Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php namespace Widget\Users; use Typecho\Common; use Typecho\Db\Exception; use Typecho\..
Decoded Output download
<?php
namespace Widget\Users;
use Typecho\Common;
use Typecho\Db\Exception;
use Typecho\Plugin;
use Typecho\Widget\Helper\Form;
use Utils\PasswordHash;
use Widget\ActionInterface;
use Widget\Base\Options;
use Widget\Base\Users;
use Widget\Notice;
use Widget\Plugins\Rows;
if (!defined('__TYPECHO_ROOT_DIR__')) {
exit;
}
/**
*
*
* @link typecho
* @package Widget
* @copyright Copyright (c) 2008 Typecho team (http://www.typecho.org)
* @license GNU General Public License 2.0
*/
class Profile extends Users implements ActionInterface
{
use EditTrait;
/**
*
*/
public function execute()
{
/** */
$this->user->pass('subscriber');
$this->request->setParam('uid', $this->user->uid);
}
/**
*
*
* @access public
* @return Form
*/
public function optionsForm(): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
/** */
$markdown = new Form\Element\Radio(
'markdown',
['0' => _t(''), '1' => _t('')],
$this->options->markdown,
_t(' Markdown '),
_t(' <a href="https://daringfireball.net/projects/markdown/">Markdown</a> .')
. '<br />' . _t(' Markdown .')
);
$form->addInput($markdown);
$xmlrpcMarkdown = new Form\Element\Radio(
'xmlrpcMarkdown',
['0' => _t(''), '1' => _t('')],
$this->options->xmlrpcMarkdown,
_t(' XMLRPC Markdown '),
_t(' <a href="https://daringfireball.net/projects/markdown/">Markdown</a> , HTML.')
);
$form->addInput($xmlrpcMarkdown);
/** */
$autoSave = new Form\Element\Radio(
'autoSave',
['0' => _t(''), '1' => _t('')],
$this->options->autoSave,
_t(''),
_t('.')
);
$form->addInput($autoSave);
/** */
$allow = [];
if ($this->options->defaultAllowComment) {
$allow[] = 'comment';
}
if ($this->options->defaultAllowPing) {
$allow[] = 'ping';
}
if ($this->options->defaultAllowFeed) {
$allow[] = 'feed';
}
$defaultAllow = new Form\Element\Checkbox(
'defaultAllow',
['comment' => _t(''), 'ping' => _t(''), 'feed' => _t('')],
$allow,
_t(''),
_t('')
);
$form->addInput($defaultAllow);
/** */
$do = new Form\Element\Hidden('do', null, 'options');
$form->addInput($do);
/** */
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
return $form;
}
/**
*
*
* @throws Plugin\Exception
*/
public function personalFormList()
{
$plugins = Rows::alloc('activated=1');
while ($plugins->next()) {
if ($plugins->personalConfig) {
[$pluginFileName, $className] = Plugin::portal($plugins->name, $this->options->pluginDir);
$form = $this->personalForm($plugins->name, $className, $pluginFileName, $group);
if ($this->user->pass($group, true)) {
echo '<br><section id="personal-' . $plugins->name . '">';
echo '<h3>' . $plugins->title . '</h3>';
$form->render();
echo '</section>';
}
}
}
}
/**
*
*
* @access public
* @param string $pluginName
* @param string $className
* @param string $pluginFileName
* @param string|null $group
* @throws Plugin\Exception
*/
public function personalForm(string $pluginName, string $className, string $pluginFileName, ?string &$group): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
$form->setAttribute('name', $pluginName);
$form->setAttribute('id', $pluginName);
require_once $pluginFileName;
$group = call_user_func([$className, 'personalConfig'], $form);
$group = $group ?: 'subscriber';
$options = $this->options->personalPlugin($pluginName);
if (!empty($options)) {
foreach ($options as $key => $val) {
$form->getInput($key)->value($val);
}
}
$form->addItem(new Form\Element\Hidden('do', null, 'personal'));
$form->addItem(new Form\Element\Hidden('plugin', null, $pluginName));
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
return $form;
}
/**
*
*
* @throws Exception
*/
public function updateProfile()
{
if ($this->profileForm()->validate()) {
$this->response->goBack();
}
/** */
$user = $this->request->from('mail', 'screenName', 'url');
$user['screenName'] = empty($user['screenName']) ? $user['name'] : $user['screenName'];
/** */
$this->update($user, $this->db->sql()->where('uid = ?', $this->user->uid));
/** */
Notice::alloc()->highlight('user-' . $this->user->uid);
/** */
Notice::alloc()->set(_t(''), 'success');
/** */
$this->response->goBack();
}
/**
*
*
* @return Form
*/
public function profileForm(): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
/** */
$screenName = new Form\Element\Text('screenName', null, null, _t(''), _t(', .')
. '<br />' . _t(', .'));
$form->addInput($screenName);
/** */
$url = new Form\Element\Url('url', null, null, _t(''), _t(', <code>https://</code> .'));
$form->addInput($url);
/** */
$mail = new Form\Element\Text('mail', null, null, _t('') . ' *', _t('.')
. '<br />' . _t('.'));
$form->addInput($mail);
/** */
$do = new Form\Element\Hidden('do', null, 'profile');
$form->addInput($do);
/** */
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
$screenName->value($this->user->screenName);
$url->value($this->user->url);
$mail->value($this->user->mail);
/** */
$screenName->addRule([$this, 'screenNameExists'], _t(''));
$screenName->addRule('xssCheck', _t(''));
$url->addRule('url', _t(''));
$mail->addRule('required', _t(''));
$mail->addRule([$this, 'mailExists'], _t(''));
$mail->addRule('email', _t(''));
return $form;
}
/**
*
*
* @throws Exception
*/
public function updateOptions()
{
$settings['autoSave'] = $this->request->is('autoSave=1') ? 1 : 0;
$settings['markdown'] = $this->request->is('markdown=1') ? 1 : 0;
$settings['xmlrpcMarkdown'] = $this->request->is('xmlrpcMarkdown=1') ? 1 : 0;
$defaultAllow = $this->request->getArray('defaultAllow');
$settings['defaultAllowComment'] = in_array('comment', $defaultAllow) ? 1 : 0;
$settings['defaultAllowPing'] = in_array('ping', $defaultAllow) ? 1 : 0;
$settings['defaultAllowFeed'] = in_array('feed', $defaultAllow) ? 1 : 0;
foreach ($settings as $name => $value) {
if (
$this->db->fetchObject($this->db->select(['COUNT(*)' => 'num'])
->from('table.options')->where('name = ? AND user = ?', $name, $this->user->uid))->num > 0
) {
Options::alloc()
->update(
['value' => $value],
$this->db->sql()->where('name = ? AND user = ?', $name, $this->user->uid)
);
} else {
Options::alloc()->insert([
'name' => $name,
'value' => $value,
'user' => $this->user->uid
]);
}
}
Notice::alloc()->set(_t(""), 'success');
$this->response->goBack();
}
/**
*
*
* @throws Exception
*/
public function updatePassword()
{
/** */
if ($this->passwordForm()->validate()) {
$this->response->goBack();
}
$hasher = new PasswordHash(8, true);
$password = $hasher->hashPassword($this->request->password);
/** */
$this->update(
['password' => $password],
$this->db->sql()->where('uid = ?', $this->user->uid)
);
/** */
Notice::alloc()->highlight('user-' . $this->user->uid);
/** */
Notice::alloc()->set(_t(''), 'success');
/** */
$this->response->goBack();
}
/**
*
*
* @return Form
*/
public function passwordForm(): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
/** */
$password = new Form\Element\Password('password', null, null, _t(''), _t('.')
. '<br />' . _t(',.'));
$password->input->setAttribute('class', 'w-60');
$form->addInput($password);
/** */
$confirm = new Form\Element\Password('confirm', null, null, _t(''), _t(', .'));
$confirm->input->setAttribute('class', 'w-60');
$form->addInput($confirm);
/** */
$do = new Form\Element\Hidden('do', null, 'password');
$form->addInput($do);
/** */
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
$password->addRule('required', _t(''));
$password->addRule('minLength', _t(', '), 6);
$confirm->addRule('confirm', _t(''), 'password');
return $form;
}
/**
*
*
* @throws \Typecho\Widget\Exception
*/
public function updatePersonal()
{
/** */
$pluginName = $this->request->get('plugin');
/** */
$plugins = Plugin::export();
$activatedPlugins = $plugins['activated'];
/** */
[$pluginFileName, $className] = Plugin::portal(
$pluginName,
__TYPECHO_ROOT_DIR__ . '/' . __TYPECHO_PLUGIN_DIR__
);
$info = Plugin::parseInfo($pluginFileName);
if (!$info['personalConfig'] || !isset($activatedPlugins[$pluginName])) {
throw new \Typecho\Widget\Exception(_t(''), 500);
}
$form = $this->personalForm($pluginName, $className, $pluginFileName, $group);
$this->user->pass($group);
/** */
if ($form->validate()) {
$this->response->goBack();
}
$settings = $form->getAllRequest();
unset($settings['do'], $settings['plugin']);
$name = '_plugin:' . $pluginName;
if (!$this->personalConfigHandle($className, $settings)) {
if (
$this->db->fetchObject($this->db->select(['COUNT(*)' => 'num'])
->from('table.options')->where('name = ? AND user = ?', $name, $this->user->uid))->num > 0
) {
Options::alloc()
->update(
['value' => json_encode($settings)],
$this->db->sql()->where('name = ? AND user = ?', $name, $this->user->uid)
);
} else {
Options::alloc()->insert([
'name' => $name,
'value' => json_encode($settings),
'user' => $this->user->uid
]);
}
}
/** */
Notice::alloc()->set(_t("%s ", $info['title']), 'success');
/** */
$this->response->redirect(Common::url('profile.php', $this->options->adminUrl));
}
/**
*
*
* @access public
* @param string $className
* @param array $settings
* @return boolean
*/
public function personalConfigHandle(string $className, array $settings): bool
{
if (method_exists($className, 'personalConfigHandle')) {
call_user_func([$className, 'personalConfigHandle'], $settings, false);
return true;
}
return false;
}
/**
*
*
* @access public
* @return void
*/
public function action()
{
$this->security->protect();
$this->on($this->request->is('do=profile'))->updateProfile();
$this->on($this->request->is('do=options'))->updateOptions();
$this->on($this->request->is('do=password'))->updatePassword();
$this->on($this->request->is('do=personal&plugin'))->updatePersonal();
$this->response->redirect($this->options->siteUrl);
}
}
?>Did this file decode correctly?
Original Code
<?php
namespace Widget\Users;
use Typecho\Common;
use Typecho\Db\Exception;
use Typecho\Plugin;
use Typecho\Widget\Helper\Form;
use Utils\PasswordHash;
use Widget\ActionInterface;
use Widget\Base\Options;
use Widget\Base\Users;
use Widget\Notice;
use Widget\Plugins\Rows;
if (!defined('__TYPECHO_ROOT_DIR__')) {
exit;
}
/**
*
*
* @link typecho
* @package Widget
* @copyright Copyright (c) 2008 Typecho team (http://www.typecho.org)
* @license GNU General Public License 2.0
*/
class Profile extends Users implements ActionInterface
{
use EditTrait;
/**
*
*/
public function execute()
{
/** */
$this->user->pass('subscriber');
$this->request->setParam('uid', $this->user->uid);
}
/**
*
*
* @access public
* @return Form
*/
public function optionsForm(): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
/** */
$markdown = new Form\Element\Radio(
'markdown',
['0' => _t(''), '1' => _t('')],
$this->options->markdown,
_t(' Markdown '),
_t(' <a href="https://daringfireball.net/projects/markdown/">Markdown</a> .')
. '<br />' . _t(' Markdown .')
);
$form->addInput($markdown);
$xmlrpcMarkdown = new Form\Element\Radio(
'xmlrpcMarkdown',
['0' => _t(''), '1' => _t('')],
$this->options->xmlrpcMarkdown,
_t(' XMLRPC Markdown '),
_t(' <a href="https://daringfireball.net/projects/markdown/">Markdown</a> , HTML.')
);
$form->addInput($xmlrpcMarkdown);
/** */
$autoSave = new Form\Element\Radio(
'autoSave',
['0' => _t(''), '1' => _t('')],
$this->options->autoSave,
_t(''),
_t('.')
);
$form->addInput($autoSave);
/** */
$allow = [];
if ($this->options->defaultAllowComment) {
$allow[] = 'comment';
}
if ($this->options->defaultAllowPing) {
$allow[] = 'ping';
}
if ($this->options->defaultAllowFeed) {
$allow[] = 'feed';
}
$defaultAllow = new Form\Element\Checkbox(
'defaultAllow',
['comment' => _t(''), 'ping' => _t(''), 'feed' => _t('')],
$allow,
_t(''),
_t('')
);
$form->addInput($defaultAllow);
/** */
$do = new Form\Element\Hidden('do', null, 'options');
$form->addInput($do);
/** */
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
return $form;
}
/**
*
*
* @throws Plugin\Exception
*/
public function personalFormList()
{
$plugins = Rows::alloc('activated=1');
while ($plugins->next()) {
if ($plugins->personalConfig) {
[$pluginFileName, $className] = Plugin::portal($plugins->name, $this->options->pluginDir);
$form = $this->personalForm($plugins->name, $className, $pluginFileName, $group);
if ($this->user->pass($group, true)) {
echo '<br><section id="personal-' . $plugins->name . '">';
echo '<h3>' . $plugins->title . '</h3>';
$form->render();
echo '</section>';
}
}
}
}
/**
*
*
* @access public
* @param string $pluginName
* @param string $className
* @param string $pluginFileName
* @param string|null $group
* @throws Plugin\Exception
*/
public function personalForm(string $pluginName, string $className, string $pluginFileName, ?string &$group): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
$form->setAttribute('name', $pluginName);
$form->setAttribute('id', $pluginName);
require_once $pluginFileName;
$group = call_user_func([$className, 'personalConfig'], $form);
$group = $group ?: 'subscriber';
$options = $this->options->personalPlugin($pluginName);
if (!empty($options)) {
foreach ($options as $key => $val) {
$form->getInput($key)->value($val);
}
}
$form->addItem(new Form\Element\Hidden('do', null, 'personal'));
$form->addItem(new Form\Element\Hidden('plugin', null, $pluginName));
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
return $form;
}
/**
*
*
* @throws Exception
*/
public function updateProfile()
{
if ($this->profileForm()->validate()) {
$this->response->goBack();
}
/** */
$user = $this->request->from('mail', 'screenName', 'url');
$user['screenName'] = empty($user['screenName']) ? $user['name'] : $user['screenName'];
/** */
$this->update($user, $this->db->sql()->where('uid = ?', $this->user->uid));
/** */
Notice::alloc()->highlight('user-' . $this->user->uid);
/** */
Notice::alloc()->set(_t(''), 'success');
/** */
$this->response->goBack();
}
/**
*
*
* @return Form
*/
public function profileForm(): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
/** */
$screenName = new Form\Element\Text('screenName', null, null, _t(''), _t(', .')
. '<br />' . _t(', .'));
$form->addInput($screenName);
/** */
$url = new Form\Element\Url('url', null, null, _t(''), _t(', <code>https://</code> .'));
$form->addInput($url);
/** */
$mail = new Form\Element\Text('mail', null, null, _t('') . ' *', _t('.')
. '<br />' . _t('.'));
$form->addInput($mail);
/** */
$do = new Form\Element\Hidden('do', null, 'profile');
$form->addInput($do);
/** */
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
$screenName->value($this->user->screenName);
$url->value($this->user->url);
$mail->value($this->user->mail);
/** */
$screenName->addRule([$this, 'screenNameExists'], _t(''));
$screenName->addRule('xssCheck', _t(''));
$url->addRule('url', _t(''));
$mail->addRule('required', _t(''));
$mail->addRule([$this, 'mailExists'], _t(''));
$mail->addRule('email', _t(''));
return $form;
}
/**
*
*
* @throws Exception
*/
public function updateOptions()
{
$settings['autoSave'] = $this->request->is('autoSave=1') ? 1 : 0;
$settings['markdown'] = $this->request->is('markdown=1') ? 1 : 0;
$settings['xmlrpcMarkdown'] = $this->request->is('xmlrpcMarkdown=1') ? 1 : 0;
$defaultAllow = $this->request->getArray('defaultAllow');
$settings['defaultAllowComment'] = in_array('comment', $defaultAllow) ? 1 : 0;
$settings['defaultAllowPing'] = in_array('ping', $defaultAllow) ? 1 : 0;
$settings['defaultAllowFeed'] = in_array('feed', $defaultAllow) ? 1 : 0;
foreach ($settings as $name => $value) {
if (
$this->db->fetchObject($this->db->select(['COUNT(*)' => 'num'])
->from('table.options')->where('name = ? AND user = ?', $name, $this->user->uid))->num > 0
) {
Options::alloc()
->update(
['value' => $value],
$this->db->sql()->where('name = ? AND user = ?', $name, $this->user->uid)
);
} else {
Options::alloc()->insert([
'name' => $name,
'value' => $value,
'user' => $this->user->uid
]);
}
}
Notice::alloc()->set(_t(""), 'success');
$this->response->goBack();
}
/**
*
*
* @throws Exception
*/
public function updatePassword()
{
/** */
if ($this->passwordForm()->validate()) {
$this->response->goBack();
}
$hasher = new PasswordHash(8, true);
$password = $hasher->hashPassword($this->request->password);
/** */
$this->update(
['password' => $password],
$this->db->sql()->where('uid = ?', $this->user->uid)
);
/** */
Notice::alloc()->highlight('user-' . $this->user->uid);
/** */
Notice::alloc()->set(_t(''), 'success');
/** */
$this->response->goBack();
}
/**
*
*
* @return Form
*/
public function passwordForm(): Form
{
/** */
$form = new Form($this->security->getIndex('/action/users-profile'), Form::POST_METHOD);
/** */
$password = new Form\Element\Password('password', null, null, _t(''), _t('.')
. '<br />' . _t(',.'));
$password->input->setAttribute('class', 'w-60');
$form->addInput($password);
/** */
$confirm = new Form\Element\Password('confirm', null, null, _t(''), _t(', .'));
$confirm->input->setAttribute('class', 'w-60');
$form->addInput($confirm);
/** */
$do = new Form\Element\Hidden('do', null, 'password');
$form->addInput($do);
/** */
$submit = new Form\Element\Submit('submit', null, _t(''));
$submit->input->setAttribute('class', 'btn primary');
$form->addItem($submit);
$password->addRule('required', _t(''));
$password->addRule('minLength', _t(', '), 6);
$confirm->addRule('confirm', _t(''), 'password');
return $form;
}
/**
*
*
* @throws \Typecho\Widget\Exception
*/
public function updatePersonal()
{
/** */
$pluginName = $this->request->get('plugin');
/** */
$plugins = Plugin::export();
$activatedPlugins = $plugins['activated'];
/** */
[$pluginFileName, $className] = Plugin::portal(
$pluginName,
__TYPECHO_ROOT_DIR__ . '/' . __TYPECHO_PLUGIN_DIR__
);
$info = Plugin::parseInfo($pluginFileName);
if (!$info['personalConfig'] || !isset($activatedPlugins[$pluginName])) {
throw new \Typecho\Widget\Exception(_t(''), 500);
}
$form = $this->personalForm($pluginName, $className, $pluginFileName, $group);
$this->user->pass($group);
/** */
if ($form->validate()) {
$this->response->goBack();
}
$settings = $form->getAllRequest();
unset($settings['do'], $settings['plugin']);
$name = '_plugin:' . $pluginName;
if (!$this->personalConfigHandle($className, $settings)) {
if (
$this->db->fetchObject($this->db->select(['COUNT(*)' => 'num'])
->from('table.options')->where('name = ? AND user = ?', $name, $this->user->uid))->num > 0
) {
Options::alloc()
->update(
['value' => json_encode($settings)],
$this->db->sql()->where('name = ? AND user = ?', $name, $this->user->uid)
);
} else {
Options::alloc()->insert([
'name' => $name,
'value' => json_encode($settings),
'user' => $this->user->uid
]);
}
}
/** */
Notice::alloc()->set(_t("%s ", $info['title']), 'success');
/** */
$this->response->redirect(Common::url('profile.php', $this->options->adminUrl));
}
/**
*
*
* @access public
* @param string $className
* @param array $settings
* @return boolean
*/
public function personalConfigHandle(string $className, array $settings): bool
{
if (method_exists($className, 'personalConfigHandle')) {
call_user_func([$className, 'personalConfigHandle'], $settings, false);
return true;
}
return false;
}
/**
*
*
* @access public
* @return void
*/
public function action()
{
$this->security->protect();
$this->on($this->request->is('do=profile'))->updateProfile();
$this->on($this->request->is('do=options'))->updateOptions();
$this->on($this->request->is('do=password'))->updatePassword();
$this->on($this->request->is('do=personal&plugin'))->updatePersonal();
$this->response->redirect($this->options->siteUrl);
}
}
Function Calls
| None |
Stats
| MD5 | 4dbeff32e16613c7f139fd5e3cf5c664 |
| Eval Count | 0 |
| Decode Time | 129 ms |