public static function run($uri)
{
self::$router = new Router($uri);
self::$db = new DB(config::get('db.host'), config::get('db.name'), config::get('db.user'), config::get('db.password'));
Lang::load(self::$router->getLanguage());
if ($_POST and (isset($_POST['username_in']) and isset($_POST['password_in'])) or isset($_POST['exit'])) {
$us = new RegisterController();
if (isset($_POST['exit'])) {
$us->LogOut();
} else {
$us->Login($_POST);
}
}
if (self::$router->getController() == 'admin' and !Session::getSession('root') or self::$router->getController() == 'myblog' and !Session::getSession('id')) {
self::$router->setController(Config::get('default_controller'));
self::$router->setAction(Config::get('default_action'));
Session::setSession('message', 'Отказ в доступе');
}
$controller_class = ucfirst(self::$router->getController()) . 'Controller';
$controller_method = strtolower(self::$router->getMethodPrefix() . self::$router->getAction());
$controller_object = new $controller_class();
if (method_exists($controller_object, $controller_method)) {
$controller_object->{$controller_method}();
$view_object = new View($controller_object->getData());
$content = $view_object->render();
} else {
throw new Exception('Method ' . $controller_method . ' of class ' . $controller_class . ' does not exist');
}
$layout = self::$router->getRoute();
$layout_path = VIEWS_PATH . DS . $layout . '.html';
$layout_view_object = new View(compact('content'), $layout_path);
echo $layout_view_object->render();
}
/**
* @covers \Heystack\Core\State\Backends\Session::setSession
* @covers \Heystack\Core\State\Backends\Session::getKeys
* @covers \Heystack\Core\State\Backends\Session::removeAll
* @covers \Heystack\Core\State\Backends\Session::removeByKey
*/
public function testRemoveAll()
{
$session = new Session();
$session->setSession(new \Session(['test' => 'hello']));
$session->removeAll();
$this->assertNull($session->getByKey('test'));
}
function destroySession()
{
Session::setSession('userInfo', "");
Session::setSession('lang_code', "");
Session::setSession('text', "");
session_destroy();
}
function assignLangCode($langCode)
{
$sql = "select count(*) count from languages where lang_code='{$langCode}' and translated=1";
$info = $this->db->select($sql, true);
$langCode = empty($info['count']) ? 'en' : $langCode;
$_SESSION['lang_code'] = $langCode;
if ($userId = isLoggedIn()) {
$sql = "update users set lang_code='{$langCode}' where id={$userId}";
$res = $this->db->query($sql);
Session::setSession('text', '');
}
}
private function haveAccess()
{
$O_user = Session::getSession('user');
if ($O_user == null) {
Session::setSession('error', 'Vous n\'avez pas les droits pour réaliser cette opération');
// on redirige sur l'url de départ
die(header('Location:/'));
} elseif ($O_user->getProfile()->getLevel() < 2) {
Session::setSession('error', 'Vous n\'avez pas les droits pour réaliser cette opération');
// on redirige sur l'url de départ
die(header('Location:/'));
}
}
public function index()
{
if ($_POST) {
if ($this->model->Feedback($_POST)) {
Session::setSession('done', 'Ваше письмо отправлено!');
router::redirect($_SERVER['REQUEST_URI']);
exit;
} else {
Session::setSession('done', 'Ошибка в отправлении письма!');
router::redirect($_SERVER['REQUEST_URI']);
}
}
}
function login()
{
$_POST['userName'] = sanitizeData($_POST['userName']);
$this->set('post', $_POST);
$errMsg['userName'] = formatErrorMsg($this->validate->checkBlank($_POST['userName']));
$errMsg['password'] = formatErrorMsg($this->validate->checkBlank($_POST['password']));
if (!$this->validate->flagErr) {
$sql = "select u.*,ut.user_type from users u,usertypes ut where u.utype_id=ut.id and u.username='******'userName']) . "'";
$userInfo = $this->db->select($sql, true);
if (!empty($userInfo['id'])) {
if ($userInfo['password'] == md5($_POST['password'])) {
if ($userInfo['status'] == 1) {
// if login after first installation
if (!empty($_POST['lang_code']) && $_POST['lang_code'] != 'en') {
$sql = "UPDATE `settings` SET set_val='" . addslashes($_POST['lang_code']) . "' WHERE set_name='SP_DEFAULTLANG'";
$this->db->query($sql);
$sql = "UPDATE users SET lang_code='" . addslashes($_POST['lang_code']) . "' WHERE id=1";
$this->db->query($sql);
$userInfo['lang_code'] = $_POST['lang_code'];
}
// update timezone
if (!empty($_POST['time_zone'])) {
$sql = "UPDATE `settings` SET set_val='" . addslashes($_POST['time_zone']) . "' WHERE set_name='SP_TIME_ZONE'";
$this->db->query($sql);
}
$uInfo['userId'] = $userInfo['id'];
$uInfo['userType'] = $userInfo['user_type'];
@Session::setSession('userInfo', $uInfo);
@Session::setSession('lang_code', $userInfo['lang_code']);
@Session::setSession('text', '');
if ($referer = isValidReferer($_POST['referer'])) {
redirectUrl($referer);
} else {
redirectUrl(SP_WEBPATH . "/");
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["User inactive"]);
}
} else {
$errMsg['password'] = formatErrorMsg($_SESSION['text']['login']["Password incorrect"]);
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']["Login incorrect"]);
}
}
$this->set('errMsg', $errMsg);
$this->index();
}
public function Login($POST, $path = null)
{
$user = $this->model->getByLogin($POST['username_in']);
$hach = md5($POST['password_in'] . Config::get('salt'));
if ($user and $user['name'] == $POST['username_in'] and $user['password'] == $hach) {
Session::setSession('login', $user['name']);
Session::setSession('id', $user['id']);
Session::setSession('email', $user['email']);
if ($user['name'] == 'root') {
Session::setSession('root', true);
}
}
if (!$path) {
$path = $_SERVER['REQUEST_URI'];
}
Router::redirect($path);
}
public function modifyAction($I_id)
{
$this->haveAccess();
$S_name = $_POST['name'];
$O_profileMapper = new ProfileMapper();
$O_profile = $O_profileMapper->findById($I_id);
if ($S_name != $O_profile->getname()) {
try {
$O_profile->setName($S_name);
$O_profileMapper->update($O_profile);
die(header('Location:/user/default/'));
} catch (Exception $e) {
Session::setSession('error', $e->getMessage());
}
} else {
die(header('Location:/profile/edit/' . $I_id));
}
}
public function editMyblog()
{
if (Session::getSession('id_edit')) {
config::set('heading', 'РЕДАКТИРОВАНИЕ');
$id = Session::getSession('id_edit');
$this->data['one_blog'] = $this->model->getOneBlog($id);
} else {
Session::setSession('error', 'блог с таким идентификатором не найден');
router::redirect(DEFAULT_PATH . 'myblog/');
}
if ($_POST and isset($_POST['edit_done']) and clearData($_POST['edit_done']) and clearData($_POST['edit_done_text']) and clearData($_POST['edit_done_topic'])) {
$id = clearData($_POST['edit_done']);
$text = clearData($_POST['edit_done_text'], true);
$topic = clearData($_POST['edit_done_topic']);
if ($this->model->editRecord($id, $topic, $text)) {
router::redirect($_SERVER['REQUEST_URI']);
} else {
Session::setSession('error', 'Ошибка в редактировании блога!');
router::redirect($_SERVER['REQUEST_URI']);
}
}
}
public function loginAction()
{
// On récupère la valeur du login et du mot de passe saisi dans le formulaire
// Sécurité contre la saisie de code html ou javascript
// On convertit tous les caractères éligibles en entités HTML pour empêcher leur interprétation.
$S_login = htmlentities($_POST['login'], ENT_QUOTES);
$S_password = htmlentities($_POST['password'], ENT_QUOTES);
// on stocke le login dans la session :
Session::setSession('login', $S_login);
// si on a pas un identifiant et un mot de passe on renvoit sur la page de login.
if (null == $S_login || null == $S_password) {
// on stocke le message d'erreur dans la clef error
Session::setSession('error', 'Un identifiant et un mot de passe doivent être saisis');
die(header('Location:/login'));
}
try {
// on fait appelle au modèle UserMapper pour vérifier dans la base si le login existe
$O_userMapper = new UserMapper();
// on utilise la méthode recherche par login
$O_user = $O_userMapper->findByLogin($S_login);
} catch (Exception $e) {
Session::setSession('error', $e->getMessage());
die(header('Location:/login'));
}
// on vérifie le mot de passe :
if ($O_user->getPassword() === sha1($S_password)) {
session_regenerate_id();
$O_user->setPassword(null);
Session::setSession('user', $O_user);
Session::setSession('error', null);
die(header('Location:/'));
} else {
Session::setSession('error', 'Le mot de passe incorrect');
die(header('Location:/login'));
}
}
public function EditUserAdmin()
{
config::set('heading', 'РЕДАКТИРОВАНИЕ ПОЛЬЗОВАТЕЛЯ');
$temp_data = $this->model->getOneUser(Session::getSession('id_edit_user'));
$this->data['one_user'] = $temp_data[0];
if ($_POST and isset($_POST['update-form'])) {
$id = $_POST['user_id_for_update'];
$email = $_POST['email'];
$city = $_POST['city'];
$country = $_POST['country'];
$name = $_POST['username'];
if ($this->model->editUser($id, $name, $email, $country, $city)) {
router::redirect($_SERVER['REQUEST_URI']);
} else {
Session::setSession('error', 'Ошибка в редактировании пользователя!');
router::redirect($_SERVER['REQUEST_URI']);
}
}
}
<?php
session_start();
require_once "../../module/Connexion.php";
require_once "../../module/model/user.php";
require_once "../../module/Session.php";
if (isset($_POST["email"])) {
# preparation des donnees
$email = isset($_POST["email"]) ? $_POST["email"] : "";
$pwd = isset($_POST["password"]) ? $_POST["password"] : "";
$data = array('email' => $email, 'password' => $pwd);
# execution de l'operation
$user = new User();
$result = $user->checkLog($data);
#tester le rendu
if ($result) {
$session = new Session();
$dataSession = array('name' => 'email', 'value' => $email);
$session->setSession($dataSession);
if ($session->checkSession("email")) {
#redirection vers l'admin
header("location:../../../index");
} else {
echo "aucune session";
}
} else {
header("location:../../../login?c=failed");
}
} else {
include_once "../../layout/Intrusion/url.inc";
}
public function modifyAction($I_id)
{
$this->haveAccess(2);
$O_epiMapper = new EpiMapper();
$O_epi = $O_epiMapper->findById($I_id);
$O_epi->setDealer($_POST['dealer']);
$O_epi->setOrderNumber($_POST['order_number']);
$O_date = new DateTime($_POST['manufacture_date']);
$O_epi->setManufactureDate($O_date);
$O_date = new DateTime($_POST['purchase_date']);
$O_epi->setPurchaseDate($O_date);
$O_epi->setProfile($_POST['profile']);
$O_epi->setInternalReference($_POST['internal_reference']);
$O_date = new DateTime($_POST['commissioning_date']);
$O_epi->setCommissioningDate($O_date);
$O_date = new DateTime($_POST['last_check_date']);
$O_epi->setLastCheckDate($O_date);
$O_date = new DateTime($_POST['next_check_date']);
$O_epi->setNextCheckDate($O_date);
$O_date = new DateTime($_POST['end_of_life_date']);
$O_epi->setEndOfLifeDate($O_date);
$O_epi->setOperatorId($_POST['operator_id']);
try {
// on donne l'objet epi pour la mise à jour
$O_epiMapper->update($O_epi);
die(header('Location:/epi/paginate/1'));
} catch (Exception $e) {
Session::setSession('error', $e->getMessage());
}
}
} else {
$('#error_massage').html(loginError);
return false;
}
});
});
</script>
<?php
} else {
if (isset($_POST['login_submit'])) {
$control->setCookie('USER_RENTAL', $_POST['username'], $GLOBALS['TIME_COOKIE']);
}
if ($control->Value('USER_RENTAL')) {
$control->setCookie('USER_RENTAL', $control->Value('USER_RENTAL'), $GLOBALS['TIME_COOKIE']);
$control->setSession('LOGIN_VAILD', $_SERVER['REQUEST_URI']);
foreach ($database->Select('contract', array('canceled' => 0), 0) as $contract) {
$isToday = getdate(time());
$isCharge = 50;
$isChargeMonth = 3;
// Canceled Contract Expire
if ($contract['cancel_date'] != 0 && $contract['cancel_date'] < time() || $contract['expire_date'] < time()) {
$database->Update('contract', array('canceled' => 1), array('contract_id' => $contract['contract_id']));
$database->Update('object_rental', array('status_object' => 0), array('object_id' => $contract['object_id']));
} else {
// Canceled Contract Over 3 Month
if ($database->Count('payment', array('contract_id' => $contract['contract_id'], 'amount' => $contract['cost'], 'paid' => 0), 0) > $isChargeMonth) {
$database->Update('contract', array('cancel_date' => time(), 'canceled' => 1), array('contract_id' => $contract['contract_id']));
$database->Update('object_rental', array('status_object' => 0), array('object_id' => $contract['object_id']));
} else {
// Payment Month Insert
function startRegistration()
{
$_POST = sanitizeData($_POST);
$this->set('post', $_POST);
$userInfo = $_POST;
$subscriptionActive = false;
$errMsg['userName'] = formatErrorMsg($this->validate->checkUname($userInfo['userName']));
$errMsg['password'] = formatErrorMsg($this->validate->checkPasswords($userInfo['password'], $userInfo['confirmPassword']));
$errMsg['firstName'] = formatErrorMsg($this->validate->checkBlank($userInfo['firstName']));
$errMsg['lastName'] = formatErrorMsg($this->validate->checkBlank($userInfo['lastName']));
$errMsg['email'] = formatErrorMsg($this->validate->checkEmail($userInfo['email']));
$errMsg['code'] = formatErrorMsg($this->validate->checkCaptcha($userInfo['code']));
$errMsg['utype_id'] = formatErrorMsg($this->validate->checkNumber($userInfo['utype_id']));
// if payment plugin installed check whether valid payment gateway found
$seopluginCtrler = new SeoPluginsController();
if ($seopluginCtrler->isPluginActive("Subscription")) {
$subscriptionActive = true;
$errMsg['pg_id'] = formatErrorMsg($this->validate->checkNumber($userInfo['pg_id']));
}
if (!$this->validate->flagErr) {
if (!$this->__checkUserName($userInfo['userName'])) {
if (!$this->__checkEmail($userInfo['email'])) {
$utypeId = intval($userInfo['utype_id']);
$sql = "insert into users\r\n\t\t\t\t\t(utype_id,username,password,first_name,last_name,email,created,status) \r\n\t\t\t\t\tvalues ({$utypeId},'" . addslashes($userInfo['userName']) . "','" . md5($userInfo['password']) . "',\r\n\t\t\t\t\t'" . addslashes($userInfo['firstName']) . "','" . addslashes($userInfo['lastName']) . "',\r\n\t\t\t\t\t'" . addslashes($userInfo['email']) . "',UNIX_TIMESTAMP(),1)";
$this->db->query($sql);
// get user id created
$userId = $this->db->getMaxId('users');
// check whether subscription is active
if ($subscriptionActive and $userId) {
$utypeCtrler = new UserTypeController();
$utypeInfo = $utypeCtrler->__getUserTypeInfo($utypeId);
// if it is paid subscription, proceed with payment
if ($utypeInfo['price'] > 0) {
$paymentPluginId = intval($userInfo['pg_id']);
@Session::setSession('payment_plugin_id', $paymentPluginId);
$quantity = intval($userInfo['quantity']);
$pluginCtrler = $seopluginCtrler->createPluginObject("Subscription");
$paymentForm = $pluginCtrler->pgCtrler->getPaymentForm($paymentPluginId, $userId, $utypeInfo, $quantity);
$this->set('paymentForm', $paymentForm);
}
}
$this->render('common/registerconfirm');
return True;
} else {
$errMsg['email'] = formatErrorMsg($_SESSION['text']['login']['emailexist']);
}
} else {
$errMsg['userName'] = formatErrorMsg($_SESSION['text']['login']['usernameexist']);
}
}
$this->set('errMsg', $errMsg);
$this->register();
}
<?php
// On concerve le login saisi, pour ne pas à avoir a le ressaisir si le mot de passe est éronné.
$S_login = Session::getSession('login');
// On efface la Session
Session::setSession('user', null);
// on récupère la clef error de la variable SESSION s'il y a eu une erreur
$S_error = Session::getSession('error', true);
?>
<div id="connection" class="row">
<div class="col-xs-12">
<div class="main">
<div class="row">
<div class="col-xs-12 col-sm-6 col-sm-offset-1">
<h1>SAFETY</h1>
<h2>Outil de gestion des EPI</h2>
<form action="/login/login" name="login" role="form" class="form-horizontal" method="post" accept-charset="utf-8">
<div class="form-group">
<div class="col-md-8">
<input name="login" id="login" class="form-control" type="text" value="<?php
echo $S_login;
?>
" placeholder="NNI">
</div>
</div>
<div class="form-group">
<div class="col-md-8">
<input name="password" id="password" class="form-control" type="password" placeholder="Mot de passe">
</div>
</div>
<div class="form-group">
function logout()
{
Session::setSession('userInfo', "");
redirectUrl(SP_WEBPATH . "/login.php");
}
public function Login($mail, $pass)
{
$myConnection = new Connection();
$mysession = new Session();
$result2 = $myConnection->query("SELECT contraseña FROM USUARIO WHERE mail = '{$mail}'; ");
$passsha = sha1($myConnection->real_escape_string($pass));
$pass = $myConnection->real_escape_string($pass);
$row = mysqli_fetch_assoc($result2);
$hash = $row['contraseña'];
//Comparo que la contraseña coincida con el hash de la contraseña almacenada, este encriptada en Bcrypt o SHA1.
if (password_verify($pass, $hash) || $hash == $passsha) {
$result = $myConnection->query("SELECT * FROM USUARIO WHERE mail = '{$mail}' AND contraseña = '{$hash}' AND fecha_baja is null;");
if ($row = $result->fetch_object()) {
//Devuelve la fila actual de un conjunto de resultados como un objeto
if ($row->estado == 'Registrado') {
$mysession->initSession();
$mysession->setSession('id', $row->id_usuario);
$mysession->setSession('nombre', $row->nombre);
$mysession->setSession('apellido', $row->apellido);
$mysession->setSession('mail', $row->mail);
$mysession->setSession('usuario', $row->nombre_usuario);
$mysession->setSession('rol', $row->rol);
$mysession->setSession('estado', $row->estado);
$rol = $row->rol;
switch ($rol) {
case 'Administrador':
header('location: ../../indexAdmin.php');
break;
case 'Comun':
header('location: ../../index.php?usuario=' . $_SESSION['id']);
break;
}
} else {
if ($row->estado == 'Pendiente') {
echo "<div class='col-sm-12'>";
echo "<div class='jumbotron col-sm-6 col-sm-push-3'>";
echo "<h1 class='text-center'>Disculpe Las Moletias<br/></h1>";
echo "<p>Usuario " . $row->nombre . " " . $row->apellido . " su solicitud de registro todavia no fue confirmada por el Administrador del sitio.</p>";
echo "<a class='btn btn-primary btn-lg pull-right' href='../../index.php' role='button'>Inicio</a>";
echo "</div>";
echo "</div>";
}
}
}
} else {
header('location: ../../index.php?error=1');
}
$myConnection->close();
}
function showSeoPlugins($info = '')
{
$this->layout = "default";
$sql = "select * from seoplugins where status=1 and installed=1 order by id";
$menuList = $this->db->select($sql);
if (count($menuList) <= 0) {
$this->set('msg', 'No Active Seo Plugins Found!');
$this->render('common/notfound');
exit;
}
# to get sub menus under a plugin main menu
foreach ($menuList as $i => $menuInfo) {
Session::setSession('plugin_id', $menuInfo['id']);
$pluginDirName = $menuInfo['name'];
$menuFile = SP_PLUGINPATH . "/" . $pluginDirName . "/views/" . SP_PLUGINMENUFILE;
if (file_exists($menuFile)) {
$menuList[$i]['menu'] = View::fetchFile($menuFile);
} else {
$menuList[$i]['menu'] = "<ul id='subui'>\r\n\t\t\t\t\t\t\t\t\t\t\t<li><a href='javascript:void(0);' onclick=\"" . pluginMenu('action=index') . "\">{$menuInfo['name']}</a></li>\r\n\t\t\t\t\t\t\t\t\t\t</ul>";
}
}
$this->set('menuList', $menuList);
$menuSelected = empty($info['menu_selected']) ? $menuList[0]['id'] : $info['menu_selected'];
$this->set('menuSelected', $menuSelected);
$this->render('seoplugins/showseoplugins');
}
public function modifyAction($I_id)
{
$this->isAdmin();
$S_login = $_POST['login'];
if (isset($_POST['sendPassword'])) {
$B_password = $_POST['sendPassword'];
}
$S_name = $_POST['name'];
$S_firstName = $_POST['firstName'];
if (isset($_POST['sizeHarness'])) {
$I_sizeHarness = $_POST['sizeHarness'];
}
$S_email = $_POST['email'];
if (isset($_POST['company_id'])) {
$I_company_id = $_POST['company_id'];
}
if (isset($_POST['subgroup_id'])) {
$I_subgroup_id = $_POST['subgroup_id'];
}
if (isset($_POST['staff_id'])) {
$I_staff_id = $_POST['staff_id'];
}
if (isset($_POST['profile'])) {
$S_profile = $_POST['profile'];
}
$O_userMapper = new UserMapper();
$O_user = $O_userMapper->findById($I_id);
if (isset($_SESSION['token'])) {
if ($_POST['token'] == $_SESSION['token']) {
// OK - Je peux faire le traitement
// avons nous un operator ?
if (isset($_POST['operator']) && !isset($_POST['inspector'])) {
// si aucune modification de faite pas la peine de le lancer une requete
if ($S_login != $O_user->getLogin() || $S_name != $O_user->getOperator()->getName() || $S_firstName != $O_user->getOperator()->getFirstName() || $I_sizeHarness != $O_user->getOperator()->getSizeHarness() || $S_email != $O_user->getOperator()->getEmail() || $I_company_id != $O_user->getOperator()->getTeam()->getSubgroup()->getCompany()->getId() || $I_subgroup_id != $O_user->getOperator()->getTeam()->getSubgroup()->getId() || $I_staff_id != $O_user->getOperator()->getTeam()->getstaff()->getId() || isset($S_profile) && $S_profile != $O_user->getProfile()->getName()) {
// je mets à jour le login du user:
$O_user->setLogin($S_login);
// Pour mettre à jour la variable $profile_id et l'objet profile contenu dans l'objet user :
$O_profileMapper = new ProfileMapper();
$O_profile = $O_profileMapper->findByName($S_profile);
$O_user->setProfile($O_profile);
$O_user->setProfileId($O_user->getProfile()->getId());
// Pour mettre à jour l'operateur lié à l'utilisateur
$O_operatorMapper = new OperatorMapper();
$O_operator = $O_operatorMapper->findById($O_user->getOperatorId());
$O_operator->setName($S_name);
$O_operator->setFirstName($S_firstName);
$O_operator->setSizeHarness($I_sizeHarness);
$O_operator->setEmail($S_email);
// Pour cherché la team concerné par le subgroup et le staff
$O_teamMapper = new TeamMapper();
$O_team = $O_teamMapper->findByTwoIds($I_staff_id, $I_subgroup_id);
// Pour cherché le sous groupe concerné
$O_subgroupMapper = new SubgroupMapper();
$O_subgroup = $O_subgroupMapper->findById($I_subgroup_id);
// Pour cherché le staff
$O_staffMapper = new StaffMapper();
$O_staff = $O_staffMapper->findById($I_staff_id);
// On donne à l'objet Team son objet Staff et Subgroup
$O_team->setStaff($O_staff);
$O_team->setSubgroup($O_subgroup);
// On donne à l'opérateur sa team
$O_operator->setTeamId($O_team->getId());
$O_operator->setTeam($O_team);
// On donne à l'utilisateur son opérateur
$O_user->setOperator($O_operator);
try {
// on donne l'objet user pour la mise à jour
$O_userMapper->update($O_user);
// on donne l'objet operator pour la mise à jour
$O_operatorMapper->update($O_operator);
die(header('Location:/user/default/'));
} catch (Exception $e) {
Session::setSession('error', $e->getMessage());
}
} elseif ($B_password == true) {
$this->sendPasswordAction($S_email);
$O_userMapper->changePassword($O_user, $this->S_password);
die(header('Location:/user/default/'));
} else {
die(header('Location:/user/edit/' . $I_id));
}
} elseif (!isset($_POST['operator']) && isset($_POST['inspector'])) {
// si aucune modification de faite pas la peine de le lancer une requete
if ($S_login != $O_user->getLogin() || $S_name != $O_user->getInspector()->getName() || $S_firstName != $O_user->getInspector()->getFirstName() || $S_email != $O_user->getInspector()->getEmail() || isset($S_profile) && $S_profile != $O_user->getProfile()->getName()) {
// je mets à jour le login du user:
$O_user->setLogin($S_login);
// Pour mettre à jour la variable $profile_id et l'objet profile contenu dans l'objet user :
$O_profileMapper = new ProfileMapper();
$O_profile = $O_profileMapper->findByName($S_profile);
$O_user->setProfile($O_profile);
$O_user->setProfileId($O_user->getProfile()->getId());
// Pour mettre à jour l'inspecteur lié à l'utilisateur
$O_inspectorMapper = new InspectorMapper();
$O_inspector = $O_inspectorMapper->findById($O_user->getinspectorId());
$O_inspector->setName($S_name);
$O_inspector->setFirstName($S_firstName);
$O_inspector->setEmail($S_email);
// On donne à l'utilisateur son inspecteur
$O_user->setInspector($O_inspector);
try {
// on donne l'objet user pour la mise à jour
$O_userMapper->update($O_user);
// on donne l'objet operator pour la mise à jour
$O_inspectorMapper->update($O_inspector);
die(header('Location:/user/default/'));
} catch (Exception $e) {
Session::setSession('error', $e->getMessage());
}
} elseif ($B_password == true) {
$this->sendPasswordAction($S_email);
$O_userMapper->changePassword($O_user, $this->S_password);
die(header('Location:/user/default/'));
} else {
die(header('Location:/user/edit/' . $I_id));
}
} elseif (isset($_POST['operator']) && isset($_POST['inspector'])) {
// si aucune modification de faite pas la peine de le lancer une requete
if ($S_login != $O_user->getLogin() || $S_name != $O_user->getOperator()->getName() || $S_firstName != $O_user->getOperator()->getFirstName() || $I_sizeHarness != $O_user->getOperator()->getSizeHarness() || $S_email != $O_user->getOperator()->getEmail() || $I_company_id != $O_user->getOperator()->getTeam()->getSubgroup()->getCompany()->getId() || $I_subgroup_id != $O_user->getOperator()->getTeam()->getSubgroup()->getId() || $I_staff_id != $O_user->getOperator()->getTeam()->getstaff()->getId() || isset($S_profile) && $S_profile != $O_user->getProfile()->getName() || $S_name != $O_user->getInspector()->getName() || $S_firstName != $O_user->getInspector()->getFirstName() || $S_email != $O_user->getInspector()->getEmail()) {
// je mets à jour le login du user:
$O_user->setLogin($S_login);
// Pour mettre à jour la variable $profile_id et l'objet profile contenu dans l'objet user :
$O_profileMapper = new ProfileMapper();
$O_profile = $O_profileMapper->findByName($S_profile);
$O_user->setProfile($O_profile);
$O_user->setProfileId($O_user->getProfile()->getId());
// Pour mettre à jour l'operateur lié à l'utilisateur
$O_operatorMapper = new OperatorMapper();
$O_operator = $O_operatorMapper->findById($O_user->getOperatorId());
$O_operator->setName($S_name);
$O_operator->setFirstName($S_firstName);
$O_operator->setSizeHarness($I_sizeHarness);
$O_operator->setEmail($S_email);
// Pour cherché la team concerné par le subgroup et le staff
$O_teamMapper = new TeamMapper();
$O_team = $O_teamMapper->findByTwoIds($I_staff_id, $I_subgroup_id);
// Pour cherché le sous groupe concerné
$O_subgroupMapper = new SubgroupMapper();
$O_subgroup = $O_subgroupMapper->findById($I_subgroup_id);
// Pour cherché le staff
$O_staffMapper = new StaffMapper();
$O_staff = $O_staffMapper->findById($I_staff_id);
// On donne à l'objet Team son objet Staff et Subgroup
$O_team->setStaff($O_staff);
$O_team->setSubgroup($O_subgroup);
// On donne à l'opérateur sa team
$O_operator->setTeamId($O_team->getId());
$O_operator->setTeam($O_team);
// On donne à l'utilisateur son opérateur
$O_user->setOperator($O_operator);
// Pour mettre à jour l'inspecteur lié à l'utilisateur
$O_inspectorMapper = new InspectorMapper();
$O_inspector = $O_inspectorMapper->findById($O_user->getinspectorId());
$O_inspector->setName($S_name);
$O_inspector->setFirstName($S_firstName);
$O_inspector->setEmail($S_email);
// On donne à l'utilisateur son inspecteur
$O_user->setInspector($O_inspector);
try {
// on donne l'objet user pour la mise à jour
$O_userMapper->update($O_user);
// on donne l'objet operator pour la mise à jour
$O_operatorMapper->update($O_operator);
// on donne l'objet operator pour la mise à jour
$O_inspectorMapper->update($O_inspector);
die(header('Location:/user/default/'));
} catch (Exception $e) {
Session::setSession('error', $e->getMessage());
}
} elseif ($B_password == true) {
$this->sendPasswordAction($S_email);
$O_userMapper->changePassword($O_user, $this->S_password);
die(header('Location:/user/default/'));
} else {
die(header('Location:/user/edit/' . $I_id));
}
} else {
Session::setSession('error', "Vous n'avez pas choisi si l'utilisateur est un opérateur et/ou un inspecteur");
die(header('Location:/user/edit/' . $I_id));
}
} else {
// Le jeton est difféerent, donc erreur
}
} else {
// le jeton est inexistant donc erreur
}
}
function showSeoPlugins($info = '')
{
$this->layout = "default";
$sql = "select * from seoplugins where status=1 and installed=1 order by id";
$menuList = $this->db->select($sql);
if (count($menuList) <= 0) {
$msg = $_SESSION['text']['label']['noactiveplugins'];
$msgButton = '<a class="actionbut" href="' . SP_PLUGINSITE . '" target="_blank">' . $this->spTextPlugin['Download Seo Panel Plugins'] . ' >></a>';
$this->set('msg', $msg);
$this->set('msgButton', $msgButton);
$this->render('common/notfound');
exit;
}
# to get sub menus under a plugin main menu
foreach ($menuList as $i => $menuInfo) {
@Session::setSession('plugin_id', $menuInfo['id']);
$pluginDirName = $menuInfo['name'];
$menuFile = SP_PLUGINPATH . "/" . $pluginDirName . "/views/" . SP_PLUGINMENUFILE;
if (file_exists($menuFile)) {
$menuList[$i]['menu'] = @View::fetchFile($menuFile);
} else {
$menuList[$i]['menu'] = "<ul id='subui'>\r\n\t\t\t\t\t\t\t\t\t\t\t<li><a href='javascript:void(0);' onclick=\"" . pluginMenu('action=index') . "\">{$menuInfo['name']}</a></li>\r\n\t\t\t\t\t\t\t\t\t\t</ul>";
}
}
$this->set('menuList', $menuList);
$menuSelected = empty($info['menu_selected']) ? $menuList[0]['id'] : $info['menu_selected'];
$this->set('menuSelected', $menuSelected);
$this->render('seoplugins/showseoplugins');
}
/**
* Effectue un login avec les informations reçues.
*
* @param string $email
* @param string $password
* @return un booléen de validation du login.
* true = valide.
* false = invalide.
*/
public static function doLogin($email, $password)
{
// Vérifie que l'email et le mot de passe sont de format text.
if (!Tools::isStringValid($email) || !Tools::isStringValid($password)) {
return false;
}
try {
// Par défaut le login est un échec.
$isLogged = false;
// Charge un utilisateur identifié par son email.
if ($user = User::findByEmail($email)) {
// Vérifie que les identifiants de connexion sont valides.
if ($user->isPasswordCorrect($password) && $user->isActif()) {
// Si oui, défini les valeurs utiles dans la super variables _SESSION.
// Défini l'ID, l'email et le right.
Session::setSession($user->id, $user->email, $user->right->getRight());
// Change la valeur du booléen.
$isLogged = true;
}
// Retourne le status de login.
return $isLogged;
}
} catch (Exception $e) {
}
// Le login a échoué.
return false;
}
<?php
Login::restrictFront();
$token1 = mt_rand();
$token2 = Login::string2hash($token1);
Session::setSession('token2', $token2);
$objBasket = new Basket();
$out = array();
$session = Session::getSession('basket');
if (!empty($session)) {
$objCatalogue = new Catalogue();
foreach ($session as $key => $value) {
$out[$key] = $objCatalogue->getProduct($key);
}
}
require_once "_header.php";
?>
<h1>Order summary</h1>
<?php
if (!empty($out)) {
?>
<div id="big_basket">
<form action="" method="post" id="frm_basket">
<table cellpadding="0" cellspacing="0" border="0" class="tbl_repeat">
<tr>
/**
* Megállítja a debug trace-t.
*
* @return boolean Sikeres volt e a művelet vagy sem.
* @version 1.0
*/
public static function stopDebugTrace() : bool
{
(string) ($loc_Filename = "");
fclose($loc_Filename);
Session::setSession(self::debugSessionTrace, false);
return Session::unsetSession(self::debugSessionTraceName);
}
