C:\inetpub\wwwroot\limesurvey\framework\base\CSecurityManager.php(402)
390 */ 391 public function generateRandomBytes($length,$cryptographicallyStrong=true) 392 { 393 $bytes=''; 394 if(function_exists('openssl_random_pseudo_bytes')) 395 { 396 $bytes=openssl_random_pseudo_bytes($length,$strong); 397 if($this->strlen($bytes)>=$length && ($strong || !$cryptographicallyStrong)) 398 return $this->substr($bytes,0,$length); 399 } 400 401 if(function_exists('mcrypt_create_iv') && 402 ($bytes=mcrypt_create_iv($length, MCRYPT_DEV_URANDOM))!==false && 403 $this->strlen($bytes)>=$length) 404 { 405 return $this->substr($bytes,0,$length); 406 } 407 408 if(($file=@fopen('/dev/urandom','rb'))!==false && 409 ($bytes=@fread($file,$length))!==false && 410 (fclose($file) || true) && 411 $this->strlen($bytes)>=$length) 412 { 413 return $this->substr($bytes,0,$length); 414 }
| #0 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CHttpRequest.php(1307): CSecurityManager->generateRandomBytes(32) 1302 * @see enableCsrfValidation 1303 */ 1304 protected function createCsrfCookie() 1305 { 1306 $securityManager=Yii::app()->getSecurityManager(); 1307 $token=$securityManager->generateRandomBytes(32); 1308 $maskedToken=$securityManager->maskToken($token); 1309 $cookie=new CHttpCookie($this->csrfTokenName,$maskedToken); 1310 if(is_array($this->csrfCookie)) 1311 { 1312 foreach($this->csrfCookie as $name=>$value) |
| #1 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CHttpRequest.php(1288): CHttpRequest->createCsrfCookie() 1283 if($this->_csrfToken===null) 1284 { 1285 $cookie=$this->getCookies()->itemAt($this->csrfTokenName); 1286 if(!$cookie || ($this->_csrfToken=$cookie->value)==null) 1287 { 1288 $cookie=$this->createCsrfCookie(); 1289 $this->_csrfToken=$cookie->value; 1290 $this->getCookies()->add($cookie->name,$cookie); 1291 } 1292 } 1293 |
| #2 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\helpers\CHtml.php(366): CHttpRequest->getCsrfToken() 361 $hiddens[]=self::hiddenField(urldecode($pair),'',array('id'=>false)); 362 } 363 } 364 $request=Yii::app()->request; 365 if($request->enableCsrfValidation && !strcasecmp($method,'post')) 366 $hiddens[]=self::hiddenField($request->csrfTokenName,$request->getCsrfToken(),array('id'=>false)); 367 if($customMethod!==false) 368 $hiddens[]=self::hiddenField('_method',$customMethod); 369 if($hiddens!==array()) 370 $form.="\n".implode("\n",$hiddens); 371 return $form; |
| #3 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\helpers\CHtml.php(327): CHtml::beginForm(array("admin/authentication/sa/login"),
"post", array("id" => "loginform", "name" => "loginform",
"action" => "/limesurvey/index.php?r=admin/authentication/sa/login",
"method" => "post")) 322 * @param array $htmlOptions additional HTML attributes (see {@link tag}). 323 * @return string the generated form tag. 324 */ 325 public static function form($action='',$method='post',$htmlOptions=array()) 326 { 327 return self::beginForm($action,$method,$htmlOptions); 328 } 329 330 /** 331 * Generates an opening form tag. 332 * Note, only the open tag is generated. A close tag should be placed manually |
| #4 |
+
–
C:\inetpub\wwwroot\limesurvey\application\views\admin\authentication\login.php(32): CHtml::form(array("admin/authentication/sa/login"), "post", array("id" => "loginform", "name" => "loginform")) 27 <h3><?php eT("Log in");?></h3> 28 </div> 29 </div> 30 31 <!-- Form --> 32 <?php echo CHtml::form(array('admin/authentication/sa/login'), 'post', array('id'=>'loginform', 'name'=>'loginform'));?> 33 <div class="row login-content login-content-form"> 34 <div class="col-lg-12"> 35 <?php 36 $pluginNames = array_keys($pluginContent); 37 if (!isset($defaultAuth)) |
| #5 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CBaseController.php(126): require("C:\inetpub\wwwroot\limesurvey\application\views\admin\authentica...") 121 $data=$_data_; 122 if($_return_) 123 { 124 ob_start(); 125 ob_implicit_flush(false); 126 require($_viewFile_); 127 return ob_get_clean(); 128 } 129 else 130 require($_viewFile_); 131 } |
| #6 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CBaseController.php(95): CBaseController->renderInternal("C:\inetpub\wwwroot\limesurvey\application\views/admin/authentica...",
array("defaultAuth" => "Authdb", "summary" => "Please log in
first.", "pluginContent" => array("Authdb" =>
LimeSurvey\PluginManager\PluginEventContent), "display" =>
array("menu_bars" => false), ...), true) 090 { 091 $widgetCount=count($this->_widgetStack); 092 if(($renderer=Yii::app()->getViewRenderer())!==null && $renderer->fileExtension==='.'.CFileHelper::getExtension($viewFile)) 093 $content=$renderer->renderFile($this,$viewFile,$data,$return); 094 else 095 $content=$this->renderInternal($viewFile,$data,$return); 096 if(count($this->_widgetStack)===$widgetCount) 097 return $content; 098 else 099 { 100 $widget=end($this->_widgetStack); |
| #7 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CController.php(872): CBaseController->renderFile("C:\inetpub\wwwroot\limesurvey\application\views/admin/authentica...",
array("defaultAuth" => "Authdb", "summary" => "Please log in
first.", "pluginContent" => array("Authdb" =>
LimeSurvey\PluginManager\PluginEventContent), "display" =>
array("menu_bars" => false), ...), true) 867 */ 868 public function renderPartial($view,$data=null,$return=false,$processOutput=false) 869 { 870 if(($viewFile=$this->getViewFile($view))!==false) 871 { 872 $output=$this->renderFile($viewFile,$data,true); 873 if($processOutput) 874 $output=$this->processOutput($output); 875 if($return) 876 return $output; 877 else |
| #8 |
+
–
C:\inetpub\wwwroot\limesurvey\application\core\Survey_Common_Action.php(267): CController->renderPartial("/admin/authentication/login",
array("defaultAuth" => "Authdb", "summary" => "Please log in
first.", "pluginContent" => array("Authdb" =>
LimeSurvey\PluginManager\PluginEventContent), "display" =>
array("menu_bars" => false), ...), true) 262 // Load views 263 $content = ""; 264 foreach ($aViewUrls as $sViewKey => $viewUrl) { 265 if (empty($sViewKey) || !in_array($sViewKey, array('message', 'output'))) { 266 if (is_numeric($sViewKey)) { 267 $content .= Yii::app()->getController()->renderPartial($sViewPath.$viewUrl, $aData, true); 268 } elseif (is_array($viewUrl)) { 269 foreach ($viewUrl as $aSubData) { 270 $aSubData = array_merge($aData, $aSubData); 271 $content .= Yii::app()->getController()->renderPartial($sViewPath.$sViewKey, $aSubData, true); 272 } |
| #9 |
+
–
C:\inetpub\wwwroot\limesurvey\application\core\Survey_Common_Action.php(338): Survey_Common_Action->renderCentralContents("authentication",
array("login"), array("defaultAuth" => "Authdb", "summary" =>
"Please log in first.", "pluginContent" => array("Authdb" =>
LimeSurvey\PluginManager\PluginEventContent), "display" =>
array("menu_bars" => false), ...)) 333 } 334 } else { 335 $renderFile = $basePath.'/'.$sRenderFile; 336 } 337 338 $content = $this->renderCentralContents($sAction, $aViewUrls, $aData); 339 $out = $this->renderInternal($renderFile, ['content' => $content, 'aData' => $aData], true); 340 341 App()->getClientScript()->render($out); 342 echo $out; 343 } |
| #10 |
+
–
C:\inetpub\wwwroot\limesurvey\application\controllers\admin\authentication.php(362): Survey_Common_Action->_renderWrappedTemplate("authentication",
"login", array("defaultAuth" => "Authdb", "summary" => "Please
log in first.", "pluginContent" => array("Authdb" =>
LimeSurvey\PluginManager\PluginEventContent), "display" =>
array("menu_bars" => false), ...), false) 357 */ 358 protected function _renderWrappedTemplate($sAction = 'authentication', $aViewUrls = array(), $aData = array(), $sRenderFile = false) 359 { 360 $aData['display']['menu_bars'] = false; 361 $aData['language'] = Yii::app()->getLanguage() != Yii::app()->getConfig("defaultlang") ? Yii::app()->getLanguage() : 'default'; 362 parent::_renderWrappedTemplate($sAction, $aViewUrls, $aData, $sRenderFile); 363 } 364 365 } |
| #11 |
+
–
C:\inetpub\wwwroot\limesurvey\application\controllers\admin\authentication.php(82): Authentication->_renderWrappedTemplate("authentication",
"login", array("defaultAuth" => "Authdb", "summary" => "Please
log in first.", "pluginContent" => array("Authdb" =>
LimeSurvey\PluginManager\PluginEventContent), "display" =>
array("menu_bars" => false), ...)) 77 78 // Neither success nor failure, meaning no form submission - result = template data from plugin 79 $aData = $result; 80 81 // If for any reason, the plugin bugs, we can't let the user with a blank screen. 82 $this->_renderWrappedTemplate('authentication', 'login', $aData); 83 } 84 85 /** 86 * Prepare login and return result 87 * It checks if the authdb plugin is registered and active |
| #12 |
unknown(0): Authentication->index()
|
| #13 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\actions\CAction.php(109): ReflectionMethod->invokeArgs(Authentication, array()) 104 elseif($param->isDefaultValueAvailable()) 105 $ps[]=$param->getDefaultValue(); 106 else 107 return false; 108 } 109 $method->invokeArgs($object,$ps); 110 return true; 111 } 112 } |
| #14 |
+
–
C:\inetpub\wwwroot\limesurvey\application\core\Survey_Common_Action.php(83): CAction->runWithParamsInternal(Authentication, ReflectionMethod, array("r" => "admin/authentication/sa/login", "sa" => "login")) 78 $oMethod = new ReflectionMethod($this, $sDefault); 79 } 80 81 // We're all good to go, let's execute it 82 // runWithParamsInternal would automatically get the parameters of the method and populate them as required with the params 83 return parent::runWithParamsInternal($this, $oMethod, $params); 84 } 85 86 /** 87 * Some functions have different parameters, which are just an alias of the 88 * usual parameters we're getting in the url. This function just populates |
| #15 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CController.php(308): Survey_Common_Action->runWithParams(array("r" => "admin/authentication/sa/login", "sa" => "login")) 303 { 304 $priorAction=$this->_action; 305 $this->_action=$action; 306 if($this->beforeAction($action)) 307 { 308 if($action->runWithParams($this->getActionParams())===false) 309 $this->invalidActionParams($action); 310 else 311 $this->afterAction($action); 312 } 313 $this->_action=$priorAction; |
| #16 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CController.php(286): CController->runAction(Authentication) 281 * @see runAction 282 */ 283 public function runActionWithFilters($action,$filters) 284 { 285 if(empty($filters)) 286 $this->runAction($action); 287 else 288 { 289 $priorAction=$this->_action; 290 $this->_action=$action; 291 CFilterChain::create($this,$action,$filters)->run(); |
| #17 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CController.php(265): CController->runActionWithFilters(Authentication, array()) 260 { 261 if(($parent=$this->getModule())===null) 262 $parent=Yii::app(); 263 if($parent->beforeControllerAction($this,$action)) 264 { 265 $this->runActionWithFilters($action,$this->filters()); 266 $parent->afterControllerAction($this,$action); 267 } 268 } 269 else 270 $this->missingAction($actionID); |
| #18 |
+
–
C:\inetpub\wwwroot\limesurvey\application\controllers\AdminController.php(158): CController->run("authentication") 153 $this->redirect(array('/admin/authentication/sa/login')); 154 } 155 } 156 } 157 158 return parent::run($action); 159 } 160 161 /** 162 * Routes all the actions to their respective places 163 * |
| #19 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CWebApplication.php(282): AdminController->run("authentication") 277 { 278 list($controller,$actionID)=$ca; 279 $oldController=$this->_controller; 280 $this->_controller=$controller; 281 $controller->init(); 282 $controller->run($actionID); 283 $this->_controller=$oldController; 284 } 285 else 286 throw new CHttpException(404,Yii::t('yii','Unable to resolve the request "{route}".', 287 array('{route}'=>$route===''?$this->defaultController:$route))); |
| #20 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\web\CWebApplication.php(141): CWebApplication->runController("admin/authentication/sa/login") 136 foreach(array_splice($this->catchAllRequest,1) as $name=>$value) 137 $_GET[$name]=$value; 138 } 139 else 140 $route=$this->getUrlManager()->parseUrl($this->getRequest()); 141 $this->runController($route); 142 } 143 144 /** 145 * Registers the core application components. 146 * This method overrides the parent implementation by registering additional core components. |
| #21 |
+
–
C:\inetpub\wwwroot\limesurvey\framework\base\CApplication.php(185): CWebApplication->processRequest() 180 public function run() 181 { 182 if($this->hasEventHandler('onBeginRequest')) 183 $this->onBeginRequest(new CEvent($this)); 184 register_shutdown_function(array($this,'end'),0,false); 185 $this->processRequest(); 186 if($this->hasEventHandler('onEndRequest')) 187 $this->onEndRequest(new CEvent($this)); 188 } 189 190 /** |
| #22 |
+
–
C:\inetpub\wwwroot\limesurvey\index.php(194): CApplication->run() 189 require_once APPPATH . 'core/LSYii_Application' . EXT; 190 191 $config = require_once(APPPATH . 'config/internal' . EXT); 192 193 Yii::$enableIncludePath = false; 194 Yii::createApplication('LSYii_Application', $config)->run(); 195 196 /* End of file index.php */ 197 /* Location: ./index.php */ |