* @package astat core * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id: ajax.class.php 31 2009-06-20 20:41:07Z genuineparts $ */ $module["core"]["name"]="Ajax Class"; $module["core"]["ver"]="0.6.0"; use Smarty\Smarty; class ajax{ var $db; var $log; var $tpl; function __construct(& $db,& $log,& $tpl) { global $config; $this->log = & $log; $this->db = & $db; $this->tpl = & $tpl; } function get_ajax_module($task,$subtask=""){ global $config, $userdata, $core, $db, $userinfo, $tpl, $error, $session, $meta, $mod, $plugin; include dirname(dirname(__FILE__)).'/class_templates/ajax_module.template.php'; $content=""; if (strpos($task, '://') !== FALSE || strpos($task, '../') !== FALSE){ $this->tpl->assign('messagetitle',"Intruder Alert!"); $this->tpl->assign('message', "Unser System hat festgestellt das ein XSS Versuch erfolgt ist.
Wir haben alle Daten geloggt und eine E-Mail an den Administrator wurde versandt."); if($config["logging"]) $this->log->write("XSS ATTACK: Someone tried calling ".$task."!",1); return $tpl->fetch('message.tpl',"INTRUDER"); }elseif((file_exists("modules/".$task."/" . $task . ".ajax.php") && is_array($core->mod_[$task]) )|| $task==""){ if($task!=""){ include 'modules/'.$task.'/' . $task. '.ajax.php'; if(class_exists($task)){ $mod = new $task(); $root = $_SERVER['DOCUMENT_ROOT'] . $config["path"]; if(isset($config["theme"]) && is_dir($root . '/modules/'.$task.'/templates/'.$config["theme"]) && !$mod -> uses_default_templates){ $mod -> tpl-> setTemplateDir($root . '/modules/'.$task.'/templates/'.$config["theme"]); }elseif($mod -> uses_default_templates){ if(isset($config["theme"]) && is_dir($root . '/themes/'.$config["theme"])){ $mod -> tpl-> setTemplateDir($root . '/themes/'.$config["theme"]); }else{ $mod -> tpl-> setTemplateDir($root . '/themes/default'); } }else{ $mod -> tpl-> setTemplateDir($root . '/modules/'.$task.'/templates/default'); } if($subtask!=""){ $subtask="sub_".$subtask; if(!is_callable(array($mod,$subtask))){ if($config["logging"]) $this->log->write("FATAL ERROR: Modul ".$task." was found, but does not contain FUNCTION ".$subtask."!",1); return $error->http_error("404"); }else{ $content.=$mod->$subtask(); } }else{ $content.=$mod->ajax(); } }else{ if($config["logging"]) $this->log->write("FATAL ERROR: Modul ".$task." was found, but does not contain CLASS ".$task."!",1); return $error->http_error("404"); } } }else{ if($config["logging"]) $this->log->write("Modul ".$task." not found!",2); return $error->http_error("404"); } echo $content; } } ?>