/
EditHeader.Admin.class.php
103 lines (89 loc) · 3.08 KB
/
EditHeader.Admin.class.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
/**
* File: EditHeader.Admin.class.php
* This is the Edit HTTP Header Module for the Geeklog Spam-X plugin
* Copyright (C) 2005-2017 by the following authors:
* Author Dirk Haun <dirk AT haun-online DOT de>
* based on the works of Tom Willett <tomw AT pigstye DOT net>
* Licensed under GNU General Public License
*
* @package Spam-X
* @subpackage Modules
*/
if (stripos($_SERVER['PHP_SELF'], basename(__FILE__)) !== false) {
die('This file can not be used on its own!');
}
// Include Abstract Base Class
require_once $_CONF['path'] . 'plugins/spamx/BaseAdmin.class.php';
/**
* HTTP Header Editor
*
* @package Spam-X
*/
class EditHeader extends BaseAdmin
{
public function __construct()
{
global $LANG_SX00;
$this->moduleName = 'HTTPHeader';
$this->command = 'EditHeader';
$this->titleText = $LANG_SX00['headerblack'];
$this->linkText = $LANG_SX00['edit_http_header_blacklist'];
}
/**
* Return HTML widget
*
* @return string
*/
protected function getWidget()
{
global $_CONF, $LANG_SX00;
$this->csrfToken = SEC_createToken();
$display = '<hr' . XHTML . '>' . LB
. '<p>' . $LANG_SX00['e1'] . '</p>' . LB
. $this->getList()
. '<p>' . $LANG_SX00['e2'] . '</p>' . LB
. '<form method="post" class="uk-form" action="' . $_CONF['site_admin_url']
. '/plugins/spamx/index.php?command=EditHeader">' . LB
. '<table border="0" width="100%">' . LB
. '<tr><td align="right"><b>Header:</b></td>' . LB
. '<td><input type="text" size="40" name="header-name"'
. XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB
. '<tr><td align="right"><b>Content:</b></td>' . LB
. '<td><input type="text" size="40" name="header-value"'
. XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB
. '</table>' . LB
. '<p><button type="submit" name="paction" value="'
. $LANG_SX00['addentry'] . '" class="uk-button">'
. $LANG_SX00['addentry'] . '</button>' . LB
. '<input type="hidden" name="' . CSRF_TOKEN
. '" value="' . $this->csrfToken . '"' . XHTML . '></p>' . LB
. '</form>' . LB;
return $display;
}
/**
* Return HTML widget
*
* @return string
*/
public function display()
{
global $LANG_SX00;
$action = $this->getAction();
$entry = $this->getEntry();
if (($action === 'delete') && SEC_checkToken()) {
$this->deleteEntry($entry);
} elseif (($action === $LANG_SX00['addentry']) && SEC_checkToken()) {
$entry = '';
$name = Geeklog\Input::fRequest('header-name');
$n = explode(':', $name);
$name = $n[0];
$value = Geeklog\Input::request('header-value');
if (!empty($name) && !empty($value)) {
$entry = $name . ': ' . $value;
}
$this->addEntry($entry);
}
return $this->getWidget();
}
}