5 if( ! class_exists(
'XoopsGTicket' ) ) {
9 var $_errors = array() ;
10 var $_latest_token =
'' ;
13 function XoopsGTicket()
18 if( defined(
'XOOPS_ROOT_PATH' ) && ! empty( $xoopsConfig[
'language'] ) && ! strstr( $xoopsConfig[
'language'] ,
'/' ) ) {
19 if( file_exists( dirname( dirname( __FILE__ ) ) .
'/language/' . $xoopsConfig[
'language'] .
'/gticket_messages.phtml' ) ) {
20 include dirname( dirname( __FILE__ ) ) .
'/language/' . $xoopsConfig[
'language'] .
'/gticket_messages.phtml' ;
25 if( empty( $this->messages ) ) $this->messages = array(
26 'err_general' =>
'GTicket Error' ,
27 'err_nostubs' =>
'No stubs found' ,
28 'err_noticket' =>
'No ticket found' ,
29 'err_nopair' =>
'No valid ticket-stub pair found' ,
30 'err_timeout' =>
'Time out' ,
31 'err_areaorref' =>
'Invalid area or referer' ,
32 'fmt_prompt4repost' =>
'error(s) found:<br /><span style="background-color:red;font-weight:bold;color:white;">%s</span><br />Confirm it.<br />And do you want to post again?' ,
33 'btn_repost' =>
'repost' ,
38 function getTicketHtml( $salt =
'' , $timeout = 1800 , $area =
'' )
40 return '<input type="hidden" name="XOOPS_G_TICKET" value="'.$this->issue( $salt , $timeout , $area ).
'" />' ;
44 function getTicketXoopsForm( $salt =
'' , $timeout = 1800 , $area =
'' )
46 return new XoopsFormHidden(
'XOOPS_G_TICKET' , $this->issue( $salt , $timeout , $area ) ) ;
50 function addTicketXoopsFormElement( &
$form , $salt =
'' , $timeout = 1800 , $area =
'' )
52 $form->addElement(
new XoopsFormHidden(
'XOOPS_G_TICKET' , $this->issue( $salt , $timeout , $area ) ) ) ;
56 function getTicketArray( $salt =
'' , $timeout = 1800 , $area =
'' )
58 return array(
'XOOPS_G_TICKET' => $this->issue( $salt , $timeout , $area ) ) ;
62 function getTicketParamString( $salt =
'' , $noamp =
false , $timeout=1800 , $area =
'' )
64 return ( $noamp ?
'' :
'&' ) .
'XOOPS_G_TICKET=' . $this->issue( $salt, $timeout , $area ) ;
68 function issue( $salt =
'' , $timeout = 1800 , $area =
'' )
73 list( $usec , $sec ) = explode(
" " , microtime() ) ;
75 $token = crypt( $salt . $usec . $appendix_salt . $sec ) ;
76 $this->_latest_token =
$token ;
81 if(
sizeof(
$_SESSION[
'XOOPS_G_STUBS'] ) > 10 ) {
86 $referer = empty(
$_SERVER[
'HTTP_REFERER'] ) ?
'' :
$_SERVER[
'REQUEST_URI'] ;
89 if( ! $area && is_object( @$xoopsModule ) ) {
90 $area = $xoopsModule->getVar(
'dirname') ;
95 'expire' => time() + $timeout ,
96 'referer' => $referer ,
106 function check( $post =
true , $area =
'' , $allow_repost =
true )
110 $this->_errors = array() ;
113 if( ! is_array(@
$_SESSION[
'XOOPS_G_STUBS'])) {
114 $this->_errors[] = $this->messages[
'err_nostubs'] ;
119 $ticket = $post ? @
$_POST[
'XOOPS_G_TICKET'] : @
$_GET[
'XOOPS_G_TICKET'] ;
122 if( empty( $ticket ) ) {
123 $this->_errors[] = $this->messages[
'err_noticket'] ;
127 $stubs_tmp =
$_SESSION[
'XOOPS_G_STUBS'] ;
129 foreach( $stubs_tmp as $stub ) {
131 if( $stub[
'expire'] >= time() ) {
133 $found_stub = $stub ;
141 $timeout_flag =
true ;
147 if( empty( $found_stub ) ) {
148 if( empty( $timeout_flag ) ) $this->_errors[] = $this->messages[
'err_nopair'] ;
149 else $this->_errors[] = $this->messages[
'err_timeout'] ;
154 if( ! $area && is_object( @$xoopsModule ) ) {
155 $area = $xoopsModule->getVar(
'dirname') ;
159 if( @$found_stub[
'area'] == $area ) $area_check =
true ;
160 if( ! empty( $found_stub[
'referer'] ) && strstr( @
$_SERVER[
'HTTP_REFERER'] , $found_stub[
'referer'] ) ) $referer_check =
true ;
162 if( empty( $area_check ) && empty( $referer_check ) ) {
163 $this->_errors[] = $this->messages[
'err_areaorref'] ;
167 if( ! empty( $this->_errors ) ) {
168 if( $allow_repost ) {
170 $this->draw_repost_form( $area ) ;
184 function draw_repost_form( $area =
'' )
187 if( headers_sent() ) {
188 restore_error_handler() ;
189 set_error_handler( array( &$this ,
'errorHandler4FindOutput' ) ) ;
190 header(
'Dummy: for warning' ) ;
191 restore_error_handler() ;
195 error_reporting( 0 ) ;
196 while( ob_get_level() ) ob_end_clean() ;
199 $form =
'<form action="?'.htmlspecialchars(@
$_SERVER[
'QUERY_STRING'],ENT_QUOTES).
'" method="post" >' ;
200 foreach(
$_POST as $key => $val ) {
201 if( $key ==
'XOOPS_G_TICKET' ) continue ;
202 if( get_magic_quotes_gpc() ) {
203 $key = stripslashes( $key ) ;
205 if( is_array( $val ) ) {
206 list( $tmp_table , $tmp_form ) = $this->extract_post_recursive( htmlspecialchars($key,ENT_QUOTES) , $val ) ;
207 $table .= $tmp_table ;
210 if( get_magic_quotes_gpc() ) {
211 $val = stripslashes( $val ) ;
213 $table .=
'<tr><th>'.htmlspecialchars($key,ENT_QUOTES).
'</th><td>'.htmlspecialchars($val,ENT_QUOTES).
'</td></tr>'.
"\n" ;
214 $form .=
'<input type="hidden" name="'.htmlspecialchars($key,ENT_QUOTES).
'" value="'.htmlspecialchars($val,ENT_QUOTES).
'" />'.
"\n" ;
217 $table .=
'</table>' ;
218 $form .= $this->getTicketHtml(__LINE__,300,$area).
'<input type="submit" value="'.$this->messages[
'btn_repost'].
'" /></form>' ;
220 echo
'<html><head><title>'.$this->messages[
'err_general'].
'</title><style>table,td,th {border:solid black 1px; border-collapse:collapse;}</style></head><body>' . sprintf( $this->messages[
'fmt_prompt4repost'] , $this->getErrors() ) . $table .
$form .
'</body></html>' ;
223 function extract_post_recursive( $key_name , $tmp_array ) {
226 foreach( $tmp_array as $key => $val ) {
227 if( get_magic_quotes_gpc() ) {
228 $key = stripslashes( $key ) ;
230 if( is_array( $val ) ) {
231 list( $tmp_table , $tmp_form ) = $this->extract_post_recursive( $key_name.
'['.htmlspecialchars($key,ENT_QUOTES).
']' , $val ) ;
232 $table .= $tmp_table ;
235 if( get_magic_quotes_gpc() ) {
236 $val = stripslashes( $val ) ;
238 $table .=
'<tr><th>'.$key_name.
'['.htmlspecialchars($key,ENT_QUOTES).
']</th><td>'.htmlspecialchars($val,ENT_QUOTES).
'</td></tr>'.
"\n" ;
239 $form .=
'<input type="hidden" name="'.$key_name.
'['.htmlspecialchars($key,ENT_QUOTES).
']" value="'.htmlspecialchars($val,ENT_QUOTES).
'" />'.
"\n" ;
242 return array( $table ,
$form ) ;
256 if( ! empty(
$_SESSION[
'XOOPS_G_STUBS'] ) ) {
265 function getErrors( $ashtml =
true )
269 foreach( $this->_errors as
$msg ) {
270 $ret .=
"$msg<br />\n" ;
273 $ret = $this->_errors ;
278 function errorHandler4FindOutput($errNo, $errStr, $errFile, $errLine)
280 if( preg_match(
'?'.preg_quote(XOOPS_ROOT_PATH).
'([^:]+)\:(\d+)?' , $errStr , $regs ) ) {
281 echo
"Irregular output! check the file ".htmlspecialchars($regs[1]).
" line ".htmlspecialchars($regs[2]) ;
283 echo
"Irregular output! check language files etc." ;
291 $GLOBALS[
'xoopsGTicket'] =
new XoopsGTicket() ;
295 if( ! function_exists(
'admin_refcheck' ) ) {
298 function admin_refcheck($chkref =
"") {
299 if( empty(
$_SERVER[
'HTTP_REFERER'] ) ) {
305 if ( $chkref !=
"" ) { $cr .= $chkref; }
306 if ( strpos($ref, $cr) !== 0 ) {
return false; }