1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
require_once 'common.inc.php'; |
4
|
|
|
|
5
|
|
|
function canonicalNamespaceId($id) |
|
|
|
|
6
|
|
|
{ |
7
|
|
|
return preg_replace('/[^a-z0-9]+/i', '_', $id); |
8
|
|
|
} |
9
|
|
|
|
10
|
|
|
function canvasHackNamespace($id, $javascript) |
|
|
|
|
11
|
|
|
{ |
12
|
|
|
return preg_replace( |
13
|
|
|
'/^(\s*var\s+)?canvashack\s*=\s*{\n*(.*)};/is', |
14
|
|
|
canonicalNamespaceId($id) . ": {\n$2\n}", |
15
|
|
|
$javascript |
16
|
|
|
); |
17
|
|
|
} |
18
|
|
|
|
19
|
|
|
header('Content-Type: application/javascript'); |
20
|
|
|
|
21
|
|
|
/* don't cache me! */ |
22
|
|
|
header("Cache-Control: no-cache, no-store, must-revalidate"); // HTTP 1.1 |
23
|
|
|
header("Pragma: no-cache"); // HTTP 1.0 |
24
|
|
|
header("Expires: 0"); // Proxies |
25
|
|
|
|
26
|
|
|
$canvashacks = array(); |
27
|
|
|
$enabledPages = $toolbox->mysql_query(" |
28
|
|
|
SELECT p.* |
29
|
|
|
FROM `pages` AS p |
30
|
|
|
INNER JOIN `canvashacks` AS c |
31
|
|
|
ON c.`id` = p.`canvashack` |
32
|
|
|
WHERE |
33
|
|
|
c.`enabled` = TRUE |
34
|
|
|
ORDER BY |
35
|
|
|
p.`include` DESC |
36
|
|
|
"); |
37
|
|
View Code Duplication |
while ($page = $enabledPages->fetch_assoc()) { |
38
|
|
|
if ((!empty($page['url']) && $page['url'] == $_REQUEST['location']) || |
39
|
|
|
(!empty($page['pattern']) && preg_match($page['pattern'], $_REQUEST['location']))) { |
40
|
|
|
if ($page['include']) { |
41
|
|
|
$canvashacks[$page['canvashack']] = true; |
42
|
|
|
} else { |
43
|
|
|
unset($canvashacks[$page['canvashack']]); |
44
|
|
|
} |
45
|
|
|
} |
46
|
|
|
} |
47
|
|
|
|
48
|
|
|
$dom = array(); |
49
|
|
View Code Duplication |
if (($applicableDOM = $toolbox->mysql_query(" |
50
|
|
|
SELECT * |
51
|
|
|
FROM `dom` |
52
|
|
|
WHERE |
53
|
|
|
`canvashack` = '" . implode("' OR `canvashack` = '", array_keys($canvashacks)) . "' |
54
|
|
|
")) == false) { |
55
|
|
|
exit; |
56
|
|
|
} |
57
|
|
|
while ($entry = $applicableDOM->fetch_assoc()) { |
58
|
|
|
$dom[$entry['canvashack']] = "$('{$entry['selector']}').{$entry['event']}(" . |
59
|
|
|
(empty($entry['action']) ? '' : "this." . canonicalNamespaceId($entry['canvashack']) . |
60
|
|
|
".{$entry['action']}") . ");"; |
61
|
|
|
} |
62
|
|
|
|
63
|
|
|
$javascript = array('go' => 'go: function() { |
64
|
|
|
"use strict"; |
65
|
|
|
' . implode(PHP_EOL . "\t", $dom) . ' |
66
|
|
|
}'); |
67
|
|
|
|
68
|
|
View Code Duplication |
if (($response = $toolbox->mysql_query(" |
69
|
|
|
SELECT * |
70
|
|
|
FROM `javascript` |
71
|
|
|
WHERE |
72
|
|
|
`canvashack` = '" . implode("' OR `canvashack` = '", array_keys($canvashacks)) . "' |
73
|
|
|
")) == false) { |
74
|
|
|
exit; |
75
|
|
|
} |
76
|
|
|
while ($entry = $response->fetch_assoc()) { |
77
|
|
|
$javascript[$entry['canvashack']] = canvasHackNamespace( |
78
|
|
|
$entry['canvashack'], |
79
|
|
|
shell_exec("php \"{$entry['path']}\" \"" . addslashes(serialize($_REQUEST)) . "\" 2>&1") |
80
|
|
|
); |
81
|
|
|
} |
82
|
|
|
|
83
|
|
|
?> |
84
|
|
|
var canvashack = { |
85
|
|
|
|
86
|
|
|
<?= implode(',' . PHP_EOL . PHP_EOL, $javascript) ?> |
87
|
|
|
|
88
|
|
|
}; |
89
|
|
|
|
90
|
|
|
canvashack.go(); |
91
|
|
|
|
This check looks for functions that have already been defined in other files.
Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the
@ignore
annotation.See also the PhpDoc documentation for @ignore.