public function action_do() { if (count($_POST) && isset($_POST['username']) && isset($_POST['password'])) { Session::instance(); $post = new Validation($_POST); $post->filter('trim'); $post->filter('strtolower', 'username'); // Usename should always be lower case $post_values = $post->as_array(); $user = new User(FALSE, $post_values['username'], $post_values['password']); if ($user->logged_in() && $user->get_user_data('role') && array_intersect($user->get_role(), User::get_roles())) { // The user logged in correctly, and got the role "admin". All good $this->redirect('/admin'); } elseif (!$user->logged_in()) { $_SESSION['modules']['pajas']['error'] = 'Wrong username or password'; } elseif (!$user->get_user_data('role') || !in_array('admin', $user->get_user_data('role'))) { $_SESSION['modules']['pajas']['error'] = 'You are not authorized'; } else { $_SESSION['modules']['pajas']['error'] = 'Unknown error'; } } $this->redirect(); }
/** * Shows edit the logged user profile view * * @return mixed View|Recirect */ public function get_editprofile() { $id = Auth::user()->id; $user = User::find($id); if (!$user) { return Redirect::to_action('gotin::users'); } $roles = User::get_roles($user); // @todo - avoid passing default values to a view (flash) return View::make('gotin::editprofile', array('flash' => $this->flash, 'data' => $user, 'roles' => $roles, 'user_id' => 'profile', 'active' => 'users', 'b_links' => array('My Profile'))); }
/** * Render the page - this is ran automaticly * * @return Boolean */ public function render() { /** * Must be a logged in user with admin role to access the admin pages */ $user = User::instance(); if ((!$user->logged_in() || !array_intersect($user->get_role(), User::get_roles())) && $this->request->controller() != 'login') { $this->redirect('admin/login'); } if ($this->transform === TRUE || $this->transform === FALSE || $this->transform == 'auto') { $this->dom->insertBefore($this->dom->createProcessingInstruction('xml-stylesheet', 'type="text/xsl" href="' . $this->xslt_path . $this->xslt_stylesheet . '.xsl"'), $this->xml); // If the stylesheet name includes an additional path, we need to extract it $extra_xslt_path = ''; $extra_path_parts = explode('/', $this->xslt_stylesheet); foreach ($extra_path_parts as $nr => $extra_path_part) { if ($nr < count($extra_path_parts) - 1) { $extra_xslt_path .= $extra_path_part . '/'; } } // See if we have a user agent that triggers the server side HTML generation $user_agent_trigger = FALSE; foreach (Kohana::$config->load('xslt.user_agents') as $user_agent) { if (strpos($_SERVER['HTTP_USER_AGENT'], $user_agent)) { $user_agent_trigger = TRUE; } } if ($this->transform === TRUE || $this->transform == 'auto' && $user_agent_trigger == TRUE) { $xslt = new DOMDocument(); if (file_exists(getenv('DOCUMENT_ROOT') . $this->xslt_path . $this->xslt_stylesheet . '.xsl')) { // If the stylesheet exists in the specified path, load it directly $xslt->load(getenv('DOCUMENT_ROOT') . $this->xslt_path . $this->xslt_stylesheet . '.xsl'); } else { // Else make a search for it // We need to load all theme modules foreach (scandir(MODPATH) as $modulePath) { if (substr($modulePath, 0, 5) == 'theme') { Kohana::modules(array($modulePath => MODPATH . $modulePath) + Kohana::modules()); } } $xslt->load(Kohana::find_file(rtrim(preg_replace('/^' . str_replace('/', '\\/', Kohana::$base_url) . '/', '', $this->xslt_path), '/'), $this->xslt_stylesheet, 'xsl')); } // We need to update paths to included XSL elements $XPath = new DOMXPath($xslt); $include_nodes = $XPath->query('//xsl:include'); foreach ($include_nodes as $include_node) { foreach ($include_node->attributes as $attribute_node) { $new_filename = Kohana::find_file(rtrim(preg_replace('/^' . str_replace('/', '\\/', Kohana::$base_url) . '/', '', $this->xslt_path . $extra_xslt_path), '/'), substr($attribute_node->nodeValue, 0, strlen($attribute_node->nodeValue) - 4), 'xsl'); $include_node->removeAttribute('href'); $include_node->setAttribute('href', $new_filename); } } // Done updating paths $proc = new xsltprocessor(); $proc->importStyleSheet($xslt); echo $proc->transformToXML($this->dom); } else { $this->response->headers('Content-Type', 'application/xml; encoding=' . Kohana::$charset . ';'); echo $this->dom->saveXML(); } } elseif ($this->transform == 'XML') { $this->response->headers('Content-Type', 'application/xml; encoding=' . Kohana::$charset . ';'); echo $this->dom->saveXML(); } elseif ($this->transform == 'JSON') { $this->response->headers('Content-type: application/json; encoding=' . Kohana::$charset . ';'); echo json_encode(new SimpleXMLElement($this->dom->saveXML(), LIBXML_NOCDATA)); } return TRUE; }