public function install()
{
$user_pass = "******";
echo "<h1>Installing Burge CMF</h1>";
$this->log_manager_model->info("CMF_INSTALL");
$this->load->model("module_manager_model");
$this->module_manager_model->install_module("module_manager");
$this->module_manager_model->install_module("user_manager");
$this->load->model("user_manager_model");
$props = array("user_name" => $user_pass, "user_email" => $user_pass, "user_pass" => $user_pass, "user_code" => 10);
$this->user_manager_model->add_if_not_exist($props);
$user = new User($user_pass);
echo "Username: {$user_pass}<br>Pass: {$user_pass}<br>";
echo "<h2>Login <a href='" . get_link("admin_login") . "'>here</a>.</h2>";
$this->module_manager_model->install_module("access_manager");
$this->module_manager_model->install_module("hit_counter");
$this->module_manager_model->install_module("post_manager");
$this->module_manager_model->install_module("log_manager");
$this->module_manager_model->install_module("constant_manager");
$default_lang = array_keys(LANGUAGES())[0];
$modules_info = $this->module_manager_model->get_all_modules_info($default_lang);
$modules = array();
foreach ($modules_info as $md) {
$modules[] = $md['module_id'];
}
$this->load->model("access_manager_model");
$this->access_manager_model->set_allowed_modules_for_user($user->get_id(), $modules);
return;
}
function get_settings()
{
$instance_id = $this->uri->segment(3);
// Check plugin can be instantiated - if not handle gracefully
try {
$plugin = PluginManager::getPluginFromInstance($instance_id);
print json_encode($plugin->getInstanceSettings(User::get_id()));
} catch (Exception $e) {
Kohana::log('debug', $e->getMessage());
print 'No plugin to instantiate';
}
}
private function build_table()
{
$number_admins = UserService::count_admin_members();
$table_model = new SQLHTMLTableModel(DB_TABLE_MEMBER, 'table', array(new HTMLTableColumn($this->lang['display_name'], 'display_name'), new HTMLTableColumn($this->lang['level'], 'level'), new HTMLTableColumn($this->lang['email']), new HTMLTableColumn($this->lang['registration_date'], 'registration_date'), new HTMLTableColumn($this->lang['last_connection'], 'last_connection_date'), new HTMLTableColumn($this->lang['approbation'], 'approved'), new HTMLTableColumn('')), new HTMLTableSortingRule('display_name', HTMLTableSortingRule::ASC));
$table = new HTMLTable($table_model);
$table_model->set_caption(LangLoader::get_message('members.members-management', 'admin-user-common'));
$results = array();
$result = $table_model->get_sql_results('m LEFT JOIN ' . DB_TABLE_INTERNAL_AUTHENTICATION . ' ia ON ia.user_id = m.user_id');
foreach ($result as $row) {
$user = new User();
$user->set_properties($row);
$edit_link = new LinkHTMLElement(UserUrlBuilder::edit_profile($user->get_id()), '', array('title' => LangLoader::get_message('edit', 'common')), 'fa fa-edit');
if ($user->get_level() != User::ADMIN_LEVEL || $user->get_level() == User::ADMIN_LEVEL && $number_admins > 1) {
$delete_link = new LinkHTMLElement(AdminMembersUrlBuilder::delete($user->get_id()), '', array('title' => LangLoader::get_message('delete', 'common'), 'data-confirmation' => 'delete-element'), 'fa fa-delete');
} else {
$delete_link = new LinkHTMLElement('', '', array('title' => LangLoader::get_message('delete', 'common'), 'onclick' => 'return false;'), 'fa fa-delete icon-disabled');
}
$user_group_color = User::get_group_color($user->get_groups(), $user->get_level(), true);
$results[] = new HTMLTableRow(array(new HTMLTableRowCell(new LinkHTMLElement(UserUrlBuilder::profile($user->get_id()), $user->get_display_name(), !empty($user_group_color) ? array('style' => 'color: ' . $user_group_color) : array(), UserService::get_level_class($user->get_level()))), new HTMLTableRowCell(UserService::get_level_lang($user->get_level())), new HTMLTableRowCell(new LinkHTMLElement('mailto:' . $user->get_email(), $this->lang['email'], array(), 'basic-button smaller')), new HTMLTableRowCell(Date::to_format($row['registration_date'], Date::FORMAT_DAY_MONTH_YEAR)), new HTMLTableRowCell(!empty($row['last_connection_date']) ? Date::to_format($row['last_connection_date'], Date::FORMAT_DAY_MONTH_YEAR) : LangLoader::get_message('never', 'main')), new HTMLTableRowCell($row['approved'] ? LangLoader::get_message('yes', 'common') : LangLoader::get_message('no', 'common')), new HTMLTableRowCell($edit_link->display() . $delete_link->display())));
}
$table->set_rows($table_model->get_number_of_matching_rows(), $results);
$this->view->put_all(array('FORM' => $this->build_form()->display(), 'table' => $table->display()));
}
function test_get_by_email()
{
//just to check and get
$user = new User();
$rand = md5(rand());
$user->username = '******' . $rand;
$user->fullname = 'This is the name';
$user->email = "{$rand}@email.com";
$user->save();
$user_g = User::by_email($user->email);
$this->assertNotNull($user_g);
$this->assertEqual($user_g->username, $user->username);
$this->assertEqual($user_g->email, $user->email);
$this->assertEqual($user_g->fullname, $user->fullname);
$this->assertEqual($user_g->get_id(), $user->get_id());
}
/**
* 根據已經讀過的標註數量來排序
*
* @author Pudding 20131224
* @param User $user 使用者
* @param Int $page 頁數,預設0
* @param Int $limit 單頁顯示數量
* @return array|Webpage
*/
public function get_all_webpages_order_by_read($user = NULL, $page = 0, $limit = 10)
{
if (isset($user) === FALSE) {
//return array();
return $this->get_all_webpages($limit);
}
$user_id = $user->get_id();
$output = array();
$webpage = new Webpage();
$offset = $page * $limit;
$query = $webpage->CI->db->query("\nSELECT webpage.webpage_id, MAX(log_timestamp) AS last_webpage\nFROM webpage LEFT JOIN log ON (webpage.webpage_id = log.webpage_id AND user_id = '" . $user_id . "' AND (action = '16' OR action = '40'))\nGROUP BY webpage.webpage_id\nORDER BY last_webpage\nLIMIT " . $limit . "\nOFFSET " . $offset);
foreach ($query->result_array() as $row) {
$id = intval($row['webpage_id']);
$obj = new Webpage($id);
array_push($output, $obj);
}
return $output;
}
<?php
/**
* Classified-ads-script
*
* Admin area
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Admin
*/
include "./include/common.php";
if (!User::is_logged_in() || User::get_id() != 1 || !User::exists(1)) {
header('Location: index.php');
exit;
}
$g_id = 1;
$user = User::get_one($g_id);
$exists = 1;
if ($exists) {
$p_name = $user['name'];
$p_username = $user['username'];
$p_email = $user['email'];
$p_telephone = $user['telephone'];
$p_city = $user['city'];
$p_region = $user['region'];
$p_category = $user['category'];
$p_webpage = $user['webpage'];
}
if (isset($_POST['reset'])) {
unset($_POST);
require_once 'User.php';
/* If access tokens are not available redirect to connect page. */
if (empty($_SESSION['access_token']) || empty($_SESSION['access_token']['oauth_token']) || empty($_SESSION['access_token']['oauth_token_secret'])) {
header('Location: clearsession.php');
}
/* Get user access tokens out of the session. */
$access_token = $_SESSION['access_token'];
/* Create a TwitterOauth object with consumer/user tokens. */
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['oauth_token'], $access_token['oauth_token_secret']);
/* If method is set change API call made. Test is called by default. */
$user = new User($connection->get('account/verify_credentials'));
$con = mysqli_connect($host, $username, $password, $dbName);
if (mysqli_connect_errno($con)) {
header('Location: DBError.html');
}
$rs = mysqli_query($con, "select id from user where id='" . $user->get_id() . "'");
if ($rs = mysqli_fetch_array($rs)) {
mysqli_query($con, "update user\r\n set id = '" . $user->get_id() . "',\r\n screen_name = '" . $user->get_screen_name() . "',\r\n name = '" . $user->get_name() . "',\r\n profile_image_url = '" . $user->get_profile_image_url() . "',\r\n profile_background_image_url = '" . $user->get_profile_background_image_url() . "',\r\n profile_sidebar_fill_color = '" . $user->get_profile_sidebar_fill_color() . "',\r\n profile_background_color = '" . $user->get_profile_background_color() . "',\r\n profile_link_color = '" . $user->get_profile_link_color() . "'\r\n where id = '" . $user->get_id() . "'");
} else {
mysqli_query($con, "insert into user values (\r\n '" . $user->get_id() . "',\r\n '" . $user->get_screen_name() . "',\r\n '" . $user->get_name() . "',\r\n '" . $user->get_profile_image_url() . "',\r\n '" . $user->get_profile_background_image_url() . "',\r\n '" . $user->get_profile_sidebar_fill_color() . "',\r\n '" . $user->get_profile_background_color() . "',\r\n '" . $user->get_profile_link_color() . "')");
}
mysqli_close($con);
$_SESSION['user'] = $user->get_id();
?>
<!DOCTYPE html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9"> <![endif]-->
<!--[if gt IE 8]><!-->
<html class="no-js"> <!--<![endif]-->
<head>
<?php
/**
* Classified-ads-script
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Frontend
*/
include "./admin/include/common.php";
include "Pager/Pager.php";
$g_id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
$exists = Ad::exists($g_id, array("active " => 1));
if ($exists) {
$ad = Ad::get_one($g_id);
$is_favourite = Favourite::exists(User::get_id(), $ad['id']);
$reviews = AdReview::get_all(array('ad_id' => $g_id));
}
include "./templates/ad.php";
public function updateUser_withoutpass(User $user)
{
$where = "KD_USER = "******"") {
$data = array('NIP_USER' => $user->get_nip(), 'NM_USER' => $user->get_nmUser(), 'AKSES_USER' => $user->get_akses());
} else {
$data = array('NIP_USER' => $user->get_nip(), 'NM_USER' => $user->get_nmUser(), 'AKSES_USER' => $user->get_akses(), 'FOTO_USER' => $user->get_foto());
}
$this->_db->update($this->_table, $data, $where);
}
<?php
/**
* Classified-ads-script
*
* Admin area
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Admin
*/
include "./include/common.php";
include "./include/thumb.php";
$g_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
if (!User::is_logged_in() || User::get_id() != 1 || $g_id < 2) {
header('Location: index.php');
exit;
}
$exists = User::exists($g_id);
if (!$exists) {
$success = false;
$errors = array_push($errors, $current_group_page['name'] . " not exist.");
} else {
$user = User::get_one($g_id);
}
if ($exists) {
$p_name = $user['name'];
$p_username = $user['username'];
$p_email = $user['email'];
$p_telephone = $user['telephone'];
$p_city = $user['city'];
$rs = mysqli_query($con,"select * from user where id='".$id."'");
if($rs = mysqli_fetch_array($rs)) {
$user = new User($rs);
} else {
header('Location: ../DBError.html');
}
/* Create a TwitterOauth object with consumer/user tokens. */
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['oauth_token'], $access_token['oauth_token_secret']);
$tweets = $connection->get("statuses/home_timeline",array("count"=>10,"exclude_replies"=>true,"include_entities"=>false));
mysqli_query($con, "delete from tweet where user_id='' or user_id = '".$user->get_id()."'");
if(count($tweets)!=0 && is_array($tweets)) {
foreach ($tweets as $tweet) {
$user->set_tweets(new Tweet($tweet->id_str, $tweet->text, $tweet->user->screen_name, $tweet->user->profile_image_url, $tweet->created_at));
mysqli_query($con, "insert into tweet values (
'".$tweet->id_str."',
'".addslashes($tweet->text)."',
'".$tweet->user->screen_name."',
'".$tweet->user->profile_image_url."',
'".$tweet->created_at."',
'".$user->get_id()."')") or die(mysqli_error($con));
}
}
mysqli_close($con);
/**
* 取得我在班上的名次(以標註數量計算)
*
* @param Webpage $webpage
* @param User $user
* @return Int ranking
* @author Wyfan 20141211
*/
public function get_user_annotation_count_ranking($user, $webpage)
{
$webpage_id = $webpage->get_id();
$user_id = $user->get_id();
//-------------------------------------
$this->db->from('user_annotation_count_ranking');
$this->db->select('rank');
$this->db->where('webpage_id', $webpage_id);
$this->db->where('user_id', $user_id);
//---------------------------------------
$query = $this->db->get();
//$user_annotation_count_rank = array();
$user_annotation_count_rank = 0;
if ($query->num_rows() > 0) {
$row = $query->row();
$user_annotation_count_rank = $row->rank;
}
//var_dump($row);
return $user_annotation_count_rank;
}
exit;
}
}
}
if (isset($_GET['logout'])) {
session_destroy();
header('Location: index.php');
exit;
}
include "page-header.php";
?>
<div id="wrapper">
<?php
if (!(User::is_logged_in() || User::get_id() == 1)) {
?>
<form name="form_login" id="form_login" method="post" enctype='application/x-www-form-urlencoded' accept-charset="UTF-8" class="form">
<h2>Login</h2>
<br />
<?php
if (isset($success) && !$success) {
print "<ul class='errors'>";
foreach ($errors as $err) {
print "<li>{$err}</li>";
}
print "</ul>";
* @package Frontend
*/
include "./admin/include/common.php";
$r_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
$exists = Ad::exists($r_id, array("active" => 1));
if ($exists) {
$ad = Ad::get_one($r_id);
if (isset($_POST['send']) && User::is_logged_in()) {
$success = true;
$errors = array();
$p_rate = isset($_POST['rate']) ? (int) $_POST['rate'] : 0;
$p_comment = strip_tags($_POST['comment']);
if (AdReview::exists($r_id, User::get_id())) {
$success = false;
array_push($errors, "You have already reviewed this ad.");
} else {
if ($p_rate < 1 || $p_rate > 5) {
$success = false;
array_push($errors, "Please provide a valid rate.");
}
if ($p_comment != '' && !preg_match('/^[\\s\\S]{0,200}$/u', $p_comment)) {
$success = false;
array_push($errors, "The comment must be no more than 200 character long.");
}
if ($success) {
AdReview::create(array('ad_id' => $r_id, 'user_id' => User::get_id(), 'rate' => $p_rate, 'comment' => $p_comment));
}
}
}
}
include "./templates/ad-review.php";
include_once 'lib/db/UserInfoDB.class.php';
/**
* Templates for output
*/
include_once 'templates/userinfo.template.php';
$user = new User($_GET['user']);
$t = new Template(translate('User Info') . ' ' . $user->get_name());
$t->printHTMLHeader();
// Print HTML header
// Make sure this is the admin
if (!Auth::isAdmin()) {
CmnFns::do_error_box(translate('This is only accessable to the administrator') . '<br />' . '<a href="ctrlpnl.php">' . translate('Back to My Control Panel') . '</a>');
}
if (!$user->is_valid()) {
// Make sure member ID is valid
CmnFns::do_error_box(translate('Memberid is not available.', array($user->get_id())));
}
$db = new UserInfoDB();
$prev = $db->get_prev_userid($user);
// Prev memberid
$next = $db->get_next_userid($user);
// Next memberid
$t->startMain();
// Start main table
printUI($user);
// Print user info
printLinks($prev, $next);
// Print links
$t->endMain();
// End main table
$t->printHTMLFooter();
$con = mysqli_connect($host,$username,$password,$dbName);
if(mysqli_connect_errno($con)) {
header('Location: ../DBError.html');
}
$rs = mysqli_query($con,"select * from user where id='".$id."'");
if($rs = mysqli_fetch_array($rs)) {
$user = new User($rs);
} else {
header('Location: ../DBError.html');
}
/* Create a TwitterOauth object with consumer/user tokens. */
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $access_token['oauth_token'], $access_token['oauth_token_secret']);
$followers = $connection->get("followers/list",array("user_id"=>$user->get_id(),"skip_status "=>true,"include_user_entities ",false));
$data = array();
foreach ($followers->users as $follower) {
$rs = mysqli_query($con,"select id from user where id='".$follower->id_str."'");
if($rs = mysqli_fetch_array($rs)) {
mysqli_query($con, "update user
set id = '".$follower->id_str."',
screen_name = '".$follower->screen_name."',
name = '".$follower->name."',
profile_image_url = '".$follower->profile_image_url."',
profile_background_image_url = '".$follower->profile_background_image_url."',
<link rel='stylesheet' href='css/custom.css' type='text/css' media='screen' />
<link rel='stylesheet' href='css/form_ad.css' type='text/css' media='screen' />
<link rel='stylesheet' href='css/form_static.css' type='text/css' media='screen' />
</head>
<body>
<div id="container">
<div id="top">
<h1>Classified Ad Admin</h1>
<?php
if (User::is_logged_in() && User::get_id() == 1) {
?>
<span class="form">Welcome: <a href="setting-profile.php"><?php
print User::get_username();
?>
</a> | <a href='index.php?logout'>Logout</a></span>
<?php
}
?>
</div>
<br />
function findUser($userid)
{
$found_user = false;
if (!empty($userid)) {
$user = new User($userid);
if ($user != null) {
$userid = $user->get_id();
$fname = $user->get_fname();
$lname = $user->get_lname();
$email_address = $user->get_email();
$found_user = true;
} else {
$found_user = false;
}
}
return $found_user;
}
$success = false;
array_push($errors, "You should agree with the Terms and Conditions.");
}
if ($success) {
$ipaddr = $_SERVER['REMOTE_ADDR'];
if (UserBanned::exists(0, array(), "(email='{$p_email}' OR ipaddr='{$ipaddr}')")) {
$last = 666666;
} else {
$postedon = date("Y-m-d H:i:s", time());
$expiry = date("Y-m-d", time() + $p_expiry * 24 * 60 * 60);
$code = md5(uniqid(rand(), true));
if (User::is_logged_in()) {
$p_name = User::get_name();
$p_email = User::get_email();
}
$last = Ad::create(array('user_id' => User::get_id(), 'name' => $p_name, 'email' => $p_email, 'telephone' => $p_telephone, 'title' => $p_title, 'description' => $p_description, 'picture' => $p_picture, 'category' => $p_category, 'price' => $p_price, 'city' => $p_city, 'region' => $p_region, 'expiry' => $expiry, 'webpage' => $p_webpage, 'code' => $code, 'ipaddr' => $ipaddr, 'postedon' => $postedon, 'lastmodified' => $postedon));
if (User::is_logged_in()) {
Ad::activate($last);
} else {
if (!($user_exists = User::exists(0, array('email' => $p_email)))) {
$p_em = explode('@', $p_email);
$username = substr($p_em[0], 0, 6);
$active = 0;
$createdon = date("Y-m-d H:i:s", time());
$password = substr($code, 0, 6);
$userid = User::create(array('email' => $p_email, 'username' => $username, 'password' => $password, 'name' => $p_name, 'active' => $active, 'createdon' => $createdon, 'ipaddr' => $ipaddr, 'code' => $code));
$registration_message = StaticContent::get_content('user-registration-email');
eval("\$registration_message = \"{$registration_message}\";");
} else {
$user = User::get_one(0, array('email' => $p_email));
$username = $user['username'];
$data = $user->get_user_data();
$data['emailaddress'] = $data['email'];
// Needed to be the same as the form
} else {
$data = CmnFns::cleanPostVals();
}
if (isset($_POST['register'])) {
// New registration
$data['lang'] = determine_language();
$adminCreated = Auth::is_logged_in() && Auth::isAdmin();
$msg = $auth->do_register_user($data, $adminCreated);
$show_form = false;
} else {
if (isset($_POST['update'])) {
// Update registration
$adminUpdate = $curUser->get_id() != $id && (Auth::isAdmin() || $curUser->is_group_admin(array($id)));
$msg = $auth->do_edit_user($data, $adminUpdate);
$show_form = false;
}
}
// Print HTML headers
$t->printHTMLHeader();
$t->set_title($edit ? translate('Modify My Profile') : translate('Register'));
// Print the welcome banner if they are logged in
if ($edit || !(bool) $conf['app']['allowSelfRegistration']) {
$t->printWelcome();
}
// Begin main table
$t->startMain();
$t->startNavLinkTable();
$t->showNavLinksTable(Auth::isAdmin());
'legend'=>'Please correct the following errors',
'body'=>$body
);
array_unshift($panels,$panel);
endif;
endif;
endif;
endif;
endif;
?>
<div id="middle">
<?include('./templates/parts/panels.php')?>
<?php
if (User::is_logged_in() && User::get_id() != $user['id']) {
include './templates/forms/user-review-form.php';
}
?>
<br />
</div>
<?include ('./templates/layout/page-right.php')?>
<?include ('./templates/layout/page-footer.php')?>
public function create_notification(User $association_actor, KALS_resource $resource, KALS_actor $actor = NULL)
{
$data = array('association_user_id' => $association_actor->get_id(), 'trigger_resource_type_id' => $resource->get_type_id(), 'trigger_resource_id' => $resource->get_id());
if (isset($actor)) {
$data['trigger_actor_type_id'] = $actor->get_type_id();
$data['trigger_actor_id'] = $actor->get_id();
}
if (!isset($data['association_user_id']) && $resource->get_type_id() == 3) {
$data['association_user_id'] = $resource->get_field('user_id');
}
$data['notification_type_id'] = $this->get_type_id();
$notification = $this->create($data);
return $notification;
}
*/
include "./admin/include/common.php";
if (!User::is_logged_in()) {
header('Location: index.php');
}
if (isset($_POST['change'])) {
$p_old_password = trim(strip_tags($_POST['old_password']));
$p_new_password = trim(strip_tags($_POST['new_password']));
$success = true;
$errors = array();
if ($p_old_password == '') {
$success = false;
array_push($errors, "Please enter your current password.");
}
if ($success && $p_old_password != User::get_password()) {
$success = false;
array_push($errors, "Incorrect current password.");
}
if ($p_new_password == '') {
$success = false;
array_push($errors, "Please enter your new password.");
}
if ($p_new_password != '' && !preg_match('/^[\\s\\S]{3,10}$/u', $p_new_password)) {
$success = false;
array_push($errors, "The new password has to be 3-10 character.");
}
if ($success) {
User::update(User::get_id(), array('password' => $p_new_password));
}
}
include "./templates/user-new-password.php";
/**
* 將使用者資訊轉換成JSON
* @param User $user
* @param Boolean $embed_login
* @return Array
*/
private function _parse_user_output($user, $embed_login)
{
$webpage = get_context_webpage();
$this->load->library("kals_actor/User_statistic", "user_statistic");
$this->load->library("kals_actor/User_statistic", "user_statistic");
$this->user_statistic = new User_statistic();
$output = array();
//$output["webpage_id"] = get_context_webpage()->get_id();
$output['login'] = TRUE;
$output['embed_login'] = $embed_login;
$output['user'] = array('email' => $user->get_field('email'), 'name' => $user->get_field('name'), 'id' => $user->get_id(), 'has_photo' => $user->has_photo(), 'locale' => $user->get_locale(), 'sex' => $user->get_sex());
$user_params = $this->user_statistic->get_init_user_params($user, $webpage);
foreach ($user_params as $key => $value) {
$output['user'][$key] = $value;
}
$user_params = $this->user_statistic->get_user_params($user, $webpage);
foreach ($user_params as $key => $value) {
$output['user'][$key] = $value;
}
//將使用者寫入Context當中
set_context_user($user);
$output = $this->_get_login_policy_output($output);
require_once 'annotation_getter.php';
$annotation_getter = new annotation_getter();
$my_annotation = $annotation_getter->my();
if (count($my_annotation['basic']) > 0) {
$output['policy']['my_basic'] = $my_annotation['basic'];
}
if (count($my_annotation['custom']) > 0) {
$output['policy']['my_custom'] = $my_annotation['custom'];
}
// 設定的位置是在 KALS_CONFIG.js 喔
$nav_type = $GLOBALS['context']->get_anchor_navigation_type();
//$nav_type = "original";
if ($nav_type === "original") {
$other_annotation = $annotation_getter->other();
if (count($other_annotation['basic']) > 0) {
$output['policy']['other_basic'] = $other_annotation['basic'];
}
if (count($other_annotation['custom']) > 0) {
$output['policy']['other_custom'] = $other_annotation['custom'];
}
}
//$mobile_redirect = $this->session->flashdata("mobile_redirect");
$mobile_redirect = $this->session->userdata("mobile_redirect");
//$mobile_redirect = "http://localhost/kals/mobile_apps/annotation_thread/topic_id/15651#annotation_15661";
//test_msg("mobile_redirect", $mobile_redirect);
if ($mobile_redirect !== FALSE) {
$output['mobile_redirect'] = $mobile_redirect;
$this->session->unset_userdata("mobile_redirect");
//context_complete();
}
return $output;
}
//allow access to API
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: user, password');
//use files
require_once 'classes/user.php';
require_once 'classes/generatetoken.php';
//read headers
$headers = getallheaders();
//check if headers were received
if (isset($headers['user']) & isset($headers['password'])) {
try {
//create object
$u = new User($headers['user'], $headers['password']);
//display json
echo '{ "status" : 0,
"user" : "' . $u->get_id() . '",
"name" : "' . $u->get_name() . '",
"token" : "' . generate_token($u->get_id()) . '"
}';
} catch (RecordNotFoundException $ex) {
echo '{ "status" : 1, "errorMessage" : "' . $ex->get_message() . '" }';
}
} else {
echo '{ "status" : 2, "errorMessage" : "Invalid Headers" }';
}
?>
/**
* Logs the user in
* @param string $uname username
* @param string $pass password
* @param string $cookieVal y or n if we are using cookie
* @param string $isCookie id value of user stored in the cookie
* @param string $resume page to forward the user to after a login
* @param string $lang language code to set
* @return any error message that occured during login
*/
function doLogin($uname, $pass, $cookieVal = null, $isCookie = false, $resume = '', $lang = '')
{
global $conf;
$msg = '';
if (empty($resume)) {
$resume = 'ctrlpnl.php';
}
// Go to control panel by default
$_SESSION['sessionID'] = null;
$_SESSION['sessionName'] = null;
$_SESSION['sessionAdmin'] = null;
$_SESSION['hourOffset'] = null;
$uname = stripslashes($uname);
$pass = stripslashes($pass);
$ok_user = $ok_pass = false;
$use_logonname = (bool) $conf['app']['useLogonName'];
$adminemail = strtolower($conf['app']['adminEmail']);
if ($isCookie !== false) {
// Cookie is set
$cookieValue = $isCookie;
if (($id = $this->verifyCookie($cookieValue)) !== false) {
$ok_user = $ok_pass = true;
} else {
$ok_user = $ok_pass = false;
setcookie('ID', '', time() - 3600, '/');
// Clear out all cookies
$msg .= translate('That cookie seems to be invalid') . '<br/>';
}
} else {
if ($conf['ldap']['authentication']) {
// Include LDAPEngine class
include_once 'LDAPEngine.class.php';
$ldap = new LDAPEngine($uname, $pass);
if ($ldap->connected()) {
$mail = $ldap->getUserEmail();
if ($mail) {
$id = $this->db->userExists($mail);
if ($id) {
// check if LDAP and local DB are in consistancy.
$updates = $ldap->getUserData();
if ($this->db->check_updates($id, $updates)) {
$this->db->update_user($id, $updates);
}
} else {
$data = $ldap->getUserData();
$id = $this->do_register_user($data, false);
}
$ok_user = true;
$ok_pass = true;
} else {
$msg .= translate('This system requires that you have an email address.');
}
} else {
$msg .= translate('Invalid User Name/Password.');
}
$ldap->disconnect();
} else {
// If we cant find email, set message and flag
if (!($id = $this->db->userExists($uname, $use_logonname))) {
$msg .= translate('We could not find that logon in our database.') . '<br/>';
$ok_user = false;
} else {
$ok_user = true;
}
// If password is incorrect, set message and flag
if ($ok_user && !$this->db->isPassword($uname, $pass, $use_logonname)) {
$msg .= translate('That password did not match the one in our database.') . '<br/>';
$ok_pass = false;
} else {
$ok_pass = true;
}
}
}
// If the login failed, notify the user and quit the app
if (!$ok_user || !$ok_pass) {
$msg .= translate('You can try');
return $msg;
} else {
$this->is_loggedin = true;
$user = new User($id);
// Get user info
// If the user wants to set a cookie, set it
// for their ID and fname. Expires in 30 days (2592000 seconds)
if (!empty($cookieVal)) {
//die ('Setting cookie');
setcookie('ID', $this->generateCookie($user->get_id()), time() + 2592000, '/');
}
// If it is the admin, set session variable
if ($user->get_email() == $adminemail || $user->get_isadmin()) {
$_SESSION['sessionAdmin'] = $user->get_email();
}
// Set other session variables
$_SESSION['sessionID'] = $user->get_id();
$_SESSION['sessionName'] = $user->get_fname();
$_SESSION['hourOffset'] = $user->get_timezone() - $conf['app']['timezone'];
if ($lang != '') {
set_language($lang);
if ($lang != $user->get_lang()) {
$user->set_lang($lang);
// Language changed so update the DB
}
}
// Send them to the control panel
CmnFns::redirect(urldecode($resume));
}
}
exit;
}
if ($route->controller == 'input' && $route->action == 'bulk') {
$route->format = 'json';
} else {
if ($route->controller == 'input' && $route->action == 'post') {
$route->format = 'json';
}
}
// 6) Load the main page controller
$output = controller($route->controller);
// If no controller of this name - then try username
// need to actually test if there isnt a controller rather than if no content
// is returned from the controller.
if ($output['content'] == "#UNDEFINED#" && $public_profile_enabled && $route->controller != 'admin') {
$userid = $user->get_id($route->controller);
if ($userid) {
$route->subaction = $route->action;
$session['userid'] = $userid;
$session['username'] = $route->controller;
$session['read'] = 1;
$session['profile'] = 1;
$route->controller = $public_profile_controller;
$route->action = $public_profile_action;
$output = controller($route->controller);
}
}
// If no controller found or nothing is returned, give friendly error
if ($output['content'] === "#UNDEFINED#") {
header($_SERVER["SERVER_PROTOCOL"] . " 406 Not Acceptable");
$output['content'] = "URI not acceptable. No controller '" . $route->controller . "'. (" . $route->action . "/" . $route->subaction . ")";
public function exists_user(User $user)
{
$existed = FALSE;
foreach ($this as $annotation) {
if ($annotation->get_user()->get_id() == $user->get_id()) {
$existed = TRUE;
break;
}
}
return $existed;
}
<?php
/**
* Classified-ads-script
*
* Admin area
*
* @copyright Copyright (c) Szilard Szabo
* @license GPL v3
* @package Admin
*/
include "./include/common.php";
include "Pager/Pager.php";
if (!User::is_logged_in() || User::get_id() != 1) {
header('Location: index.php');
exit;
}
if (isset($_GET['d'])) {
$d = (int) $_GET['d'];
AdReview::delete($d);
}
$tct = AdReview::count();
//total count
$rpp = 10;
//row per page
$pager_options = array('mode' => 'Sliding', 'perPage' => $rpp, 'delta' => 2, 'totalItems' => $tct, 'excludeVars' => array('o', 'r', 'd', 't', 'e'));
$pager = @Pager::factory($pager_options);
list($from, $to) = $pager->getOffsetByPageId();
$reviews = AdReview::get_all(array(), '', $from - 1 . ", {$rpp}");
include "page-header.php";
?>
public static function update_punishment(User $user)
{
self::$querier->update(DB_TABLE_MEMBER, array('warning_percentage' => $user->get_warning_percentage(), 'delay_readonly' => $user->get_delay_readonly(), 'delay_banned' => $user->get_delay_banned()), 'WHERE user_id=:user_id', array('user_id' => $user->get_id()));
}
