Beispiel #1
0
 public function __construct(HotelInterface $hotel, TaxInterface $tax, CountryInterface $country)
 {
     $this->hotel = $hotel;
     $this->tax = $tax;
     $this->country = $country;
     authorize('manage_hotels');
 }
Beispiel #2
0
 public function __construct(RoomInterface $room, TaxInterface $tax, HotelInterface $hotel)
 {
     $this->room = $room;
     $this->roomtype = $tax;
     $this->hotel = $hotel;
     authorize('manage_rooms');
 }
Beispiel #3
0
function request_token($tmhOAuth)
{
    $code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), array('oauth_callback' => tmhUtilities::php_self()));
    if ($code == 200) {
        $_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
        authorize($tmhOAuth);
    } else {
        outputError($tmhOAuth);
    }
}
Beispiel #4
0
 public function massdel(Request $request)
 {
     authorize('delete_users');
     try {
         $this->user->massdel($request);
         return redirect()->back()->with('Mess', 'Đã xóa!');
     } catch (NullException $e) {
         return redirect()->back()->with('errorMess', $e->getErrors());
     }
 }
Beispiel #5
0
function createAccount($email, $name)
{
    $query = "INSERT INTO accounts (`email`, `fullname`) VALUES (" . sqlSafe($email) . ", " . sqlSafe($name) . ")";
    if (writeQuery($query)) {
        authorize($email);
        return true;
    } else {
        var_dump(getSQLerrors());
        return false;
    }
}
Beispiel #6
0
 public function store(Request $request)
 {
     authorize('create_services');
     DB::beginTransaction();
     try {
         $this->services->create($request);
         DB::commit();
         return redirect()->route('admin.services.index')->with('Mess', 'Thêm thành công');
     } catch (ValidateException $e) {
         DB::rollBack();
         return redirect()->back()->withInput()->withErrors($e->getError());
     }
 }
Beispiel #7
0
 public function massdel(Request $request)
 {
     authorize('delete_tags');
     DB::beginTransaction();
     try {
         $this->tag->massdel($request);
         DB::commit();
         return redirect()->back()->with('Mess', 'Đã xóa!');
     } catch (ExcuteNullException $e) {
         DB::rollBack();
         return redirect()->back()->with('errorMess', $e->getErrors());
     }
 }
Beispiel #8
0
function request_token($tmhOAuth)
{
    $code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), array('oauth_callback' => tmhUtilities::php_self()));
    if ($code == 200) {
        $_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
        if (isset($_SESSION['account']['id'])) {
            // We already have a logged in user account
            authorize($tmhOAuth);
        } else {
            authenticate($tmhOAuth);
        }
    } else {
        outputError($tmhOAuth);
    }
}
Beispiel #9
0
function source($submitid)
{
    global $is_admin;
    global $mysqli_;
    if (1 != $is_admin) {
        authorize();
    }
    // параметры
    if (!isset($submitid)) {
        fail(_error_no_submit_id_code);
    }
    // читаем данные
    $query = $mysqli_->prepare('select S.source, S.contestid, S.userid, U.nickname, L.desc, S.submittime, S.message from ((select Si.contestId, Si.userid, Si.langId, Si.source, Si.submittime, Si.message from `submit` Si where Si.submitID=?) S inner join `user` U on S.userid=U.id) inner join Lang L on S.langId=L.langId');
    $query->bind_param('i', $submitid);
    $query->bind_result($source, $contestid, $userid, $nickname, $language, $submitdate, $submitmessage);
    if (!$query->execute()) {
        fail(_error_mysql_query_error_code);
    }
    // auto-close of query
    $query->store_result();
    if (0 == $query->num_rows) {
        fail(_error_no_submit_found_code);
    }
    // auto-close of quert
    $query->fetch();
    if ('' == $source) {
        fail(_error_submit_source_is_empty_code);
    }
    // auto-close of query
    $query->close();
    // конец считывания данных
    data('source', $source);
    data('submitid', $submitid);
    data('contestid', $contestid);
    data('nickname', $nickname);
    data('userid', $userid);
    data('language', $language);
    data('submitdate', $submitdate);
    data('submitmessage', $submitmessage);
    data('top', isset($_GET['top']) ? $_GET['top'] : -1);
    data('topuserid', isset($_GET['userid']) ? $_GET['userid'] : -1);
}
Beispiel #10
0
function set_access($allModules, $userRights)
{
    $data = array();
    for ($i = 0, $c = count($allModules); $i < $c; $i++) {
        $row = array();
        for ($j = 0, $c2 = count($userRights); $j < $c2; $j++) {
            if ($userRights[$j]["rr_modulecode"] == $allModules[$i]["mod_modulecode"]) {
                if (authorize($userRights[$j]["rr_create"]) || authorize($userRights[$j]["rr_edit"]) || authorize($userRights[$j]["rr_delete"]) || authorize($userRights[$j]["rr_view"])) {
                    $row["menu"] = $allModules[$i]["mod_modulegroupcode"];
                    $row["menu_name"] = $allModules[$i]["mod_modulename"];
                    $row["page_name"] = $allModules[$i]["mod_modulepagename"];
                    $row["create"] = $userRights[$j]["rr_create"];
                    $row["edit"] = $userRights[$j]["rr_edit"];
                    $row["delete"] = $userRights[$j]["rr_delete"];
                    $row["view"] = $userRights[$j]["rr_view"];
                    $data[$allModules[$i]["mod_modulegroupcode"]][$userRights[$j]["rr_modulecode"]] = $row;
                    $data[$allModules[$i]["mod_modulegroupcode"]]["top_menu_name"] = $allModules[$i]["mod_modulegroupname"];
                }
            }
        }
    }
    return $data;
}
Beispiel #11
0
function task_data($db_id)
{
    global $dv_conf;
    $dd = get_dd($db_id);
    if (!authorize($dd)) {
        print '<br /><p class="error">Sorry, you are not authorized to view this page.</p>';
        return;
    }
    $filter = strtolower(Request::getVar('type', 'json'));
    $file = JPATH_COMPONENT . DS . "filter/{$filter}.php";
    if (file_exists($file)) {
        require_once $file;
    }
    if ($dd) {
        $link = get_db();
        $sql = query_gen($dd);
        $res = get_results($sql, $dd);
        print filter($res, $dd);
        exit(0);
    } else {
        print print "<p class=\"error\">Invalid Request</p>";
        exit(1);
    }
}
Beispiel #12
0
<?
// управление заказчиками

include_once $GLOBALS["DOCUMENT_ROOT"]."/lib/sql.php";
authorize(); // вызов авторизации


if (isset($edit) || isset($add) ) {
	if (!isset($accept)) {
		if ($edit) {
			$sql = "SELECT * FROM customers WHERE id='".$edit."'";
			$res = mysql_query($sql);
			$rs=mysql_fetch_array($res);
		}
		echo "<form method=post id=editform action='http://".$_SERVER['HTTP_HOST'].$GLOBALS["PHP_SELF"]."'>";
		echo "<input type='hidden' value='".(isset($edit)?$edit:"0")."' name='edit'>";
		echo "<input type=hidden name=tid value=$tid>";
		if (isset($order)) echo "<input type=hidden name=order value=$order>";
		if (isset($idstr)) echo "<input type=hidden name=idstr value=$idstr>";
		if (isset($find))echo "<input type=hidden name=find value=$find>";
		if (isset($all)) echo "<input type=hidden name=all value=$all>";
		echo "<input type=hidden name=accept value='yes'>";
		echo "Краткое название (имя каталога):<input type=text name=customer size=20 value='".$rs["customer"]."'><br>";
		echo "Полное название (для теззаданий): <input type=text name=fullname size=50 value='".$rs["fullname"]."'><br>";
		echo "Каталог на диске К (для сверловок): <input type=text name=kdir size=50 value='".$rs["kdir"]."'><br>";
		echo "<input type=button value='Сохранить' onclick=\"editrecord('customers',$('#editform').serialize())\"><input type=button value='Отмена' onclick='closeedit()'>";
	} else {
		// сохрнение
		if ($edit) {
			// редактирование
			$sql = "UPDATE customers SET customer='$customer', fullname='$fullname', kdir='$kdir' WHERE id='$edit'";
Beispiel #13
0
require_once './config/require.php';
if (isset($firstattempt)) {
    authorize();
}
// попытка войти
if (isset($login) && isset($password)) {
    if (time() - $login_lastaccess < antiSpamTimeOut) {
        $header = 'Не удалось войти в систему';
        $message = 'В целях защиты от спама не разрешается делать попытки входа в систему с интервалом между ними менее ' . antiSpamTimeOut . ' секунд. Попробуйте повторить запрос позже.';
    } else {
        $q = $mysqli_->prepare('SELECT id,nickname,is_admin FROM `user` WHERE login=? AND `password`=password(?)');
        $q->bind_param('ss', $login, $password);
        $q->bind_result($curuserid, $curnickname, $is_admin);
        if ($q->execute() && $q->fetch()) {
            $authorized = 1;
            $curlogin = $login;
            $curpass = $password;
            $message = 'Вход в систему произведен успешно';
        } else {
            $message = 'Не удалось выполнить операцию сверки имени пользователя и пароля. Возможно, login или пароль введены неверно. Попробуйте повторить запрос позже.';
        }
        $q->close();
    }
    $login_lastaccess = time();
} else {
    $message = "Не указаны все необходимые параметры. Попробуйте повторить запрос позже.";
}
// конец попытки войти
data('message', $message);
authorize($data);
Beispiel #14
0
<?php

if (!defined('REST')) {
    exit('Access Denied');
}
include_once "class_pwd.php";
include_once "config_common.php";
include_once "config_sql.php";
include_once "class_response.php";
$restID = $_POST["rest_id"];
$restKey = $_POST["rest_key"];
$restName = $_POST["rest_name"];
if (!authorize($restID, $restKey, $restName)) {
    $response = new Response();
    $response->status = 0;
    $response->msg = "authorize failed";
} else {
    $pwd = new PWD();
    $response = $pwd->get();
}
echo $response;
Beispiel #15
0
function dupe_comments($GroupID, $Comments)
{
    global $DB, $LoggedUser;
    authorize();
    if (!check_perms('users_mod')) {
        error(403);
    }
    if (!is_number($GroupID)) {
        error(403);
    }
    $DB->query("\n\t\tSELECT SHA1(Comments) AS CommentHash\n\t\tFROM dupe_groups\n\t\tWHERE ID = {$GroupID}");
    list($OldCommentHash) = $DB->next_record();
    if ($OldCommentHash != sha1($Comments)) {
        $AdminComment = sqltime() . " - Linked accounts updated: Comments updated by " . $LoggedUser['Username'];
        if ($_POST['form_comment_hash'] == $OldCommentHash) {
            $DB->query("\n\t\t\t\tUPDATE dupe_groups\n\t\t\t\tSET Comments = '" . db_string($Comments) . "'\n\t\t\t\tWHERE ID = '{$GroupID}'");
        } else {
            $DB->query("\n\t\t\t\tUPDATE dupe_groups\n\t\t\t\tSET Comments = CONCAT('" . db_string($Comments) . "\n\n',Comments)\n\t\t\t\tWHERE ID = '{$GroupID}'");
        }
        $DB->query("\n\t\t\tUPDATE users_info AS i\n\t\t\t\tJOIN users_dupes AS d ON d.UserID = i.UserID\n\t\t\tSET i.AdminComment = CONCAT('" . db_string($AdminComment) . "\n\n', i.AdminComment)\n\t\t\tWHERE d.GroupID = {$GroupID}");
    }
}
Beispiel #16
0
// to remove unwanted actions
// it's not the best solution, maybe someone can do this without so many loops?
// first build special (helper) bindings table for authorize() function
foreach ($ExecStack->_BINDTABLE as $idx => $binding) {
    list($pre, $act) = explode('/', $idx);
    foreach ($binding as $bind) {
        $bindtable[$bind]['action'][] = $act;
        $bindtable[$bind]['count']++;
    }
}
reset($ExecStack->_MODINFO);
// reset for each() function below
while (list($mod_name, $mod_info) = each($ExecStack->_MODINFO)) {
    if (isset($mod_info['actions'])) {
        foreach ($mod_info['actions'] as $action_name => $action_info) {
            authorize($mod_name, $action_name);
        }
    }
}
// the same with menus (I don't kwnow how to do this in one loop)
$_MODINFO = $ExecStack->_MODINFO;
// copy for nested loops below
reset($ExecStack->_MODINFO);
// reset again
while (list($mod_name, $mod_info) = each($ExecStack->_MODINFO)) {
    if (isset($mod_info['menus'])) {
        foreach ($mod_info['menus'] as $menu_idx => $menu_array) {
            foreach ($_MODINFO as $mod_array) {
                if (isset($mod_array['actions'])) {
                    foreach ($mod_array['actions'] as $act) {
                        if (isset($act['menu']) && $act['menu'] == $menu_array['id']) {
Beispiel #17
0
function invite($teamid, $mode)
{
    global $is_admin;
    global $mysqli_;
    if (1 != $is_admin) {
        authorize();
    }
    // параметры
    if (!isset($teamid)) {
        return _error_no_team_id_code;
    }
    // запрос на проверку существования команды
    if (-1 < $teamid) {
        $query = $mysqli_->prepare('select count(*) from `teams` T where T.teamID=?');
        $query->bind_param('i', $teamid);
        $query->bind_result($count);
        if (!$query->execute()) {
            fail(_error_mysql_query_error_code);
        }
        // auto-close of query
        $query->fetch();
        if (0 == $count) {
            return _error_no_team_found_code;
        }
        // auto-close of query
        $query->close();
    }
    // конец проверки существования команды
    // проверяем, что команда еще не приглашена
    $query = $mysqli_->prepare('select count(*) from `teams` T where T.teamID=? and T.invited=1-?');
    $query->bind_param('ii', $teamid, $mode);
    $query->bind_result($count);
    if (!$query->execute()) {
        fail(_error_mysql_query_error_code);
    }
    // auto-close of query
    $query->fetch();
    if (0 == $count && 1 == $mode) {
        return _error_team_already_invited_code;
    }
    // auto-close of query
    if (0 == $count && 0 == $mode) {
        return _error_team_not_invited_code;
    }
    // auto-close of query
    $query->close();
    // проставляем галочку
    $query = $mysqli_->prepare('update `teams` set invited=? where teamid=?');
    $query->bind_param('ii', $mode, $teamid);
    if (!$query->execute() || 0 == $query->affected_rows) {
        fail(_error_mysql_query_error_code);
    }
    // auto-close of query
    $query->close();
    // пытаемся отправить уведомление
    global $messages;
    $code = notify(-1, $teamid, 1 == $mode ? $messages[_header_you_are_invited_code] : $messages[_header_you_are_fired_code], 1 == $mode ? $messages[_message_you_are_invited_code] : $messages[_message_you_are_fired_code]);
    if (_success_notify_added_code != $code) {
        return $code;
    }
    // конец попытки отправить уведомление
    return 1 == $mode ? _success_team_invited_code : _success_team_declined_code;
}
Beispiel #18
0
	* Please bear in mind, that this software was written for _fun_ =) 
	*************************/

	/************************
	* Usersnew - add new users to the station admin panel
	*----------------------------------------
	* This page will allow the registration of new users to the station. This simply
	* inludes the creation of a new account.
	* 
	* 2DO - Tie to XMLRPC Interface
	************************/
	include("init.inc.php");												# include the global framwork
	include("classes/sendMail.class.php");					# include the mail sender
	$myNav->add($SECTION[USERS],'users.php');				# add entry to Navigation Bar Stack
	$myNav->add($SECTION[USERSNEW],'usersnew.php');	# add entry to Navigation Bar Stack
	authorize('edit_users');												# check access rights
	
	/**
	 * random_char() - will return a random charachter
	 * 
	 * @param $string -- string to pick a random charachter from
	 * @return char
	 * 
	 * Alexey Koulikov - 12.01.2001
	 */
	function random_char($string){
	  $length = strlen($string);
	  $position = mt_rand(0, $length - 1);
	  return($string[$position]);
  }
Beispiel #19
0
    echo json_encode($fotosDAO->selectAll(), JSON_NUMERIC_CHECK);
    exit;
});
$app->get('/fotos/:id/?', authorize(), function ($id) use($fotosDAO) {
    header("Content-Type: application/json");
    echo json_encode($fotosDAO->selectById($id), JSON_NUMERIC_CHECK);
    exit;
});
$app->post('/fotos/?', authorize(), function () use($app, $fotosDAO) {
    header("Content-Type: application/json");
    $post = $app->request->post();
    if (empty($post)) {
        $post = (array) json_decode($app->request()->getBody());
    }
    echo json_encode($fotosDAO->insert($post), JSON_NUMERIC_CHECK);
    exit;
});
$app->delete('/fotos/:id/?', authorize(), function () use($fotosDAO) {
    header("Content-Type: application/json");
    echo json_encode($fotosDAO->delete());
    exit;
});
$app->put('/fotos/:id/?', authorize(), function () use($app, $fotosDAO) {
    header("Content-Type: application/json");
    $post = $app->request->post();
    if (empty($post)) {
        $post = (array) json_decode($app->request()->getBody());
    }
    echo json_encode($fotosDAO->update($id, $post), JSON_NUMERIC_CHECK);
    exit;
});
Beispiel #20
0
 public function __construct(TaxInterface $tax, BannerInterface $banner)
 {
     $this->bannergroup = $tax;
     $this->banner = $banner;
     authorize('manage_bannergroups');
 }
Beispiel #21
0
                                <?php 
    if (authorize($_SESSION["access_module"]["INVT"]["PURCHASES"]["edit"])) {
        ?>
                                    <button class="btn btn-sm btn-info" type="button"><i class="fa fa-edit"></i> EDIT</button> 
                                <?php 
    }
    ?>
                                <?php 
    if (authorize($_SESSION["access_module"]["INVT"]["PURCHASES"]["view"])) {
        ?>
                                    <button class="btn btn-sm btn-warning" type="button"><i class="fa fa-search-plus"></i> VIEW</button>
                                <?php 
    }
    ?>
                                <?php 
    if (authorize($_SESSION["access_module"]["INVT"]["PURCHASES"]["delete"])) {
        ?>
                                    <button class="btn btn-sm btn-danger" type="button"><i class="fa fa-trash-o"></i> DELETE</button>
                                <?php 
    }
    ?>
                            </td>
                        </tr>
                    <?php 
}
?>

                </tbody></table>
        </div>

    </div>
<?php

session_start();
require 'Slim/Slim.php';
$app = new Slim();
$app->get('/employees', authorize('user'), 'getEmployees');
$app->get('/employees/:id', authorize('user'), 'getEmployee');
$app->get('/employees/:id/reports', authorize('user'), 'getReports');
$app->get('/employees/search/:query', authorize('user'), 'getEmployeesByName');
$app->get('/employees/modifiedsince/:timestamp', authorize('user'), 'findByModifiedDate');
// I add the login route as a post, since we will be posting the login form info
$app->post('/login', 'login');
$app->run();
// api/index.php
/**
 * Quick and dirty login function with hard coded credentials (admin/admin)
 * This is just an example. Do not use this in a production environment
 */
function login()
{
    if (!empty($_POST['email']) && !empty($_POST['password'])) {
        // normally you would load credentials from a database.
        // This is just an example and is certainly not secure
        if ($_POST['email'] == 'admin' && $_POST['password'] == 'admin') {
            $user = array("email" => "admin", "firstName" => "Clint", "lastName" => "Berry", "role" => "user");
            $_SESSION['user'] = $user;
            echo json_encode($user);
        } else {
            $error = array("error" => array("text" => "You shall not pass..."));
            echo json_encode($error);
        }
Beispiel #23
0
<?php

authorize(true);
/*
User topic subscription page
*/
if (!empty($LoggedUser['DisableForums'])) {
    print json_encode(array('status' => 'failure'));
    die;
}
include SERVER_ROOT . '/classes/class_text.php';
// Text formatting class
$Text = new TEXT();
if (isset($LoggedUser['PostsPerPage'])) {
    $PerPage = $LoggedUser['PostsPerPage'];
} else {
    $PerPage = POSTS_PER_PAGE;
}
list($Page, $Limit) = page_limit($PerPage);
if ($LoggedUser['CustomForums']) {
    unset($LoggedUser['CustomForums']['']);
    $RestrictedForums = implode("','", array_keys($LoggedUser['CustomForums'], 0));
    $PermittedForums = implode("','", array_keys($LoggedUser['CustomForums'], 1));
}
$ShowUnread = !isset($_GET['showunread']) && !isset($HeavyInfo['SubscriptionsUnread']) || isset($HeavyInfo['SubscriptionsUnread']) && !!$HeavyInfo['SubscriptionsUnread'] || isset($_GET['showunread']) && !!$_GET['showunread'];
$ShowCollapsed = !isset($_GET['collapse']) && !isset($HeavyInfo['SubscriptionsCollapse']) || isset($HeavyInfo['SubscriptionsCollapse']) && !!$HeavyInfo['SubscriptionsCollapse'] || isset($_GET['collapse']) && !!$_GET['collapse'];
$sql = 'SELECT
	SQL_CALC_FOUND_ROWS
	MAX(p.ID) AS ID
	FROM forums_posts AS p
	LEFT JOIN forums_topics AS t ON t.ID = p.TopicID
Beispiel #24
0
    echo json_encode($userDAO->selectById($id), JSON_NUMERIC_CHECK);
    exit;
});
$app->get('/users/login/:mail/?', authorize(), function ($mail) use($userDAO) {
    header("Content-Type: application/json");
    echo json_encode($userDAO->selectByMail($mail), JSON_NUMERIC_CHECK);
    exit;
});
$app->post('/users/?', authorize(), function () use($app, $userDAO) {
    header("Content-Type: application/json");
    $post = $app->request->post();
    if (empty($post)) {
        $post = (array) json_decode($app->request()->getBody());
    }
    echo json_encode($userDAO->insert($post), JSON_NUMERIC_CHECK);
    exit;
});
$app->delete('/users/:id/?', authorize(), function () use($userDAO) {
    header("Content-Type: application/json");
    echo json_encode($userDAO->delete());
    exit;
});
$app->put('/users/:id/?', function ($id) use($app, $userDAO) {
    header("Content-Type: application/json");
    $post = $app->request->post();
    if (empty($post)) {
        $post = (array) json_decode($app->request()->getBody());
    }
    echo json_encode($userDAO->update($id, $post), JSON_NUMERIC_CHECK);
    exit;
});
Beispiel #25
0
	* Author: Kulikov Alexey - alex@pvl.at, alex@ita-studio.com
	*********************************
	* Please bear in mind, that this software was written for _fun_ =) 
	*************************/

	/************************
	* myseries - shows the series of some user
	*----------------------------------------
	* This page will display a list of all the possible users registered with
	* this station and their access levels. The Administrator can always
	* add new users to the list or take away privileges or even delete them...
	************************/
	include("init.inc.php");							# include the global framwork
	include("classes/pageSplit.class.php");				# include the page splitting utility
	$myNav->add($SECTION[SERIES],'myseries.php');		# add entry to Navigation Bar Stack
	authorize('edit_series');							# check access rights
	$me = $_SESSION['USER']->get("auth_id");			# global ME :)
	
	//can I edit this?
	if($_GET['id']){
		if($_SESSION['USER']->get("auth_id") == $db->getOne("SELECT series.owner FROM series WHERE series.id = '$_GET[id]'")){
			$mod = true;
		}
	}
	
	if(($_SESSION['USER']->get("edit_station")==2) or ($mod)){
		$mod_flag = TRUE;
	}
	
	################# PROCESS POST ACTION ######################################################
	
Beispiel #26
0
$app->get('/contactos/justnames/:clientid', authorize(), 'getContactosJustNames');
$app->get('/contactos/total/', authorize(), 'getContactosTotal');
$app->get('/contactos/:id', authorize(), 'getContactosById');
$app->get('/contactos/name/:name', authorize(), 'getContactosByName');
$app->get('/contactos/page/:pagenumber', authorize(), 'getContactosByPage');
$app->post('/contactos', authorize(), 'addContactos');
$app->put('/contactos/:id', authorize(), 'updateContactosById');
$app->delete('/contactos/:id', authorize(), 'deleteContactos');
//segmentos
$app->get('/segmentos', authorize(), 'getSegmentos');
$app->get('/segmentos/justnames/', authorize(), 'getSegmentosJustNamesAll');
$app->get('/segmentos/justnames/:clientid', authorize(), 'getSegmentosJustNames');
$app->get('/segmentos/total/', authorize(), 'getSegmentosTotal');
$app->get('/segmentos/:id', authorize(), 'getSegmentosById');
$app->get('/segmentos/name/:name', authorize(), 'getSegmentosByName');
$app->get('/segmentos/page/:pagenumber', authorize(), 'getSegmentosByPage');
$app->post('/segmentos', authorize(), 'addSegmentos');
$app->put('/segmentos/:id', authorize(), 'updateSegmentosById');
$app->delete('/segmentos/:id', authorize(), 'deleteSegmentos');
//subsegmentos
//usuarios
$app->get('/usuarios', authorize(), 'getUsuarios');
//$app->get('/usuarios/justnames/', authorize(), 'getUsuariosJustNamesAll');
//$app->get('/usuarios/total/', authorize(), 'getUsuariosTotal');
$app->get('/usuarios/:id', authorize(), 'getUsuariosById');
//$app->get('/usuarios/name/:name', authorize(), 'getUsuariosByName');
//$app->get('/usuarios/page/:pagenumber', authorize(), 'getUsuariosByPage');
$app->post('/usuarios', authorize(), 'addUsuarios');
$app->put('/usuarios/:id', authorize(), 'updateUsuariosById');
$app->delete('/usuarios/:id', authorize(), 'deleteUsuarios');
Beispiel #27
0
    // Make the client connect and exchange tokens
    try {
        $connection->connect();
    } catch (\Exception $e) {
        throw new Exception('Could not connect to Moneybird: ' . $e->getMessage());
    }
    // Save the new tokens for next connections
    setValue('accesstoken', $connection->getAccessToken());
    return $connection;
}
// If authorization code is returned from Moneybird, save this to use for token request
if (isset($_GET['code']) && is_null(getValue('authorizationcode'))) {
    setValue('authorizationcode', $_GET['code']);
}
// If we do not have a authorization code, authorize first to setup tokens
if (getValue('authorizationcode') === null) {
    authorize($redirectUrl, $clientId, $clientSecret);
}
// Create the Moneybird client
$connection = connect($redirectUrl, $clientId, $clientSecret);
$connection->setAdministrationId($administrationId);
$moneybird = new \Picqer\Financials\Moneybird\Moneybird($connection);
// Get the sales invoices from our administration
try {
    $salesInvoices = $moneybird->salesInvoice()->get();
    foreach ($salesInvoices as $salesInvoice) {
        var_dump($salesInvoice);
    }
} catch (\Exception $e) {
    echo get_class($e) . ' : ' . $e->getMessage();
}
Beispiel #28
0
<?php

include "funcuser.php";
include "template.php";
CreateCatalog($mysqli, $tmpl['category1'], $tmpl['category2'], $tmpl['search']);
//Переход на страницу с формой входа
if (isset($_POST['FormLogIn'])) {
    openFormLogIn($tmpl['LogIn']);
} else {
    if (isset($_POST['FormSingUp'])) {
        openFormSingUp($tmpl['LogIn']);
    } else {
        if (isset($_POST['LogIn'])) {
            if (authorize($mysqli, $_POST['login'], $_POST['password'], $tmpl['logout'])) {
                $_SESSION["pageNumber"] = 1;
                $_SESSION["pagelist"] = $tmpl["pagenumber"];
                guest_event($mysqli, $tmpl['mininews'], $tmpl['pagenumber'], $tmpl['page']);
                hotnews($mysqli, $tmpl["hotnews"]);
            }
        } else {
            if (isset($_POST['LogOut'])) {
                if (LogOut($mysqli, $tmpl['regist'])) {
                    /*НОВАЯ АВТОРИЗАЦИЯ ДЛЯ ГОСТЯ*/
                    if (!isset($_SESSION["pageNumber"])) {
                        $_SESSION["pageNumber"] = 1;
                    }
                    if (!isset($_SESSION["maxCountNews"])) {
                        $_SESSION["maxCountNews"] = 2;
                    }
                    $_SESSION["postCateg"] = "Главная страница";
                    $_SESSION['select'] = $tmpl['selectnumbernews'];
Beispiel #29
0
<?php

//******************************************************************************//
//--------------- Fill a request -----------------------------------------------//
$RequestID = $_REQUEST['requestid'];
if (!is_number($RequestID)) {
    error(0);
}
authorize();
//VALIDATION
if (!empty($_GET['torrentid']) && is_number($_GET['torrentid'])) {
    $TorrentID = $_GET['torrentid'];
} else {
    if (empty($_POST['link'])) {
        error('You forgot to supply a link to the filling torrent');
    } else {
        $Link = $_POST['link'];
        if (!preg_match('/' . TORRENT_REGEX . '/i', $Link, $Matches)) {
            error('Your link didn\'t seem to be a valid torrent link');
        } else {
            $TorrentID = $Matches[4];
        }
    }
    if (!$TorrentID || !is_number($TorrentID)) {
        error(404);
    }
}
//Torrent exists, check it's applicable
$DB->query("\n\tSELECT\n\t\tt.UserID,\n\t\tt.Time,\n\t\ttg.ReleaseType,\n\t\tt.Encoding,\n\t\tt.Format,\n\t\tt.Media,\n\t\tt.HasLog,\n\t\tt.HasCue,\n\t\tt.LogScore,\n\t\ttg.CategoryID,\n\t\tIF(t.Remastered = '1', t.RemasterCatalogueNumber, tg.CatalogueNumber)\n\tFROM torrents AS t\n\t\tLEFT JOIN torrents_group AS tg ON t.GroupID = tg.ID\n\tWHERE t.ID = {$TorrentID}\n\tLIMIT 1");
if (!$DB->has_results()) {
    error(404);
Beispiel #30
0
    echo json_encode($groupDAO->selectById($id), JSON_NUMERIC_CHECK);
    exit;
});
$app->get('/group/:groupname/?', authorize(), function ($groupname) use($groupDAO) {
    header("Content-Type: application/json");
    echo json_encode($groupDAO->selectByGroupName($groupname), JSON_NUMERIC_CHECK);
    exit;
});
$app->post('/group/?', function () use($app, $groupDAO) {
    header("Content-Type: application/json");
    $post = $app->request->post();
    if (empty($post)) {
        $post = (array) json_decode($app->request()->getBody());
    }
    echo json_encode($groupDAO->insert($post), JSON_NUMERIC_CHECK);
    exit;
});
$app->delete('/group/:id/?', authorize(), function () use($groupDAO) {
    header("Content-Type: application/json");
    echo json_encode($groupDAO->delete());
    exit;
});
$app->put('/group/:id/?', authorize(), function ($id) use($app, $groupDAO) {
    header("Content-Type: application/json");
    $post = $app->request->post();
    if (empty($post)) {
        $post = (array) json_decode($app->request()->getBody());
    }
    echo json_encode($groupDAO->updateGroup($id, $post), JSON_NUMERIC_CHECK);
    exit;
});