public function isLogged()
{
if (isset($this->user_id) && Session::check()) {
return true;
} else {
return false;
}
}
/**
* get flash messege
*/
public static function getMessage()
{
if (Session::check('notification_message')) {
$notifications = Session::get('notification_message');
foreach ($notifications as $notification) {
echo self::getTemplate($notification);
}
Session::delete('notification_message');
}
}
/**
*
* @param AppController $class
*/
protected function parametros(AppController $class)
{
$endereco = null;
$modelEventos = new Evento();
$meusEventos = $modelEventos->verificaEventosParaPromoter(Session::read('Usuario.pessoas_id'));
if (Session::check('Empresa')) {
$modelEndereco = new Endereco();
$endereco = $modelEndereco->findEnderecosEmpresa(Session::read('Empresa.empresas_id'));
$endereco = $endereco[0];
}
$class->set('title_layout', 'Painel Administrativo');
$class->set('endereco', $endereco);
$class->set('meusEventos', $meusEventos);
}
public function __construct($internal = false)
{
$this->internal = $internal;
if (!$this->internal) {
Session::check();
}
$viewName = get_class($this);
if (strlen($viewName) > 10 && substr($viewName, -10) == 'Controller') {
$viewName = substr($viewName, 0, -10);
}
$viewName .= 'View';
if (class_exists($viewName)) {
$this->view = new $viewName();
}
}
protected function parametros(\AppController $class)
{
$clientes = 0;
$funcionarios = 0;
$class->addJs(array('js/chart-js/Chart', 'js/chartjs.init'));
$endereco = null;
if (Session::check('Empresa')) {
$modelCliente = new Cliente();
$modelFuncionario = new Funcionario();
$clientes = $modelCliente->clientesProprietario(Session::read('Usuario.pessoas_id'), Session::read('Usuario.roles_id'));
$clientes = count($clientes);
$funcionarios = $modelFuncionario->find('all', array('empresas_id' => Session::read('Empresa.empresas_id')));
$funcionarios = count($funcionarios);
$endereco = $this->Endereco->findEnderecosEmpresa(Session::read('Empresa.empresas_id'));
$endereco = $endereco[0];
}
$class->set('title_layout', 'Painel Administrativo');
$class->set('endereco', $endereco);
$class->set('clientes', $clientes);
$class->set('funcionarios', $funcionarios);
}
$size = Art::get_thumb_size($_GET['thumb']);
$kind = isset($_GET['kind']) ? $_GET['kind'] : 'default';
$image = '';
$mime = '';
$filename = '';
$etag = '';
$typeManaged = false;
if (isset($_GET['type'])) {
switch ($_GET['type']) {
case 'popup':
$typeManaged = true;
require_once AmpConfig::get('prefix') . UI::find_template('show_big_art.inc.php');
break;
case 'session':
// If we need to pull the data out of the session
Session::check();
$filename = scrub_in($_REQUEST['image_index']);
$image = Art::get_from_source($_SESSION['form']['images'][$filename], 'album');
$mime = $_SESSION['form']['images'][$filename]['mime'];
$typeManaged = true;
break;
}
}
if (!$typeManaged) {
$item = new $type($_GET['object_id']);
$filename = $item->name ?: $item->title;
$art = new Art($item->id, $type, $kind);
$art->get_db();
$etag = $art->id;
// That means the client has a cached version of the image
$reqheaders = getallheaders();
public static function auth_user()
{
$isLocal = self::is_local();
$headers = apache_request_headers();
$myplex_token = $headers['X-Plex-Token'];
if (empty($myplex_token)) {
$myplex_token = $_REQUEST['X-Plex-Token'];
}
if (!$isLocal) {
$match_users = AmpConfig::get('plex_match_email');
$myplex_username = $headers['X-Plex-Username'];
if (empty($myplex_token)) {
// Never fail OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
self::setPlexHeader($headers);
exit;
} else {
debug_event('Access Control', 'Authentication token is missing.', '3');
self::createError(401);
}
}
$createSession = false;
Session::gc();
$username = "";
$email = trim(Session::read((string) $myplex_token));
if (empty($email)) {
$createSession = true;
$xml = self::get_server_authtokens();
$validToken = false;
foreach ($xml->access_token as $tk) {
if ((string) $tk['token'] == $myplex_token) {
$username = (string) $tk['username'];
// We should apply filter and access restriction to shared sections only, but that's not easily possible with current Ampache architecture
$validToken = true;
break;
}
}
if (!$validToken) {
debug_event('Access Control', 'Auth-Token ' . $myplex_token . ' invalid for this server.', '3');
self::createError(401);
}
}
// Need to get a match between Plex and Ampache users
if ($match_users) {
if (!AmpConfig::get('access_control')) {
debug_event('Access Control', 'Error Attempted to use Plex with Access Control turned off and plex/ampache link enabled.', '3');
self::createError(401);
}
if (empty($email)) {
$xml = self::get_users_account();
if ((string) $xml->username == $username) {
$email = (string) $xml->email;
} else {
$xml = self::get_server_friends();
foreach ($xml->User as $xuser) {
if ((string) $xuser['username'] == $username) {
$email = (string) $xuser['email'];
}
}
}
}
if (!empty($email)) {
$user = User::get_from_email($email);
}
if (!isset($user) || !$user->id) {
debug_event('Access Denied', 'Unable to get an Ampache user match for email ' . $email, '3');
self::createError(401);
} else {
$username = $user->username;
if (!Access::check_network('init-api', $username, 5)) {
debug_event('Access Denied', 'Unauthorized access attempt to Plex [' . $_SERVER['REMOTE_ADDR'] . ']', '3');
self::createError(401);
} else {
$GLOBALS['user'] = $user;
$GLOBALS['user']->load_playlist();
}
}
} else {
$email = $username;
$username = null;
$GLOBALS['user'] = new User();
$GLOBALS['user']->load_playlist();
}
if ($createSession) {
// Create an Ampache session from Plex authtoken
Session::create(array('type' => 'api', 'sid' => $myplex_token, 'username' => $username, 'value' => $email));
}
} else {
AmpConfig::set('cookie_path', '/', true);
$sid = $_COOKIE[AmpConfig::get('session_name')];
if (!$sid) {
$sid = $myplex_token;
if ($sid) {
session_id($sid);
Session::create_cookie();
}
}
if (!empty($sid) && Session::exists('api', $sid)) {
Session::check();
$GLOBALS['user'] = User::get_from_username($_SESSION['userdata']['username']);
} else {
$GLOBALS['user'] = new User();
$data = array('type' => 'api', 'sid' => $sid);
Session::create($data);
Session::check();
}
$GLOBALS['user']->load_playlist();
}
}
public function recuperaEmpresa()
{
try {
$empresasId = $_POST['empresas_id'];
$empresa = $this->Empresa->findEmpresa($empresasId);
$contatos = $this->Empresa->contatosEmpresa($empresasId);
$contaEmpresa = $this->Empresa->contaEmpresa(md5($empresasId));
if (count($empresa) > 0) {
$_SESSION['Empresa'] = $empresa[0];
$_SESSION['Contato'] = $contatos;
$_SESSION['ContaEmpresa'] = $contaEmpresa[0];
if (Session::check('Form')) {
$_SESSION['Form'] = NULL;
unset($_SESSION['Form']);
}
}
echo json_encode(array('funcao' => "window.location.reload();"));
} catch (Exception $ex) {
echo $ex->getMessage();
}
}
public function run()
{
Session::check();
parent::run();
}
*/
$config['RoleSessionVar'] = 'CKFinder_UserRole';
//session_start();
/*
AccessControl : used to restrict access or features to specific folders.
Many "AccessControl" entries can be added. All attributes are optional.
Subfolders inherit their default settings from their parents' definitions.
- The "role" attribute accepts the special '*' value, which means
"everybody".
- The "resourceType" attribute accepts the special value '*', which
means "all resource types".
*/
$ressourceType = '*';
if (Session::check('REWRITE_CK_FINDER_RESSOURCE_TYPE')) {
$ressourceType = Session::read('REWRITE_CK_FINDER_RESSOURCE_TYPE');
}
$config['AccessControl'][] = array('role' => '*', 'resourceType' => $ressourceType, 'folder' => '/', 'folderView' => true, 'folderCreate' => true, 'folderRename' => true, 'folderDelete' => true, 'fileView' => true, 'fileUpload' => true, 'fileRename' => true, 'fileDelete' => true);
/*
For example, if you want to restrict the upload, rename or delete of files in
the "Logos" folder of the resource type "Images", you may uncomment the
following definition, leaving the above one:
$config['AccessControl'][] = Array(
'role' => '*',
'resourceType' => 'Images',
'folder' => '/Logos',
'folderView' => true,
'folderCreate' => true,
}
require_once '/auth.config.php';
require_once '/../utils/helper.class.php';
require_once "/auth.class.php";
$user_agent_string = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$token = Numbers::_randKey();
$debug = array();
$debug['working'] = true;
//session is still on so we just go on to the panel
if (isset($_SESSION['uid'])) {
$debug['session_ok'] = true;
header('Location: panel.php');
} elseif (!empty($_COOKIE['_ut35'])) {
//we got a cookie here but don't trust cookies just as bad as form fields
// var_dump(Session::check(trim($_COOKIE['_ut35']), $user_agent_string));
if (Session::check(trim($_COOKIE['_ut35']), $user_agent_string) == true) {
//echo"<h1>cookie</h1>";
$debug['cookie checked'] = true;
$debug['login_using cookie'] = true;
//cookie session key is ok set the ssid
$user = DBWorker::getRow('SELECT user_id FROM session WHERE token = "' . $token . '" AND user_agent_string = :uas ;', ':uas', $user_agent_string);
Session::alter($token, $user_agent_string, 'update');
$_SESSION['uid'] = $user !== false ? $user['user_id'] : '';
if (isset($_SESSION['uid'])) {
$debug['COOKIE_OK_l'] = true;
}
header('Location: panel.php');
}
}
$auth = null;
$error = '';
*/
if (!defined('IN_NEWSLETTER')) {
exit('<b>No hacking</b>');
}
define('IN_ADMIN', true);
define('WA_ROOTDIR', '..');
$secure = TRUE;
require WA_ROOTDIR . '/start.php';
require WA_ROOTDIR . '/includes/class.sessions.php';
require WA_ROOTDIR . '/includes/class.auth.php';
$liste = !empty($_REQUEST['liste']) ? intval($_REQUEST['liste']) : 0;
//
//// Start session and load settings
//
$session = new Session();
$admindata = $session->check($liste);
load_settings($admindata);
//
//// End
//
if (!defined('IN_LOGIN')) {
if (!$admindata) {
$redirect = '?redirect=' . basename(server_info('PHP_SELF'));
$redirect .= server_info('QUERY_STRING') != '' ? rawurlencode('?' . server_info('QUERY_STRING')) : '';
Location('login.php' . $redirect);
}
$auth = new Auth();
//
// Si la liste en session n'existe pas, on met à jour la session
//
if (!isset($auth->listdata[$admindata['session_liste']])) {
/**
* Returns the validation result
*
* @return boolean
*/
public static function check()
{
return Session::check();
}
<?php
if (Session::check('Usuario')) {
?>
<div class="row" style="margin-top: 20px;">
<div class="col-sm-12 col-xs-12">
<a href="<?php
echo $urlPDF;
?>
" target="_blank" class="btn btn-xs btn-primary">Gerar PDF</a>
<a class="btn btn-xs btn-warning " id="cadastrar-novo-convidado" data-token="<?php
echo $token;
?>
"><i class="fa fa-user"></i> Cadastrar Convidado</a>
<a class="btn btn-xs btn-info pull-right" href="<?php
echo Router::url(array('View', 'webroot', 'arquivos', 'lista_convidados.csv'));
?>
"><i class="fa fa-download"></i> Baixar Lista</a>
</div>
</div>
<div class="clearfix"></div>
<?php
}
?>
<div class="row">
<div class="col-sm-12" style="overflow-y:auto; height:300px; margin-top: 15px;">
<table class="table table-condensed table-striped" >
<thead>
<tr>
<th><strong>Nome:</strong></th>
<div id="sidebar" class="nav-collapse">
<!-- sidebar menu start-->
<div class="leftside-navigation">
<ul class="sidebar-menu" id="nav-accordion">
<?php
if (Session::check('Empresa')) {
?>
<li style="padding-top:0px; margin-bottom:15px; border-bottom:none">
<div class="" >
<div class="">
<div class="col-sm-5">
<?php
if (Session::read('Usuario.roles_id') != 5) {
?>
<?php
if (Session::check('Empresa') && Session::read('Empresa.logo') != NULL) {
?>
<img src="<?php
echo Router::url(array('View/webroot/img/logos', Session::read('Empresa.logo')));
?>
" class="" style="width:70px; "/>
<?php
} else {
?>
<img src="<?php
echo Router::url(array('View/webroot/img/no-image.jpg'));
?>
" class="img-thumbnail" style="width:80px; "/>
<?php
}
?>
public function primeirasConfiguracoes()
{
// $_SESSION = Array
// (
// 'Pessoa' => Array
// (
// 'nome' => 'Bruno Blauzius Schuindt',
// 'email' => '*****@*****.**',
// 'ddd' => 41,
// 'telefone' => 97268858,
// 'senha' => 'blauzius02',
// 'confirm_senha' => 'blauzius02',
// 'termo' => 1,
// 'pessoas_id' => 18,
// 'pessoaFisica_id' => 17,
// 'usuarios_id' => 17,
// ),
//
// 'Empresa' => Array
// (
// 'nome_fantasia' => 'Minha Empresa Teste',
// 'pessoaJuridica_id' => 12,
// 'empresas_id' => 12,
// ),
//
// 'Endereco' => Array
// (
// 'cep' => 83331210,
// 'logradouro' => 'Rua Leila Diniz',
// 'bairro' => 'Maria Antonieta' ,
// 'cidade' => 'Pinhais',
// 'uf' => 'PR',
// 'numero' => 5632,
// ),
//
// );
if (Session::check('Empresa')) {
$this->addJs(array('3dParty/jquery-1.11.0.min', '3dParty/bootstrap/js/bootstrap.min', '3dParty/jquery.touchSwipe.min', '3dParty/gauge.min', '3dParty/rs-plugin/js/jquery.themepunch.tools.min', '3dParty/rs-plugin/js/jquery.themepunch.revolution.min', '3dParty/requestAnimationFramePolyfill.min', '3dParty/jquery.scrollTo.min', '3dParty/colorbox/jquery.colorbox-min', 'scripts/pi.global.min', 'scripts/pi.slider', 'scripts/pi.init.slider', '3dParty/jquery.easing.1.3', 'scripts/pi.counter', 'scripts/pi.init.counter', 'scripts/pi.parallax', 'scripts/pi.init.parallax', 'scripts/pi.init.revolutionSlider', 'scripts/cep', 'scripts/config-primary', 'scripts/funcoes.site'));
$this->addCss(array('3dParty/bootstrap/css/bootstrap.min', 'css/global', '3dParty/rs-plugin/css/pi.settings', 'css/typo', '3dParty/colorbox/colorbox', 'css/portfolio', 'css/slider', 'css/counters', 'css/social', '3dParty/fontello/css/fontello'));
$this->layout = 'layout_site_menu_sem_link';
$this->set('description', 'Otimize o trabalho de gerenciamento de reservas e eventos e de quebra receba uma ferramenta poderosíssima de gestão de clientes. Com o MyNight, você terá informações da mais alta qualidade para conseguir visualizar como está a procura por reservas na sua casa, verificando o perfil do cliente, reservas por dia da semana, ociosidade do salão, clientes mais frequentes, taxas de no-show e muito mais!');
$this->set('title_layout', ' Crie sua conta com a my night ' . $this->systemName);
$this->render();
} else {
Render::redirect(array('Pages', 'cadastro-estabelecimento'));
}
}
<?php
session_start();
date_default_timezone_set('Europe/Paris');
require_once 'core/core-loader.php';
$session = new Session();
if (isset($_GET['page'])) {
if (strpos($_GET['page'], '/') === false && file_exists('pages/' . $_GET['page'] . '.php')) {
define('PAGE', 'pages/' . $_GET['page'] . '.php');
} else {
define('PAGE', 'pages/http-error.php');
define('HTTP_ERROR', 404);
}
} elseif ($session->check()) {
define('PAGE', 'pages/sched.php');
} else {
define('PAGE', 'pages/signin.php');
}
include PAGE;
/**
* @todo verifica tem alguma empresa logada
* @throws Exception
*/
protected function checaEmpresa()
{
try {
if (!Session::check('Empresa')) {
throw new Exception('Olá administrador, selecione uma empresa cadastrada em sua conta e continue utilizando normalmente esta área!', 2015);
}
} catch (Exception $ex) {
throw $ex;
}
}
public function listarConvidados()
{
if (Session::check('Usuario')) {
$this->layout = 'null';
} else {
$this->layout = 'imprimir';
}
$token = $_GET['param'];
$convidados = $this->Reserva->listaConvidados($token);
$urlPDF = 'http://snappypdf.com.br/landscape.php?url=' . Router::url(array('Reservas', 'listarConvidados', $token)) . '&landscape=1';
$this->set('convidados', $convidados);
$this->set('token', $token);
$this->set('urlPDF', $urlPDF);
$this->render();
}
/**
* Permet de supprimer une donnée dans la session
*
* @param varchar $key Clée de la donnée (Peut être composée de . pour les niveaux)
* @return boolean Vrai si la valeur est supprimée, faux sinon
* @access static
* @author koéZionCMS
* @version 0.1 - 30/12/2011
* @see /Koezion/lib/set.php
*/
static function delete($key)
{
$_SESSION = Set::remove($_SESSION, $key);
return Session::check($key) == false;
}
