From 90595b9c6e60302875345342c6d8dca28d288be5 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 8 Oct 2005 04:42:34 +0000 Subject: [PATCH] - removed global callback/instantiation - use $this->registry instead of $_isso --- db_mysql.php | 4 +--- kernel.php | 61 +++++++++++++++++++++++++------------------------ mail.php | 26 ++++++++++----------- template.php | 41 +++++++++++++-------------------- template_fs.php | 4 +--- xml.php | 4 +--- 6 files changed, 62 insertions(+), 78 deletions(-) diff --git a/db_mysql.php b/db_mysql.php index 2a75c9d..f78da4e 100644 --- a/db_mysql.php +++ b/db_mysql.php @@ -281,8 +281,6 @@ class MySQL_Database_Driver */ function error($message) { - global $_isso; - if ($this->errshow) { if ($this->link_id) @@ -301,7 +299,7 @@ class MySQL_Database_Driver $message_prepped .= "\n\t» File: " . $_SERVER['PHP_SELF'] . "\n"; $message_prepped .= "\n

\n"; - $_isso->_message('Database Error in `' . $_isso->application . '`', $message_prepped, 3); + $this->registry->_message('Database Error in `' . $this->registry->application . '`', $message_prepped, 3); exit; } } diff --git a/kernel.php b/kernel.php index 1855c91..2d420cc 100644 --- a/kernel.php +++ b/kernel.php @@ -190,6 +190,11 @@ class Shared_Object_Framework $this->exec_sanitize_data(); } + if (defined('ISSO_CHECK_POST_REFERER')) + { + $this->exec_referer_check(); + } + $this->modules['kernel'] = 'Shared Object Framework Core'; } @@ -489,26 +494,24 @@ class Shared_Object_Framework */ function escape($str, $binary = false, $force = true) { - global $_isso; - if ($this->magicquotes AND !$force) { - if (isset($_isso->db) AND $binary) + if (isset($this->registry->db) AND $binary) { - if (is_resource($_isso->db->link_id)) + if (is_resource($this->registry->db->link_id)) { - return $_isso->db->escape_string(stripslashes($str)); + return $this->registry->db->escape_string(stripslashes($str)); } } return $str; } else { - if (isset($_isso->db) AND $binary) + if (isset($this->registry->db) AND $binary) { - if (is_resource($_isso->db->link_id)) + if (is_resource($this->registry->db->link_id)) { - return $_isso->db->escape_string($str); + return $this->registry->db->escape_string($str); } } return addslashes($str); @@ -527,33 +530,31 @@ class Shared_Object_Framework $this->magicquotes = 1; } } -} - -/** -* Global callback used for module calls back to the kernel -*/ -$_isso = new Shared_Object_Framework(); - -if (defined('ISSO_CHECK_POST_REFERER')) -{ - if ($_SERVER['REQUEST_METHOD'] == 'POST') + + /** + * Checks to see if a POST refer is actually from us + */ + function exec_referer_check() { - $host = ($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_ENV['HTTP_HOST']; - - if ($host AND $_SERVER['HTTP_REFERER']) + if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $parts = parse_url($_SERVER['HTTP_REFERER']); - $ourhost = $parts['host'] . (($parts['port']) ? ":$parts[port]" : ''); + $host = ($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_ENV['HTTP_HOST']; - if ($ourhost != $host) + if ($host AND $_SERVER['HTTP_REFERER']) { - trigger_error('No external hosts are allowed to POST to this application', E_USER_ERROR); + $parts = parse_url($_SERVER['HTTP_REFERER']); + $ourhost = $parts['host'] . (($parts['port']) ? ":$parts[port]" : ''); + + if ($ourhost != $host) + { + trigger_error('No external hosts are allowed to POST to this application', E_USER_ERROR); + } + $this->debug('remote post check = ok'); + } + else + { + $this->debug('remote post check = FAILED'); } - $_isso->debug('remote post check = ok'); - } - else - { - $_isso->debug('remote post check = FAILED'); } } } diff --git a/mail.php b/mail.php index 9a05b43..8853670 100644 --- a/mail.php +++ b/mail.php @@ -102,11 +102,9 @@ class Mail */ function send() { - global $_isso; - if (!@ini_get('sendmail_path')) { - $_isso->debug("email: no sendmail -> not sending"); + $this->registry->debug("email: no sendmail -> not sending"); return false; } @@ -115,12 +113,12 @@ class Mail if (!$this->from) { - $_isso->debug("email: no from -> not sending"); + $this->registry->debug("email: no from -> not sending"); return false; } else { - $this->from = trim($_isso->unsanitize($this->from, true)); + $this->from = trim($this->registry->unsanitize($this->from, true)); } if (!$this->fromname) @@ -129,38 +127,38 @@ class Mail } else { - $this->fromname = trim($_isso->unsanitize($this->fromname, true)); + $this->fromname = trim($this->registry->unsanitize($this->fromname, true)); } if (!$this->to) { - $_isso->debug("email: no recipient -> not sending"); + $this->registry->debug("email: no recipient -> not sending"); return false; } else { - $this->to = trim($_isso->unsanitize($this->to)); + $this->to = trim($this->registry->unsanitize($this->to)); } if (!$this->subject) { - $_isso->debug("email: no subject -> not sending"); + $this->registry->debug("email: no subject -> not sending"); return false; } else { - $this->subject = trim($_isso->unsanitize($this->_fetch_first_line($this->subject), true)); + $this->subject = trim($this->registry->unsanitize($this->_fetch_first_line($this->subject), true)); } if (!$this->body) { - $_isso->debug("email: no body -> not sending"); + $this->registry->debug("email: no body -> not sending"); return false; } else { $this->body = $this->_convert_line_breaks($this->body); - $this->body = trim($_isso->unsanitize($this->body, true)); + $this->body = trim($this->registry->unsanitize($this->body, true)); } $this->headers = $this->_convert_line_breaks($this->headers); @@ -172,12 +170,12 @@ class Mail if (mail($this->to, $this->subject, $this->body, trim($this->headers), "-f {$this->from}")) { - $_isso->debug("email: sent -> good"); + $this->registry->debug("email: sent -> good"); return true; } else { - $_isso->debug("email: sent -> error"); + $this->registry->debug("email: sent -> error"); return false; } } diff --git a/template.php b/template.php index 4cdc7a5..f2c75a1 100644 --- a/template.php +++ b/template.php @@ -126,16 +126,14 @@ class DB_Template */ function cache($namearray) { - global $_isso; - if (sizeof($this->cache) > 0) { trigger_error('You cannot cache templates more than once per initialization', ERR_WARNING); } else { - $templates = $_isso->db->query("SELECT * FROM " . $this->tablename . " WHERE " . $this->namecolumn . " IN ('" . implode("', '", $namearray) . "')" . (($this->extrawhere) ? $this->extrawhere : '')); - while ($template = $_isso->db->fetch_array($templates)) + $templates = $this->registry->db->query("SELECT * FROM " . $this->tablename . " WHERE " . $this->namecolumn . " IN ('" . implode("', '", $namearray) . "')" . (($this->extrawhere) ? $this->extrawhere : '')); + while ($template = $this->registry->db->fetch_array($templates)) { $template = $this->_parse($template); $this->cache[ $template[ $this->namecolumn ] ] = $template[ $this->datacolumn ]; @@ -154,8 +152,6 @@ class DB_Template */ function fetch($name) { - global $_isso; - if (isset($this->cache["$name"])) { $template = $this->cache["$name"]; @@ -163,7 +159,7 @@ class DB_Template else { $this->uncached[] = $name; - $_isso->debug("Manually loading template `$name`"); + $this->registry->debug("Manually loading template `$name`"); $template = $this->_load($name); $template = $this->_parse($template); } @@ -185,8 +181,6 @@ class DB_Template */ function flush($template) { - global $_isso; - ob_start(); if (empty($template)) @@ -195,12 +189,12 @@ class DB_Template exit; } - if ($_isso->debug AND isset($_GET['query'])) + if ($this->registry->debug AND isset($_GET['query'])) { - if (is_array($_isso->db->history)) + if (is_array($this->registry->db->history)) { echo '
';
-				foreach ($_isso->db->history AS $query)
+				foreach ($this->registry->db->history AS $query)
 				{
 					echo $query . "\n\n
\n\n";
 				}
@@ -215,7 +209,7 @@ class DB_Template
 			exit;
 		}
 		
-		if ($_isso->debug)
+		if ($this->registry->debug)
 		{
 			// --- START
 			$debug = "\n