function actionModify()
{
$id = (int) $this->_context->get('id');
$rs = Account::find('user_id = ?', $id)->getOne();
if (!$rs->id()) {
return $this->msg($tip = '参数错误', url('manage::account'));
}
$form = Form_Common::createForm('', 'manage/profile');
if ($this->_context->isPOST() && $form->validate($_POST)) {
$post = $form->values();
$user_mail = $post['user_mail'];
$user_pass = $post['user_pass'];
$is_locked = $post['is_locked'] ? '1' : '0';
#dump($post);
if ($user_pass) {
$user_pass = sha1(md5('sike' . $post['user_pass'] . Q::ini('appini/secret_key')));
$rs->user_pass;
}
$rs->user_mail = $user_mail;
$rs->is_locked = $is_locked;
$rs->save();
return $this->msg($tip = '修改成功', url('manage::account/modify', array('id' => $id)));
}
$form->import($rs->toArray());
$form->element('user_pass')->value = '';
$form->element('is_locked')->checked = $rs->is_locked;
#dump($form->element('is_locked'));
$this->_view['form'] = $form;
$this->_view['rs'] = $rs;
$order = Order::find('user_id = ?', $id)->order('created DESC')->getAll();
$this->_view['order'] = $order;
$this->_view['_UDI'] = 'manage::account/index';
}
/**
* Serves assignment feedback and other files.
*
* @param mixed $course course or id of the course
* @param mixed $cm course module or id of the course module
* @param context $context
* @param string $filearea
* @param array $args
* @param bool $forcedownload
* @return bool false if file not found, does not return if found - just send the file
*/
function assignfeedback_editpdf_pluginfile($course, $cm, context $context, $filearea, $args, $forcedownload)
{
global $USER, $DB, $CFG;
if ($context->contextlevel == CONTEXT_MODULE) {
require_login($course, false, $cm);
$itemid = (int) array_shift($args);
if (!($assign = $DB->get_record('assign', array('id' => $cm->instance)))) {
return false;
}
$record = $DB->get_record('assign_grades', array('id' => $itemid), 'userid,assignment', MUST_EXIST);
$userid = $record->userid;
if ($assign->id != $record->assignment) {
return false;
}
// Check is users feedback or has grading permission.
if ($USER->id != $userid and !has_capability('mod/assign:grade', $context)) {
return false;
}
$relativepath = implode('/', $args);
$fullpath = "/{$context->id}/assignfeedback_editpdf/{$filearea}/{$itemid}/{$relativepath}";
$fs = get_file_storage();
if (!($file = $fs->get_file_by_hash(sha1($fullpath))) or $file->is_directory()) {
return false;
}
// Download MUST be forced - security!
send_stored_file($file, 0, 0, true);
// Check if we want to retrieve the stamps.
}
}
/**
* Authorize
*
* @return void
*/
public function authorizeTask()
{
$oauth_token = \Request::getVar('oauth_token');
if (empty($oauth_token)) {
throw new Exception('Forbidden', 403);
}
$db = \App::get('db');
$db->setQuery("SELECT * FROM `#__oauthp_tokens` WHERE token=" . $db->Quote($oauth_token) . " AND user_id=0 LIMIT 1;");
$result = $db->loadObject();
if ($result === false) {
throw new Exception('Internal Server Error', 500);
}
if (empty($result)) {
throw new Exception('Forbidden', 403);
}
if (Request::method() == 'GET') {
$this->view->oauth_token = $oauth_token;
$this->view->display();
return;
}
if (Request::method() == 'POST') {
$token = Request::get('token', '' . 'post');
if ($token != sha1($this->verifier)) {
throw new Exception('Forbidden', 403);
}
echo "posted";
return;
}
throw new Exception('Method Not Allowed', 405);
}
public static function ghost_command($nick, $ircdata = array())
{
$unick = $ircdata[0];
$password = $ircdata[1];
// get the parameters.
if (trim($unick) == '' || trim($password) == '') {
services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_INVALID_SYNTAX_RE, array('help' => 'GHOST'));
return false;
}
// invalid syntax
if (!isset(core::$nicks[$unick])) {
services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_NOT_IN_USE, array('nick' => $unick));
return false;
// nickname isn't in use
}
if ($user = services::user_exists($unick, false, array('display', 'pass', 'salt'))) {
if ($user->pass == sha1($password . $user->salt) || core::$nicks[$nick]['ircop'] && services::user_exists($nick, true, array('display', 'identified')) !== false) {
ircd::kill(core::$config->nickserv->nick, $unick, 'GHOST command used by ' . core::get_full_hostname($nick));
core::alog(core::$config->nickserv->nick . ': GHOST command used on ' . $unick . ' by ' . core::get_full_hostname($nick));
} else {
services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_INVALID_PASSWORD);
// password isn't correct
}
} else {
services::communicate(core::$config->nickserv->nick, $nick, &nickserv::$help->NS_ISNT_REGISTERED, array('nick' => $unick));
return false;
// doesn't even exist..
}
}
public function addUser($add = array())
{
if (empty($add['staff_name']) and empty($add['username']) and empty($add['password'])) {
return TRUE;
}
$this->db->where('staff_email', strtolower($add['site_email']));
$this->db->delete('staffs');
$this->db->set('staff_email', strtolower($add['site_email']));
$this->db->set('staff_name', $add['staff_name']);
$this->db->set('staff_group_id', '11');
$this->db->set('staff_location_id', '0');
$this->db->set('language_id', '11');
$this->db->set('timezone', '0');
$this->db->set('staff_status', '1');
$this->db->set('date_added', mdate('%Y-%m-%d', time()));
$query = $this->db->insert('staffs');
if ($this->db->affected_rows() > 0 and $query === TRUE) {
$staff_id = $this->db->insert_id();
$this->db->where('username', $add['username']);
$this->db->delete('users');
$this->db->set('username', $add['username']);
$this->db->set('staff_id', $staff_id);
$this->db->set('salt', $salt = substr(md5(uniqid(rand(), TRUE)), 0, 9));
$this->db->set('password', sha1($salt . sha1($salt . sha1($add['password']))));
$query = $this->db->insert('users');
}
return $query;
}
/**
* Updates an existing User model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id
* @return mixed
*/
public function actionUpdate($id)
{
$model = $this->findModel($id);
$model->setScenario('update');
$oldFile = $model->getImageFile();
$oldImage = $model->pict;
if ($model->load(Yii::$app->request->post())) {
$model->attributes = $model->load(Yii::$app->request->post());
if (!empty($model->newpass)) {
$model->password = sha1($model->salt . $model->newpass);
}
$image = $model->uploadImage();
// revert back if image not valid
if ($image === FALSE) {
$model->pict = $oldImage;
}
if ($model->save()) {
// upload jika image nya valid
if ($image !== FALSE) {
if (is_file($oldFile)) {
unlink($oldFile);
}
$path = $model->getImageFile();
$image->saveAs($path);
}
return $this->redirect(['view', 'id' => $model->id]);
} else {
return $this->render('update', ['model' => $model]);
}
} else {
return $this->render('update', ['model' => $model]);
}
}
/**
* Create the signed assertion.
* @param string $openid - Openid of the entity being asserted.
* @param string $attribute - The attribute name being asserted.
* @param string $value - The attribute value being asserted.
*/
function sign($openid, $attribute, $value)
{
$samlObj = new SAML();
$responseXmlString = $samlObj->createSamlAssertion($openid, $this->notBefore, $this->notOnOrAfter, $this->rsadsa, $this->acsURI, $attribute, sha1($value), $this->assertionTemplate);
$signedAssertion = $samlObj->signAssertion($responseXmlString, $this->private_key, $this->public_key_certificate);
return $signedAssertion;
}
/**
* Add localization data to xml object
*
* @param Mage_XmlConnect_Model_Simplexml_Element $xml
* @return Mage_XmlConnect_Block_Adminhtml_Connect_Config
*/
protected function _addLocalization(Mage_XmlConnect_Model_Simplexml_Element $xml)
{
/** @var $translateHelper Mage_XmlConnect_Helper_Translate */
$translateHelper = Mage::helper('xmlconnect/translate');
$xml->addCustomChild('localization', $this->getUrl('*/*/localization'), array('hash' => sha1(serialize($translateHelper->getLocalizationArray()))));
return $this;
}
/**
* Create a security hash from the job, email and contact ids
*
* @param array The ids to be hashed
* @return int The hash
* @access public
* @static
*/
function hash($params)
{
$jobId = $params['job_id'];
$emailId = $params['email_id'];
$contactId = $params['contact_id'];
return sha1("{$jobId}:{$emailId}:{$contactId}:" . time());
}
/**
* 加密/校验流程:
* 1. 将token、timestamp、nonce三个参数进行字典序排序
* 2. 将三个参数字符串拼接成一个字符串进行sha1加密
* 3. 开发者获得加密后的字符串可与signature对比,标识该请求来源于易信
*
* 若确认此次GET请求来自易信服务器,请原样返回echostr参数内容,则接入生效,否则接入失败。
*/
public function join($params)
{
$signature = $params['signature'];
$timestamp = $params['timestamp'];
$nonce = $params['nonce'];
$echostr = $params['echostr'];
$mpa = TMS_APP::G('mp\\mpaccount');
$p = array($mpa->token, $timestamp, $nonce);
asort($p);
$s = implode('', $p);
$ss = sha1($s);
if ($ss === $signature) {
/**
* 断开连接
*/
TMS_APP::model()->update('xxt_mpaccount', array('yx_joined' => 'N'), "yx_appid='{$mpa->yx_appid}' and yx_appsecret='{$mpa->yx_appsecret}'");
/**
* 确认建立连接
*/
TMS_APP::model()->update('xxt_mpaccount', array('yx_joined' => 'Y'), "mpid='{$this->mpid}'");
return array(true, $echostr);
} else {
return array(false, 'failed');
}
}
public function validateDigest($digest, $nonce, $created, $secret)
{
// Generate created Token time difference
$now = new \DateTime('now', new \DateTimeZone('UTC'));
$then = new \Datetime($created, new \DateTimeZone('UTC'));
$diff = $now->diff($then, true);
// Check created time is not in the future
if (strtotime($created) > time()) {
throw new AuthenticationException("Back to the future...");
}
// Validate timestamp is recent within 5 minutes
$seconds = time() - strtotime($created);
if ($seconds > 300) {
throw new AuthenticationException('Expired timestamp. Seconds: ' . $seconds);
}
// Validate nonce is unique within 5 minutes
if (file_exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + 300 > time()) {
throw new NonceExpiredException('Previously used nonce detected');
}
if (!is_dir($this->cacheDir)) {
mkdir($this->cacheDir, 0777, true);
}
file_put_contents($this->cacheDir . '/' . $nonce, time());
// Validate Secret
$expected = base64_encode(sha1(base64_decode($nonce) . $created . $secret, true));
// Return TRUE if our newly-calculated digest is the same as the one provided in the validateDigest() call
return $expected === $digest;
}
public function ajaxSignIn()
{
extract($_POST['input']);
if (isset($remember)) {
\Models\Auth::remember($username, $password);
}
$user = Models\User::signIn($username, sha1($password));
if (!isset($user['id'])) {
$data['name'] = 'password';
$data['notice'] = 'Invalid login or password. Please try again.';
echo json_encode($data, JSON_UNESCAPED_UNICODE);
die;
}
$activated_at = \Models\User::getUserActivatedAt($username, sha1($password));
if (!isset($activated_at['activated_at']) || $activated_at['activated_at'] == null) {
$data['name'] = 'password';
$data['notice'] = 'Your account is not activated. Please, activate it at first.';
echo json_encode($data, JSON_UNESCAPED_UNICODE);
die;
} else {
\Models\Auth::userInSession($user);
$data['notice'] = true;
$data['id'] = $user['id'];
echo json_encode($data, JSON_UNESCAPED_UNICODE);
die;
}
}
public function testSetPath()
{
$exporter = $this->getMockForAbstractClass(AbstractExporter::class);
$path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . sha1(time()) . DIRECTORY_SEPARATOR;
$exporter->setPath($path);
$this->assertEquals($path, $exporter->getPath());
}
public function connect()
{
if ($this->_connection) {
return;
}
// Extract the connection parameters, adding required variabels
extract($this->_config['connection'] + array('hostname' => '', 'port' => '', 'password' => '', 'timeout' => 2.5, 'lifetime' => 1800, 'persistent' => FALSE));
// Prevent this information from showing up in traces
unset($this->_config['connection']['password']);
$this->_connection = new Redis();
try {
if ($persistent) {
// Create a persistent connection
$this->_connection->pconnect($hostname, $port, $timeout);
} else {
// Create a connection and force it to be a new link
$this->_connection->connect($hostname, $port, $timeout);
}
} catch (Exception $e) {
// No connection exists
$this->_connection = NULL;
throw new Redis_Exception(':error', array(':error' => $e->getMessage()), $e->getCode());
}
// \xFF is a better delimiter, but the PHP driver uses underscore
$this->_connection_id = sha1($hostname . '_' . $password);
if (!empty($this->_config['connection']['variables'])) {
// Set session variables
$variables = array();
foreach ($this->_config['connection']['variables'] as $var => $val) {
$variables[] = 'SESSION ' . $var . ' = ' . $this->quote($val);
}
//mysql_query('SET '.implode(', ', $variables), $this->_connection);
}
}
function get_capsidea_data($capsidea_client_secret)
{
$ret = array();
$parsed_url = parse_url($_SERVER['HTTP_REFERER']);
$var = explode('&', $parsed_url['query']);
foreach ($var as $val) {
$x = explode('=', $val);
$arr[$x[0]] = $x[1];
}
unset($val, $x, $var, $qry, $parsed_url, $ref);
if (isset($arr["token"])) {
$token = $arr["token"];
} else {
die("cant find capsidea.com token, please contact application support");
}
if (36 != strlen($token)) {
die("capsidea.com token incorrect, please contact application support");
}
$ret["c"] = $str = preg_replace('/[^A-Za-z0-9\\-]/', '', $token);
$ret["t"] = sha1($capsidea_client_secret . $token);
if (isset($arr["schemakey"])) {
$ret["k"] = (int) $arr["schemakey"];
}
return $ret;
}
/**
* Retrieves the XML geocode address lookup.
* ! Results of this method are cached for 1 day.
*
* @param string $address adress
* @return object SimpleXML
*/
public static function address_to_xml($address)
{
static $cache;
// Load Cache
if ($cache === NULL) {
$cache = Cache::instance();
}
// Address cache key
$key = 'gmap-address-' . sha1($address);
if ($xml = $cache->get($key)) {
// Return the cached XML
return simplexml_load_string($xml);
} else {
// Set the XML URL
$xml = Gmap::api_url('maps/geo', array('output' => 'xml', 'q' => $address), '&');
// Disable error reporting while fetching the feed
$ER = error_reporting(~E_NOTICE);
// Load the XML
$xml = simplexml_load_file($xml);
if (is_object($xml) and $xml instanceof SimpleXMLElement and (int) $xml->Response->Status->code === 200) {
// Cache the XML
$cache->set($key, $xml->asXML(), array('gmaps'), 86400);
} else {
// Invalid XML response
$xml = FALSE;
}
// Turn error reporting back on
error_reporting($ER);
}
return $xml;
}
public function Login()
{
global $ly;
// post info and session start
$html = "";
// Take care of _GET/_POST variables. Store them in a variable (if they are set).
$user = isset($_POST['user']) ? $_POST['user'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// get user table from db
$res = $ly->db->select(TBL_PREFIX . "Users", "username = '******'");
if ($res->num_rows > 0) {
$row = $res->fetch_object();
// is there a user with that name/pass
if ($row->pass == sha1("{$row->username}{$password}")) {
$html .= "<div class='success'>Login successful. Welcome {$user}.</div>";
}
// save sessions vars
$_SESSION["id"] = $row->id;
$_SESSION["user"] = $row->username;
} else {
// else login failed
$html .= "<div class='error'>User not found</div>";
}
$ly->template->regions->main = $html;
}
private function changePassword()
{
$msg = '';
if (empty($_POST['current_password']) || empty($_POST['new_password']) || empty($_POST['new_password2'])) {
$msg = 'You forgot to fill in something!';
} else {
$check = sha1($this->player->secret_key . $_POST['current_password'] . SECRET_KEY);
if ($check != $this->player->password) {
$msg = 'The password you entered does not match this account\'s password.';
} else {
if (!isPassword($_POST['new_password'])) {
$msg = 'Your password must be longer than 3 characters!';
} else {
if ($_POST['new_password'] != $_POST['new_password2']) {
$msg = 'You didn\'t confirm your new password correctly!';
} else {
$new_password = sha1($this->player->secret_key . $_POST['new_password2'] . SECRET_KEY);
$this->db->execute('UPDATE `<ezrpg>players` SET `password`=? WHERE `id`=?', array($new_password, $this->player->id));
$msg = 'You have changed your password.';
}
}
}
}
header('Location: index.php?mod=AccountSettings&msg=' . urlencode($msg));
}
/**
* Show form to vote an item. (itemDetail)
*/
function voting_item_detail()
{
if (osc_is_this_category('voting', osc_item_category_id()) && osc_get_preference('item_voting', 'voting') == '1') {
$aux_vote = ModelVoting::newInstance()->getItemAvgRating(osc_item_id());
$aux_count = ModelVoting::newInstance()->getItemNumberOfVotes(osc_item_id());
$vote['vote'] = $aux_vote['vote'];
$vote['total'] = $aux_count['total'];
$hash = '';
if (osc_logged_user_id() == 0) {
$hash = $_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'];
$hash = sha1($hash);
} else {
$hash = null;
}
$vote['can_vote'] = true;
if (osc_get_preference('user', 'voting') == 1) {
if (!osc_is_web_user_logged_in()) {
$vote['can_vote'] = false;
}
}
if (!can_vote(osc_item_id(), osc_logged_user_id(), $hash)) {
$vote['can_vote'] = false;
}
require 'item_detail.php';
}
}
/**
* What is ran when first loading.
*
* @access public
* @param mixed $param1 (default: null)
* @param mixed $options (default: null)
* @return void
*/
public function __construct($param1 = null, $param2 = null, $dbid = null)
{
if (is_null($param1)) {
throw new \Exception('ERROR');
} else {
if ($param1 == \Reports\Query::RUN) {
$this->id = $param2;
$this->_load();
$this->_run();
} else {
if ($param1 == \Reports\Query::LOAD) {
$this->id = $param2;
$this->_load();
} else {
if ($param1 == \Reports\Query::CREATE && !is_null($param2) && !is_null($dbid)) {
$this->query = $param2;
$this->query_hash = sha1($param2);
$this->database_id = $dbid;
$this->request_date = date("Y-m-d H:i:s");
$this->status = 1;
$this->_create();
} else {
throw new \Exception('Parameters not given correctly');
}
}
}
}
return $this;
}
function login($username, $password)
{
$where = array('username' => $username, 'password' => sha1($password));
$this->db->select()->from('users')->where($where);
$query = $this->db->get();
return $query->first_row('array');
}
public function editAffiliate($affiliate_id, $data)
{
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', website = '" . $this->db->escape($data['website']) . "', company = '" . $this->db->escape($data['company']) . "', address_1 = '" . $this->db->escape($data['address_1']) . "', address_2 = '" . $this->db->escape($data['address_2']) . "', city = '" . $this->db->escape($data['city']) . "', postcode = '" . $this->db->escape($data['postcode']) . "', country_id = '" . (int) $data['country_id'] . "', zone_id = '" . (int) $data['zone_id'] . "', code = '" . $this->db->escape($data['code']) . "', commission = '" . (double) $data['commission'] . "', tax = '" . $this->db->escape($data['tax']) . "', payment = '" . $this->db->escape($data['payment']) . "', cheque = '" . $this->db->escape($data['cheque']) . "', paypal = '" . $this->db->escape($data['paypal']) . "', bank_name = '" . $this->db->escape($data['bank_name']) . "', bank_branch_number = '" . $this->db->escape($data['bank_branch_number']) . "', bank_swift_code = '" . $this->db->escape($data['bank_swift_code']) . "', bank_account_name = '" . $this->db->escape($data['bank_account_name']) . "', bank_account_number = '" . $this->db->escape($data['bank_account_number']) . "', status = '" . (int) $data['status'] . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
if ($data['password']) {
$this->db->query("UPDATE " . DB_PREFIX . "affiliate SET salt = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', password = '******'password'])))) . "' WHERE affiliate_id = '" . (int) $affiliate_id . "'");
}
}
function testAddTagSet()
{
$this->webtestLogin();
$this->openCiviPage("admin/tag", "action=add&reset=1&tagset=1");
// take a tagset name
$tagSetName = 'tagset_' . substr(sha1(rand()), 0, 7);
// fill tagset name
$this->type("name", $tagSetName);
// fill description
$this->type("description", "Adding new tag set.");
// select used for contact
$this->select("used_for", "value=civicrm_contact");
// check reserved
$this->click("is_reserved");
// Clicking save.
$this->click("_qf_Tag_next");
$this->waitForPageToLoad($this->getTimeoutMsec());
// Is status message correct?
$this->assertTrue($this->isTextPresent("The tag '{$tagSetName}' has been saved."));
// sort by ID desc
$this->click("xpath=//table//tr/th[text()=\"ID\"]");
$this->waitForElementPresent("css=table.display tbody tr td");
// verify text
$this->waitForElementPresent("xpath=//table//tbody/tr/td[1][text()= '{$tagSetName}']");
$this->waitForElementPresent("xpath=//table//tbody/tr/td[1][text()= '{$tagSetName}']/following-sibling::td[2][text()='Adding new tag set. ']");
$this->waitForElementPresent("xpath=//table//tbody/tr/td[1][text()= '{$tagSetName}']/following-sibling::td[4][text()= 'Contacts']");
$this->waitForElementPresent("xpath=//table//tbody/tr/td[1][text()= '{$tagSetName}']/following-sibling::td[7]/span/a[text()= 'Edit']");
}
public function addsalt($password)
{
//not the salut raise is is of lenght 8
$salt = substr(md5(uniqid(rand(), true)), 0, 8);
$emcrypted = sha1($salt . $password);
return array('password' => $emcrypted, 'salt' => $salt);
}
function workshopform_numerrors_pluginfile($course, $cm, $context, $filearea, array $args, $forcedownload) {
global $DB;
if ($context->contextlevel != CONTEXT_MODULE) {
return false;
}
require_login($course, true, $cm);
if ($filearea !== 'description') {
return false;
}
$itemid = (int)array_shift($args); // the id of the assessment form dimension
if (!$workshop = $DB->get_record('workshop', array('id' => $cm->instance))) {
send_file_not_found();
}
if (!$dimension = $DB->get_record('workshopform_numerrors', array('id' => $itemid ,'workshopid' => $workshop->id))) {
send_file_not_found();
}
// TODO now make sure the user is allowed to see the file
// (media embedded into the dimension description)
$fs = get_file_storage();
$relativepath = implode('/', $args);
$fullpath = "/$context->id/workshopform_numerrors/$filearea/$itemid/$relativepath";
if (!$file = $fs->get_file_by_hash(sha1($fullpath)) or $file->is_directory()) {
return false;
}
// finally send the file
send_stored_file($file);
}
function _encryptValue($value)
{
if (empty($value)) {
return;
}
return sha1($this->salt . $value);
}
function make_api_call($url, $http_method, $post_data = array(), $uid = null, $key = null)
{
$full_url = 'https://app.onepagecrm.com/api/v3/' . $url;
$ch = curl_init($full_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $http_method);
$timestamp = time();
$auth_data = array($uid, $timestamp, $http_method, sha1($full_url));
$request_headers = array();
// For POST and PUT requests we will send data as JSON
// as with regular "form data" request we won't be able
// to send more complex structures
if ($http_method == 'POST' || $http_method == 'PUT') {
$request_headers[] = 'Content-Type: application/json';
$json_data = json_encode($post_data);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data);
$auth_data[] = sha1($json_data);
}
// Set auth headers if we are logged in
if ($key != null) {
$hash = hash_hmac('sha256', implode('.', $auth_data), $key);
$request_headers[] = "X-OnePageCRM-UID: {$uid}";
$request_headers[] = "X-OnePageCRM-TS: {$timestamp}";
$request_headers[] = "X-OnePageCRM-Auth: {$hash}";
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $request_headers);
$result = json_decode(curl_exec($ch));
curl_close($ch);
if ($result->status > 99) {
echo "API call error: {$result->message}\n";
return null;
}
return $result;
}
/**
* populate Source Object with meta data from Resource
*
* @param Smarty_Template_Source $source source object
* @param Smarty_Internal_Template $_template template object
*/
public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template = null)
{
$uid = '';
$sources = array();
$components = explode('|', $source->name);
$exists = true;
foreach ($components as $component) {
$s = Smarty_Resource::source(null, $source->smarty, $component);
if ($s->type == 'php') {
throw new SmartyException("Resource type {$s->type} cannot be used with the extends resource type");
}
$sources[$s->uid] = $s;
$uid .= $s->filepath;
if ($_template && $_template->smarty->compile_check) {
$exists = $exists && $s->exists;
}
}
$source->components = $sources;
$source->filepath = $s->filepath;
$source->uid = sha1($uid);
if ($_template && $_template->smarty->compile_check) {
$source->timestamp = $s->timestamp;
$source->exists = $exists;
}
// need the template at getContent()
$source->template = $_template;
}
/**
* Get filepath to template source
*
* @param object $_template template object
* @return string return 'string' as template source is not a file
*/
public function getTemplateFilepath($_template)
{
$_template->templateUid = sha1($_template->resource_name);
// no filepath for strings
// return "string" for compiler error messages
return 'string:';
}
public function table($c, $sql, $exe_array)
{
$out = '';
$conn = $this->conn($c);
$query = $conn->prepare($sql);
try {
$query->execute($exe_array);
$token = md5(sha1(time()));
$_SESSION['token'] = $token;
while ($rows = $query->fetch()) {
$out .= '<div class="row">';
$visibilityx = $rows['smi_visibility'] == 1 ? "red" : "green";
$link_visibility = "?action=newsModule&type=" . $_GET['type'] . "&id=" . $_GET['id'] . "&newsidx=" . $rows['smi_idx'] . "&super=" . $_GET['super'] . "&visibilitychnage=true&token=" . $_SESSION['token'];
$out .= '<span class="cell primary"><a href="' . htmlentities($link_visibility) . '" style="color:' . $visibilityx . '" title="Change visibility"><i class="fa fa-dot-circle-o"></i></a></span>';
$out .= '<span class="cell">' . $rows['smi_idx'] . '</span>';
$out .= '<span class="cell" style="width:100px">' . date("d-m-Y", $rows['smi_date']) . '</span>';
$out .= '<span class="cell"><a href="?action=editNewsItem&id=' . $_GET['id'] . '&type=' . $_GET['type'] . '&newsidx=' . $rows['smi_idx'] . '&super=' . $_GET['super'] . '&token=' . $_SESSION['token'] . '">' . $rows['smi_title'] . '</a> <br /> <a href="' . WEBSITE . LANG . "/" . htmlentities($rows['smi_slug']) . '" class="slugs" target="_blank">' . WEBSITE . LANG . "/" . $rows['smi_slug'] . '</a></span>';
$out .= '<span class="cell">' . $rows['smi_tags'] . '</span>';
$insert_image_link = '<a href="?action=editNewsItem&type=' . $_GET['type'] . '&id=' . $_GET['id'] . '&newsidx=' . $rows['smi_idx'] . '&super=' . $_GET['super'] . '&token=' . $_SESSION['token'] . '#tabs-3" title="Attach pictures"> <i class="fa fa-picture-o"></i></a>';
$insert_image_link .= '<a href="?action=editNewsItem&type=' . $_GET['type'] . '&id=' . $_GET['id'] . '&newsidx=' . $rows['smi_idx'] . '&super=' . $_GET['super'] . '&token=' . $_SESSION['token'] . '#tabs-4" title="Attach files"> <i class="fa fa-file"></i></a>';
$out .= '<span class="cell">
<a href="' . WEBSITE . LANG . "/" . htmlentities($rows['smi_slug']) . '" target="_blank" title="Check news"><i class="fa fa-eye"></i></a>
<a href="?action=editNewsItem&type=' . $_GET['type'] . '&id=' . $_GET['id'] . '&newsidx=' . $rows['smi_idx'] . '&type=' . $_GET['type'] . '&super=' . $_GET['super'] . '&token=' . $_SESSION['token'] . '" title="Edit news"><i class="fa fa-pencil-square-o"></i></a>
' . $insert_image_link . '
<a href="javascript:;" onclick="deleteComfirm(\'?action=newsModule&type=' . $_GET['type'] . '&id=' . $_GET['id'] . '&nidx=' . $rows['smi_idx'] . '&super=' . $_GET['super'] . '&remove=true&token=' . $_SESSION['token'] . '\')" title="Remove news"><i class="fa fa-times"></i></a>
</span>';
$out .= '</div>';
}
} catch (Exception $e) {
}
return $out;
}
