+$module_handler =& xoops_gethandler( 'module' ) ;
+$xoopsModule =& $module_handler->getByDirname( $mydirname ) ;
+$config_handler =& xoops_gethandler( 'config' ) ;
+$xoopsModuleConfig =& $config_handler->getConfigsByCat( 0 , $xoopsModule->getVar( 'mid' ) ) ;
// check permission of 'module_admin' of this module
-$moduleperm_handler = xoops_gethandler('groupperm');
-if (!is_object(@$xoopsUser) || !$moduleperm_handler->checkRight('module_admin', $xoopsModule->getVar('mid'), $xoopsUser->getGroups())) {
- die('only admin can access this area');
-}
+$moduleperm_handler =& xoops_gethandler( 'groupperm' ) ;
+if( ! is_object( @$xoopsUser ) || ! $moduleperm_handler->checkRight( 'module_admin' , $xoopsModule->getVar( 'mid' ) , $xoopsUser->getGroups() ) ) die( 'only admin can access this area' ) ;
-$xoops->loadLanguage('admin');
-require XOOPS_ROOT_PATH . '/include/cp_functions.php';
+$xoopsOption['pagetype'] = 'admin' ;
+require XOOPS_ROOT_PATH.'/include/cp_functions.php' ;
// language files (admin.php)
//$language = empty( $xoopsConfig['language'] ) ? 'english' : $xoopsConfig['language'] ; //hack by Trabis
-if (file_exists("$mydirpath/language/$language/admin.php")) {
- // user customized language file
- include_once "$mydirpath/language/$language/admin.php";
+if( file_exists( "$mydirpath/language/$language/admin.php" ) ) {
+ // user customized language file
+ include_once "$mydirpath/language/$language/admin.php" ;
+} else if( file_exists( "$mytrustdirpath/language/$language/admin.php" ) ) {
+ // default language file
+ include_once "$mytrustdirpath/language/$language/admin.php" ;
} else {
- if (file_exists("$mytrustdirpath/language/$language/admin.php")) {
- // default language file
- include_once "$mytrustdirpath/language/$language/admin.php";
- } else {
- // fallback english
- include_once "$mytrustdirpath/language/english/admin.php";
- }
+ // fallback english
+ include_once "$mytrustdirpath/language/english/admin.php" ;
}
// language files (main.php)
//$language = empty( $xoopsConfig['language'] ) ? 'english' : $xoopsConfig['language'] ; //hack by Trabis
-if (file_exists("$mydirpath/language/$language/main.php")) {
- // user customized language file
- include_once "$mydirpath/language/$language/main.php";
+if( file_exists( "$mydirpath/language/$language/main.php" ) ) {
+ // user customized language file
+ include_once "$mydirpath/language/$language/main.php" ;
+} else if( file_exists( "$mytrustdirpath/language/$language/main.php" ) ) {
+ // default language file
+ include_once "$mytrustdirpath/language/$language/main.php" ;
} else {
- if (file_exists("$mytrustdirpath/language/$language/main.php")) {
- // default language file
- include_once "$mytrustdirpath/language/$language/main.php";
- } else {
- // fallback english
- include_once "$mytrustdirpath/language/english/main.php";
- }
+ // fallback english
+ include_once "$mytrustdirpath/language/english/main.php" ;
}
-if (!empty($_GET['lib'])) {
- // common libs (eg. altsys)
- $lib = preg_replace('/[^a-zA-Z0-9_-]/', '', $_GET['lib']);
- $page = preg_replace('/[^a-zA-Z0-9_-]/', '', @$_GET['page']);
- if (file_exists(XOOPS_TRUST_PATH . '/libs/' . $lib . '/' . $page . '.php')) {
- include XOOPS_TRUST_PATH . '/libs/' . $lib . '/' . $page . '.php';
- } else {
- if (file_exists(XOOPS_TRUST_PATH . '/libs/' . $lib . '/index.php')) {
- include XOOPS_TRUST_PATH . '/libs/' . $lib . '/index.php';
- } else {
- die('wrong request');
- }
- }
+if( ! empty( $_GET['lib'] ) ) {
+ // common libs (eg. altsys)
+ $lib = preg_replace( '/[^a-zA-Z0-9_-]/' , '' , $_GET['lib'] ) ;
+ $page = preg_replace( '/[^a-zA-Z0-9_-]/' , '' , @$_GET['page'] ) ;
+
+ if( file_exists( XOOPS_TRUST_PATH.'/libs/'.$lib.'/'.$page.'.php' ) ) {
+ include XOOPS_TRUST_PATH.'/libs/'.$lib.'/'.$page.'.php' ;
+ } else if( file_exists( XOOPS_TRUST_PATH.'/libs/'.$lib.'/index.php' ) ) {
+ include XOOPS_TRUST_PATH.'/libs/'.$lib.'/index.php' ;
+ } else {
+ die( 'wrong request' ) ;
+ }
} else {
- // fork each pages of this module
- $page = preg_replace('/[^a-zA-Z0-9_-]/', '', @$_GET['page']);
+ // fork each pages of this module
+ $page = preg_replace( '/[^a-zA-Z0-9_-]/' , '' , @$_GET['page'] ) ;
- if (file_exists("$mytrustdirpath/admin/$page.php")) {
- include "$mytrustdirpath/admin/$page.php";
- } else {
- if (file_exists("$mytrustdirpath/admin/index.php")) {
- include "$mytrustdirpath/admin/index.php";
- } else {
- die('wrong request');
- }
- }
+ if( file_exists( "$mytrustdirpath/admin/$page.php" ) ) {
+ include "$mytrustdirpath/admin/$page.php" ;
+ } else if( file_exists( "$mytrustdirpath/admin/index.php" ) ) {
+ include "$mytrustdirpath/admin/index.php" ;
+ } else {
+ die( 'wrong request' ) ;
+ }
}
?>
\ No newline at end of file
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin_menu.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin_menu.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/admin_menu.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -2,37 +2,55 @@
// start hack by Trabis
if (!class_exists('ProtectorRegistry')) exit('Registry not found');
-$registry = ProtectorRegistry::getInstance();
+$registry =& ProtectorRegistry::getInstance();
$mydirname = $registry->getEntry('mydirname');
$mydirpath = $registry->getEntry('mydirpath');
$language = $registry->getEntry('language');
// end hack by Trabis
+$module_handler =& xoops_gethandler('module');
+$xoopsModule =& XoopsModule::getByDirname($mydirname);
+$moduleInfo =& $module_handler->get($xoopsModule->getVar('mid'));
+$pathIcon32 = $moduleInfo->getInfo('icons32');
+
$constpref = '_MI_' . strtoupper( $mydirname ) ;
$adminmenu = array(
array(
- 'title' => constant( $constpref.'_ADMININDEX' ) ,
+ 'title' => constant( $constpref.'_ADMINHOME' ) ,
'link' => 'admin/index.php' ,
+ 'icon' => '../../'.$pathIcon32.'/home.png',
) ,
array(
+ 'title' => constant( $constpref.'_ADMININDEX' ) ,
+ 'link' => 'admin/center.php?page=center' ,
+ 'icon' => '../../'.$pathIcon32.'/firewall.png',
+ ) ,
+ array(
'title' => constant( $constpref.'_ADVISORY' ) ,
- 'link' => 'admin/index.php?page=advisory' ,
+ 'link' => 'admin/center.php?page=advisory' ,
+ 'icon' => '../../'.$pathIcon32.'/security.png',
) ,
array(
'title' => constant( $constpref.'_PREFIXMANAGER' ) ,
- 'link' => 'admin/index.php?page=prefix_manager' ,
+ 'link' => 'admin/center.php?page=prefix_manager' ,
+ 'icon' => '../../'.$pathIcon32.'/manage.png',
) ,
+ array(
+ 'title' => constant( $constpref.'_ADMINABOUT' ) ,
+ 'link' => 'admin/about.php' ,
+ 'icon' => '../../'.$pathIcon32.'/about.png',
+ ) ,
) ;
$adminmenu4altsys = array(
array(
'title' => constant( $constpref.'_ADMENU_MYBLOCKSADMIN' ) ,
- 'link' => 'admin/index.php?mode=admin&lib=altsys&page=myblocksadmin' ,
+ 'link' => 'admin/main.php?mode=admin&lib=altsys&page=myblocksadmin' ,
) ,
array(
'title' => _PREFERENCES ,
- 'link' => 'admin/index.php?mode=admin&lib=altsys&page=mypreferences' ,
+ 'link' => 'admin/main.php?mode=admin&lib=altsys&page=mypreferences' ,
) ,
) ;
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/class/protector.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/class/protector.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/class/protector.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -113,7 +113,7 @@
}
-function getInstance()
+function &getInstance()
{
static $instance ;
if( ! isset( $instance ) ) {
@@ -618,12 +618,12 @@
}
-function get_ref_from_base64index( &$current , $indexes )
+function &get_ref_from_base64index( &$current , $indexes )
{
foreach( $indexes as $index ) {
$index = base64_decode( $index ) ;
if( ! is_array( $current ) ) return false ;
- $current = $current[ $index ] ;
+ $current =& $current[ $index ] ;
}
return $current ;
}
@@ -639,22 +639,22 @@
switch( $base_array ) {
case 'G' :
- $main_ref = $this->get_ref_from_base64index( $_GET , $indexes ) ;
- $legacy_ref = $this->get_ref_from_base64index( $HTTP_GET_VARS , $indexes ) ;
+ $main_ref =& $this->get_ref_from_base64index( $_GET , $indexes ) ;
+ $legacy_ref =& $this->get_ref_from_base64index( $HTTP_GET_VARS , $indexes ) ;
break ;
case 'P' :
- $main_ref = $this->get_ref_from_base64index( $_POST , $indexes ) ;
- $legacy_ref = $this->get_ref_from_base64index( $HTTP_POST_VARS , $indexes ) ;
+ $main_ref =& $this->get_ref_from_base64index( $_POST , $indexes ) ;
+ $legacy_ref =& $this->get_ref_from_base64index( $HTTP_POST_VARS , $indexes ) ;
break ;
case 'C' :
- $main_ref = $this->get_ref_from_base64index( $_COOKIE , $indexes ) ;
- $legacy_ref = $this->get_ref_from_base64index( $HTTP_COOKIE_VARS , $indexes ) ;
+ $main_ref =& $this->get_ref_from_base64index( $_COOKIE , $indexes ) ;
+ $legacy_ref =& $this->get_ref_from_base64index( $HTTP_COOKIE_VARS , $indexes ) ;
break ;
default :
exit ;
}
if( ! isset( $main_ref ) ) exit ;
- $request_ref = $this->get_ref_from_base64index( $_REQUEST , $indexes ) ;
+ $request_ref =& $this->get_ref_from_base64index( $_REQUEST , $indexes ) ;
if( $request_ref !== false && $main_ref == $request_ref ) {
$request_ref = $val ;
}
@@ -850,7 +850,7 @@
// gargage collection
$result = $xoopsDB->queryF( "DELETE FROM ".$xoopsDB->prefix($this->mydirname."_access")." WHERE expire < UNIX_TIMESTAMP()" ) ;
- // for older versions before updating this module
+ // for older versions before updating this module
if( $result === false ) {
$this->_done_dos = true ;
return true ;
@@ -959,7 +959,7 @@
}
-//
+//
function check_brute_force()
{
global $xoopsDB ;
@@ -1077,20 +1077,20 @@
$this->output_log( 'misc debug' ) ;
exit ;
}
-
+
// zx 2004/12/13 misc.php smilies
if( substr( @$_SERVER['SCRIPT_NAME'] , -8 ) == 'misc.php' && ( $_GET['type'] == 'smilies' || $_POST['type'] == 'smilies' ) && ! preg_match( '/^[0-9a-z_]*$/i' , $_GET['target'] ) ) {
$this->output_log( 'misc smilies' ) ;
exit ;
}
-
+
// zx 2005/1/5 edituser.php avatarchoose
if( substr( @$_SERVER['SCRIPT_NAME'] , -12 ) == 'edituser.php' && $_POST['op'] == 'avatarchoose' && strstr( $_POST['user_avatar'] , '..' ) ) {
$this->output_log( 'edituser avatarchoose' ) ;
exit ;
}
}
-
+
// zx 2005/1/4 findusers
if( substr( @$_SERVER['SCRIPT_NAME'] , -24 ) == 'modules/system/admin.php' && ( $_GET['fct'] == 'findusers' || $_POST['fct'] == 'findusers' ) ) {
foreach( $_POST as $key => $val ) {
@@ -1100,8 +1100,8 @@
}
}
}
-
- // preview CSRF zx 2004/12/14
+
+ // preview CSRF zx 2004/12/14
// news submit.php
if( substr( @$_SERVER['SCRIPT_NAME'] , -23 ) == 'modules/news/submit.php' && isset( $_POST['preview'] ) && strpos( @$_SERVER['HTTP_REFERER'] , XOOPS_URL.'/modules/news/submit.php' ) !== 0 ) {
$HTTP_POST_VARS['nohtml'] = $_POST['nohtml'] = 1 ;
@@ -1136,7 +1136,7 @@
function call_filter( $type , $dying_message = '' )
{
require_once dirname(__FILE__).'/ProtectorFilter.php' ;
- $filter_handler = ProtectorFilterHandler::getInstance() ;
+ $filter_handler =& ProtectorFilterHandler::getInstance() ;
$ret = $filter_handler->execute( $type ) ;
if( $ret == false && $dying_message ) {
die( $dying_message ) ;
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/postcheck_functions.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/postcheck_functions.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/postcheck_functions.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -4,12 +4,10 @@
{
global $xoopsUser , $xoopsModule ;
-
// patch for 2.2.x from xoops.org (I know this is not so beautiful...)
if( substr( @XOOPS_VERSION , 6 , 3 ) > 2.0 && stristr( @$_SERVER['REQUEST_URI'] , 'modules/system/admin.php?fct=preferences' ) ) {
- /* @var $module_handler XoopsModuleHandler */
- $module_handler = xoops_gethandler( 'module' ) ;
- $module = $module_handler->getById( intval( @$_GET['mod'] ) ) ;
+ $module_handler =& xoops_gethandler( 'module' ) ;
+ $module =& $module_handler->get( intval( @$_GET['mod'] ) ) ;
if( is_object( $module ) ) {
$module->getInfo() ;
}
@@ -22,8 +20,8 @@
// Protector object
require_once dirname(dirname(__FILE__)).'/class/protector.php' ;
- $db = XoopsDatabaseFactory::getDatabaseConnection();
- $protector = Protector::getInstance() ;
+ $db =& XoopsDatabaseFactory::getDatabaseConnection();
+ $protector =& Protector::getInstance() ;
$protector->setConn( $db->conn ) ;
$protector->updateConfFromDb() ;
$conf = $protector->getConf() ;
@@ -32,8 +30,8 @@
// phpmailer vulnerability
// http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/
if( in_array( substr( XOOPS_VERSION , 0 , 12 ) , array( 'XOOPS 2.0.16' , 'XOOPS 2.0.13' , 'XOOPS 2.2.4' ) ) ) {
- $config_handler = xoops_gethandler('config');
- $xoopsMailerConfig = $config_handler->getConfigsByCat(XOOPS_CONF_MAILER);
+ $config_handler =& xoops_gethandler('config');
+ $xoopsMailerConfig =& $config_handler->getConfigsByCat(XOOPS_CONF_MAILER);
if( $xoopsMailerConfig['mailmethod'] == 'sendmail' && md5_file( XOOPS_ROOT_PATH.'/class/mail/phpmailer/class.phpmailer.php' ) == 'ee1c09a8e579631f0511972f929fe36a' ) {
echo '<strong>phpmailer security hole! Change the preferences of mail from "sendmail" to another, or upgrade the core right now! (message by protector)</strong>' ;
}
@@ -50,6 +48,7 @@
if( empty( $group1_allow ) ) die( 'This account is disabled for your IP by Protector.<br />Clear cookie if you want to access this site as a guest.' ) ;
}
}
+
// reliable ips
$reliable_ips = @unserialize( @$conf['reliable_ips'] ) ;
if( is_array( $reliable_ips ) ) foreach( $reliable_ips as $reliable_ip ) {
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/version.txt
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/version.txt 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/include/version.txt 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1 +1 @@
-3.5
\ No newline at end of file
+3.51
\ No newline at end of file
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/admin.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/admin.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/admin.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -43,12 +43,12 @@
// advisory.php
define("_AM_ADV_NOTSECURE","Not secure");
-define("_AM_ADV_TRUSTPATHPUBLIC","If you can look an image -NG- or the link returns normal page, your XOOPS_TRUST_PATH is not placed properly. The best place for XOOPS_TRUST_PATH is outside of DocumentRoot. If you cannot do that, you have to put .htaccess (DENY FROM ALL) just under XOOPS_TRUST_PATH as the second best way.");
-define("_AM_ADV_TRUSTPATHPUBLICLINK","Check php files inside TRUST_PATH are private (it must be 404,403 or 500 error");
-define("_AM_ADV_REGISTERGLOBALS","This setting invites a variety of injecting attacks.<br />If you can put .htaccess, edit or create...");
-define("_AM_ADV_ALLOWURLFOPEN","This setting allows attackers to execute arbitrary scripts on remote servers.<br />Only administrator can change this option.<br />If you are an admin, edit php.ini or httpd.conf.<br /><b>Sample of httpd.conf:<br /> php_admin_flag allow_url_fopen off</b><br />Else, claim it to your administrators.");
-define("_AM_ADV_USETRANSSID","Your Session ID will be diplayed in anchor tags etc.<br />For preventing from session hi-jacking, add a line into .htaccess in XOOPS_ROOT_PATH.<br /><b>php_flag session.use_trans_sid off</b>");
-define("_AM_ADV_DBPREFIX","This setting invites 'SQL Injections'.<br />Don't forget turning 'Force sanitizing *' on in this module's preferences.");
+define("_AM_ADV_TRUSTPATHPUBLIC","If you can see an image -NG- or the link returns normal page, your XOOPS_TRUST_PATH is not placed properly. The best place for XOOPS_TRUST_PATH is outside of DocumentRoot. If you cannot do that, you have to put .htaccess (DENY FROM ALL) just under XOOPS_TRUST_PATH as the second best way.");
+define("_AM_ADV_TRUSTPATHPUBLICLINK","Check that PHP files inside TRUST_PATH are set to read-only (it must be 404,403 or 500 error)");
+define("_AM_ADV_REGISTERGLOBALS","If 'ON', this setting invites a variety of injecting attacks. If you can, set 'register_globals off' in php.ini, or if not possible, create or edit .htaccess in your XOOPS directory:");
+define("_AM_ADV_ALLOWURLFOPEN","If 'ON', this setting allows attackers to execute arbitrary scripts on remote servers.<br />Only administrator can change this option.<br />If you are an admin, edit php.ini or httpd.conf.<br /><b>Sample of httpd.conf:<br /> php_admin_flag allow_url_fopen off</b><br />Else, claim it to your administrators.");
+define("_AM_ADV_USETRANSSID","If 'ON', your Session ID will be displayed in anchor tags etc.<br />To prevent session hi-jacking, add a line into .htaccess in XOOPS_ROOT_PATH.<br /><b>php_flag session.use_trans_sid off</b>");
+define("_AM_ADV_DBPREFIX","This setting invites 'SQL Injections'.<br />Don't forget turning 'Force sanitizing *' ON in this module's preferences.");
define("_AM_ADV_LINK_TO_PREFIXMAN","Go to prefix manager");
define("_AM_ADV_MAINUNPATCHED","You should edit your mainfile.php like written in README.");
define("_AM_ADV_DBFACTORYPATCHED","Your databasefactory is ready for DBLayer Trapping anti-SQL-Injection");
@@ -58,6 +58,7 @@
define("_AM_ADV_CHECKCONTAMI","Contaminations");
define("_AM_ADV_CHECKISOCOM","Isolated Comments");
+//XOOPS 2.5.4
+define("_AM_ADV_REGISTERGLOBALS2","and place in it the line below:");
-
?>
\ No newline at end of file
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/modinfo.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/modinfo.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/language/english/modinfo.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -114,10 +114,11 @@
define($constpref.'_SPAMURI4G','anti-SPAM: URLs for guests');
define($constpref.'_SPAMURI4GDSC','If this number of URLs are found in POST data from guests, the POST is considered as SPAM. 0 means disabling this feature.');
+//3.40b
+define($constpref."_ADMINHOME","Home");
+define($constpref."_ADMINABOUT","About");
+//3.50
define($constpref.'_STOPFORUMSPAM_ACTION','Stop Forum Spam');
define($constpref.'_STOPFORUMSPAM_ACTIONDSC','Checks POST data against spammers registered on www.stopforumspam.com database. Requires php CURL lib.');
-
}
-
-?>
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/notification.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/notification.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/notification.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -2,7 +2,7 @@
// start hack by Trabis
if (!class_exists('ProtectorRegistry')) exit('Registry not found');
-$registry = ProtectorRegistry::getInstance();
+$registry =& ProtectorRegistry::getInstance();
$mydirname = $registry->getEntry('mydirname');
$mydirpath = $registry->getEntry('mydirpath');
$language = $registry->getEntry('language');
@@ -21,10 +21,10 @@
{
include_once dirname(__FILE__).'/include/common_functions.php' ;
- $db = XoopsDatabaseFactory::getDatabaseConnection();
+ $db =& XoopsDatabaseFactory::getDatabaseConnection();
- $module_handler = xoops_gethandler( 'module' ) ;
- $module = $module_handler->getByDirname( $mydirname ) ;
+ $module_handler =& xoops_gethandler( 'module' ) ;
+ $module =& $module_handler->getByDirname( $mydirname ) ;
if( $category == 'global' ) {
$item['name'] = '';
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/oninstall.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/oninstall.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/oninstall.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1,131 +1,128 @@
<?php
// start hack by Trabis
-if (!class_exists('ProtectorRegistry')) {
- exit('Registry not found');
-}
+if (!class_exists('ProtectorRegistry')) exit('Registry not found');
-$registry = ProtectorRegistry::getInstance();
-$mydirname = $registry->getEntry('mydirname');
-$mydirpath = $registry->getEntry('mydirpath');
-$language = $registry->getEntry('language');
+$registry =& ProtectorRegistry::getInstance();
+$mydirname = $registry->getEntry('mydirname');
+$mydirpath = $registry->getEntry('mydirpath');
+$language = $registry->getEntry('language');
// end hack by Trabis
-eval(' function xoops_module_install_' . $mydirname . '( $module ) { return protector_oninstall_base( $module , "' . $mydirname . '" ) ; } ');
+eval( ' function xoops_module_install_'.$mydirname.'( $module ) { return protector_oninstall_base( $module , "'.$mydirname.'" ) ; } ' ) ;
-if (!function_exists('protector_oninstall_base')) {
+if( ! function_exists( 'protector_oninstall_base' ) ) {
- function protector_oninstall_base($module, $mydirname)
- {
- // transations on module install
+function protector_oninstall_base( $module , $mydirname )
+{
+ // transations on module install
- global $ret; // TODO :-D
- $xoops = Xoops::getInstance();
+ global $ret ; // TODO :-D
- // for Cube 2.1
- if (defined('XOOPS_CUBE_LEGACY')) {
- $root = XCube_Root::getSingleton();
- $root->mDelegateManager->add('Legacy.Admin.Event.ModuleInstall.' . ucfirst($mydirname) . '.Success', 'protector_message_append_oninstall');
- $ret = array();
- } else {
- if (!is_array($ret)) {
- $ret = array();
- }
- }
+ // for Cube 2.1
+ if( defined( 'XOOPS_CUBE_LEGACY' ) ) {
+ $root =& XCube_Root::getSingleton();
+ $root->mDelegateManager->add( 'Legacy.Admin.Event.ModuleInstall.' . ucfirst($mydirname) . '.Success' , 'protector_message_append_oninstall' ) ;
+ $ret = array() ;
+ } else {
+ if( ! is_array( $ret ) ) $ret = array() ;
+ }
- $db = XoopsDatabaseFactory::getDatabaseConnection();
- $mid = $module->getVar('mid');
+ $db =& XoopsDatabaseFactory::getDatabaseConnection();
+ $mid = $module->getVar('mid') ;
- // TABLES (loading mysql.sql)
- $sql_file_path = dirname(__FILE__) . '/sql/mysql.sql';
- $prefix_mod = $db->prefix() . '_' . $mydirname;
- if (file_exists($sql_file_path)) {
- $ret[] = "SQL file found at <b>" . htmlspecialchars($sql_file_path) . "</b>.<br /> Creating tables...";
+ // TABLES (loading mysql.sql)
+ $sql_file_path = dirname(__FILE__).'/sql/mysql.sql' ;
+ $prefix_mod = $db->prefix() . '_' . $mydirname ;
+ if( file_exists( $sql_file_path ) ) {
+ $ret[] = "SQL file found at <b>".htmlspecialchars($sql_file_path)."</b>.<br /> Creating tables...";
- if (file_exists(XOOPS_ROOT_PATH . '/class/database/oldsqlutility.php')) {
- include_once XOOPS_ROOT_PATH . '/class/database/oldsqlutility.php';
- $sqlutil = new OldSqlUtility; //old code is -> $sqlutil = new OldSqlUtility ; //hack by Trabis
- } else {
- include_once XOOPS_ROOT_PATH . '/class/database/sqlutility.php';
- $sqlutil = new SqlUtility; //old code is -> $sqlutil = new SqlUtility ; //hack by Trabis
- }
+ if( file_exists( XOOPS_ROOT_PATH.'/class/database/oldsqlutility.php' ) ) {
+ include_once XOOPS_ROOT_PATH.'/class/database/oldsqlutility.php' ;
+ $sqlutil = new OldSqlUtility ; //old code is -> $sqlutil =& new OldSqlUtility ; //hack by Trabis
+ } else {
+ include_once XOOPS_ROOT_PATH.'/class/database/sqlutility.php' ;
+ $sqlutil = new SqlUtility ; //old code is -> $sqlutil =& new SqlUtility ; //hack by Trabis
+ }
- $sql_query = trim(file_get_contents($sql_file_path));
- $sqlutil->splitMySqlFile($pieces, $sql_query);
- $created_tables = array();
- foreach ($pieces as $piece) {
- $prefixed_query = $sqlutil->prefixQuery($piece, $prefix_mod);
- if (!$prefixed_query) {
- $ret[] = "Invalid SQL <b>" . htmlspecialchars($piece) . "</b><br />";
- return false;
- }
- if (!$db->query($prefixed_query[0])) {
- $ret[] = '<b>' . htmlspecialchars($db->error()) . '</b><br />';
- //var_dump( $db->error() ) ;
- return false;
- } else {
- if (!in_array($prefixed_query[4], $created_tables)) {
- $ret[] = 'Table <b>' . htmlspecialchars($prefix_mod . '_' . $prefixed_query[4]) . '</b> created.<br />';
- $created_tables[] = $prefixed_query[4];
- } else {
- $ret[] = 'Data inserted to table <b>' . htmlspecialchars($prefix_mod . '_' . $prefixed_query[4]) . '</b>.</br />';
- }
- }
- }
- }
+ $sql_query = trim( file_get_contents( $sql_file_path ) ) ;
+ $sqlutil->splitMySqlFile( $pieces , $sql_query ) ;
+ $created_tables = array() ;
+ foreach( $pieces as $piece ) {
+ $prefixed_query = $sqlutil->prefixQuery( $piece , $prefix_mod ) ;
+ if( ! $prefixed_query ) {
+ $ret[] = "Invalid SQL <b>".htmlspecialchars($piece)."</b><br />";
+ return false ;
+ }
+ if( ! $db->query( $prefixed_query[0] ) ) {
+ $ret[] = '<b>'.htmlspecialchars( $db->error() ).'</b><br />' ;
+ //var_dump( $db->error() ) ;
+ return false ;
+ } else {
+ if( ! in_array( $prefixed_query[4] , $created_tables ) ) {
+ $ret[] = 'Table <b>'.htmlspecialchars($prefix_mod.'_'.$prefixed_query[4]).'</b> created.<br />';
+ $created_tables[] = $prefixed_query[4];
+ } else {
+ $ret[] = 'Data inserted to table <b>'.htmlspecialchars($prefix_mod.'_'.$prefixed_query[4]).'</b>.</br />';
+ }
+ }
+ }
+ }
- // TEMPLATES
- $tplfile_handler = $xoops->getHandlerTplfile();
- $tpl_path = dirname(__FILE__) . '/templates';
- if ($handler = @opendir($tpl_path . '/')) {
- while (($file = readdir($handler)) !== false) {
- if (substr($file, 0, 1) == '.') {
- continue;
- }
- $file_path = $tpl_path . '/' . $file;
- if (is_file($file_path) && in_array(strrchr($file, '.'), array('.html', '.css', '.js'))) {
- $mtime = intval(@filemtime($file_path));
- $tplfile = $tplfile_handler->create();
- $tplfile->setVar('tpl_source', file_get_contents($file_path), true);
- $tplfile->setVar('tpl_refid', $mid);
- $tplfile->setVar('tpl_tplset', 'default');
- $tplfile->setVar('tpl_file', $mydirname . '_' . $file);
- $tplfile->setVar('tpl_desc', '', true);
- $tplfile->setVar('tpl_module', $mydirname);
- $tplfile->setVar('tpl_lastmodified', $mtime);
- $tplfile->setVar('tpl_lastimported', 0);
- $tplfile->setVar('tpl_type', 'module');
- if (!$tplfile_handler->insertTpl($tplfile)) {
- $ret[] = '<span style="color:#ff0000;">ERROR: Could not insert template <b>' . htmlspecialchars($mydirname . '_' . $file) . '</b> to the database.</span><br />';
- } else {
- $tplid = $tplfile->getVar('tpl_id');
- $ret[] = 'Template <b>' . htmlspecialchars($mydirname . '_' . $file) . '</b> added to the database. (ID: <b>' . $tplid . '</b>)<br />';
- // generate compiled file
- if (!$xoops->templateTouch($tplid)) {
- $ret[] = '<span style="color:#ff0000;">ERROR: Failed compiling template <b>' . htmlspecialchars($mydirname . '_' . $file) . '</b>.</span><br />';
- } else {
- $ret[] = 'Template <b>' . htmlspecialchars($mydirname . '_' . $file) . '</b> compiled.</span><br />';
- }
- }
- }
- }
- closedir($handler);
- }
- $xoops->templateClearModuleCache($mid);
+ // TEMPLATES
+ $tplfile_handler =& xoops_gethandler( 'tplfile' ) ;
+ $tpl_path = dirname(__FILE__).'/templates' ;
+ if( $handler = @opendir( $tpl_path . '/' ) ) {
+ while( ( $file = readdir( $handler ) ) !== false ) {
+ if( substr( $file , 0 , 1 ) == '.' ) continue ;
+ $file_path = $tpl_path . '/' . $file ;
+ if( is_file( $file_path ) && in_array( strrchr( $file , '.' ) , array( '.html' , '.css' , '.js' ) ) ) {
+ $mtime = intval( @filemtime( $file_path ) ) ;
+ $tplfile =& $tplfile_handler->create() ;
+ $tplfile->setVar( 'tpl_source' , file_get_contents( $file_path ) , true ) ;
+ $tplfile->setVar( 'tpl_refid' , $mid ) ;
+ $tplfile->setVar( 'tpl_tplset' , 'default' ) ;
+ $tplfile->setVar( 'tpl_file' , $mydirname . '_' . $file ) ;
+ $tplfile->setVar( 'tpl_desc' , '' , true ) ;
+ $tplfile->setVar( 'tpl_module' , $mydirname ) ;
+ $tplfile->setVar( 'tpl_lastmodified' , $mtime ) ;
+ $tplfile->setVar( 'tpl_lastimported' , 0 ) ;
+ $tplfile->setVar( 'tpl_type' , 'module' ) ;
+ if( ! $tplfile_handler->insert( $tplfile ) ) {
+ $ret[] = '<span style="color:#ff0000;">ERROR: Could not insert template <b>'.htmlspecialchars($mydirname.'_'.$file).'</b> to the database.</span><br />';
+ } else {
+ $tplid = $tplfile->getVar( 'tpl_id' ) ;
+ $ret[] = 'Template <b>'.htmlspecialchars($mydirname.'_'.$file).'</b> added to the database. (ID: <b>'.$tplid.'</b>)<br />';
+ // generate compiled file
+ include_once XOOPS_ROOT_PATH.'/class/xoopsblock.php' ;
+ include_once XOOPS_ROOT_PATH.'/class/template.php' ;
+ if( ! xoops_template_touch( $tplid ) ) {
+ $ret[] = '<span style="color:#ff0000;">ERROR: Failed compiling template <b>'.htmlspecialchars($mydirname.'_'.$file).'</b>.</span><br />';
+ } else {
+ $ret[] = 'Template <b>'.htmlspecialchars($mydirname.'_'.$file).'</b> compiled.</span><br />';
+ }
+ }
+ }
+ }
+ closedir( $handler ) ;
+ }
+ include_once XOOPS_ROOT_PATH.'/class/xoopsblock.php' ;
+ include_once XOOPS_ROOT_PATH.'/class/template.php' ;
+ xoops_template_clear_module_cache( $mid ) ;
- return true;
- }
+ return true ;
+}
- function protector_message_append_oninstall(&$module_obj, &$log)
- {
- if (is_array(@$GLOBALS['ret'])) {
- foreach ($GLOBALS['ret'] as $message) {
- $log->add(strip_tags($message));
- }
- }
+function protector_message_append_oninstall( &$module_obj , &$log )
+{
+ if( is_array( @$GLOBALS['ret'] ) ) {
+ foreach( $GLOBALS['ret'] as $message ) {
+ $log->add( strip_tags( $message ) ) ;
+ }
+ }
- // use mLog->addWarning() or mLog->addError() if necessary
- }
+ // use mLog->addWarning() or mLog->addError() if necessary
+}
}
Modified: XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/onuninstall.php
===================================================================
--- XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/onuninstall.php 2011-11-26 22:09:58 UTC (rev 8358)
+++ XoopsCore/branches/2.6.x/2.6.0/htdocs/xoops_lib/modules/protector/onuninstall.php 2011-11-26 22:30:11 UTC (rev 8359)
@@ -1,88 +1,84 @@
<?php
// start hack by Trabis
-if (!class_exists('ProtectorRegistry')) {
- exit('Registry not found');
-}
+if (!class_exists('ProtectorRegistry')) exit('Registry not found');
-$registry = ProtectorRegistry::getInstance();
-$mydirname = $registry->getEntry('mydirname');
-$mydirpath = $registry->getEntry('mydirpath');
-$language = $registry->getEntry('language');
+$registry =& ProtectorRegistry::getInstance();
+$mydirname = $registry->getEntry('mydirname');
+$mydirpath = $registry->getEntry('mydirpath');
+$language = $registry->getEntry('language');
// end hack by Trabis
-eval(' function xoops_module_uninstall_' . $mydirname . '( $module ) { return protector_onuninstall_base( $module , "' . $mydirname . '" ) ; } ');
+eval( ' function xoops_module_uninstall_'.$mydirname.'( $module ) { return protector_onuninstall_base( $module , "'.$mydirname.'" ) ; } ' ) ;
-if (!function_exists('protector_onuninstall_base')) {
+if( ! function_exists( 'protector_onuninstall_base' ) ) {
- function protector_onuninstall_base($module, $mydirname)
- {
- // transations on module uninstall
+function protector_onuninstall_base( $module , $mydirname )
+{
+ // transations on module uninstall
- global $ret; // TODO :-D
+ global $ret ; // TODO :-D
- // for Cube 2.1
- if (defined('XOOPS_CUBE_LEGACY')) {
- $root = XCube_Root::getSingleton();
- $root->mDelegateManager->add('Legacy.Admin.Event.ModuleUninstall.' . ucfirst($mydirname) . '.Success', 'protector_message_append_onuninstall');
- $ret = array();
- } else {
- if (!is_array($ret)) {
- $ret = array();
- }
- }
+ // for Cube 2.1
+ if( defined( 'XOOPS_CUBE_LEGACY' ) ) {
+ $root =& XCube_Root::getSingleton();
+ $root->mDelegateManager->add( 'Legacy.Admin.Event.ModuleUninstall.' . ucfirst($mydirname) . '...
[truncated message content] |
