public static function buildLink($url, $addfile, $linktext, $param_list = '', $extra_param = '')
 {
     //creating links
     $makeurl = new GenerateUrl($url);
     $makeurl->addFile($addfile);
     if (strlen($param_list) != 0) {
         $param_list = explode(",", $param_list);
         //putting parameters together eg fname=ama
         foreach ($param_list as $params) {
             $params = preg_split("/=/", $params);
             $paramkey = $params[0];
             $paramval = $params[1];
             $makeurl->addUrlParams($paramkey, $paramval);
         }
     }
     $linktext = strlen($linktext) == 0 ? $this->createUrl() : trim($linktext);
     return "<a href=\"" . $makeurl->createUrl() . "\" {$extra_param}>{$linktext}</a>";
 }
function changePassword()
{
    //put contents here
    include_once "../includes/admin_init.php";
    $process = new ProcessForm();
    $validate = $process::validate();
    $postdata = new User("users");
    $id = $postdata::$id = isset($GLOBALS["id"]) ? "Id=" . $GLOBALS["id"] : null;
    //id recieved form querystring
    if ($process->submitForm()) {
        /*@setting validation rules*/
        $required = array("old_password", "new_password");
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_PasswordFields("new_password", "cpassword"));
        //$process->message("Hey successfully submmited the form");
        $linkto = GenerateUrl::buildLink("../auth", ".", "Login");
        $process->message("Your password was successfully changed, please you can {$linkto} now.");
        if ($process->successflag) {
            //echo "success happened and all fields are sent to database, Thank you ! :)";
            $oldpass = isset($_POST["old_password"]) ? md5($_POST["old_password"]) : null;
            $getrow = $postdata::fieldExists("Password={$oldpass}");
            var_dump($getrow);
            if ($getrow != null) {
                $postdata::$id = isset($GLOBALS["id"]) ? "Id=" . $GLOBALS["id"] : null;
                $postdata::$tablefields = array("Password" => md5($_POST["new_password"]));
                $postdata->save();
            }
        }
    }
    $querystr = isset($_SERVER['QUERY_STRING']) ? "?" . $_SERVER['QUERY_STRING'] : null;
    $form = new Form("changepass", $_SERVER['PHP_SELF'] . $querystr, "post", "enctype=\"application/x-www-form-urlencoded\"\n");
    $form->startForm();
    //form heading
    $form->setFormField(null, $form->addFormInfo("<h2>Change My Password</h2>"));
    //Password
    $form->setFormField($form->inputLabel("Old password", "*Old Password"), $form->inputField("password", "old_password", $process->post("old_password")), $validate->displayErrorField($process->errorinfo, "old_password"));
    //Password
    $form->setFormField($form->inputLabel("new_password", "*New Password"), $form->inputField("password", "new_password", $process->post("new_password")), $validate->displayErrorField($process->errorinfo, "new_password"));
    $form->setFormField($form->inputLabel("cpassword", "*Confirm Password"), $form->inputField("password", "cpassword", $process->post("cpassword")), $validate->displayErrorField($process->errorinfo, "cpassword"));
    //checks submit type
    $form->setFormField(null, $form->inputField("submit", "change", "Change My Password"));
    $form->endForm();
    return $form->DisplayFields($GLOBALS["form_labling"], $process->message);
}
Beispiel #3
0
function loginForm()
{
    global $process, $session;
    $user = new User();
    //$uid  = $user::findRow("Id=1");
    // Proccessing forms
    if ($process->submitForm()) {
        // Form validation and processing
        if ($session->isLoggedIn()) {
            $msg = "* {$_POST["username"]} is already logged in";
        }
        //if no errors are found
        $username = $process->post("username");
        $password = $process->post("password");
        $password = md5($password);
        if (!$user::userExists("Username={$username}")) {
            $msg = "Username does not exist, register it now!";
        }
        $authuser = $user::authenticate($username, $password);
        if ($authuser) {
            $session->LogIn($authuser);
            redirectTo("../admin/");
            //echo "you  are now logged in";
        } else {
            $msg = "Username and Password combination is not correct";
        }
    } else {
        $email = "";
        $password = "";
    }
    //login form
    $form = new Form("login", filter_var($_SERVER['PHP_SELF']), "post", "enctype=\"application/x-www-form-urlencoded\"\n");
    $form->startForm();
    $form->setFormField("", $form->addFormInfo("<p style=\"text-align:center;\">Enter your username and password to access admin dashboard<br>\n<img  src=\"../" . TEMPLATE_DIR . SITE_TEMPLATE . "/_images/login_icon.png\" /></p>"));
    if (isset($msg) && strlen($msg) > 0) {
        $form->setFormField("", $form->addFormInfo("<p  class=\"error\">{$msg}</p>"));
    }
    //Username
    $form->setFormField($form->inputLabel("username", "Username"), $form->inputField("text", "username", "", 'autocomplete="on"'));
    $form->setFormField($form->inputLabel("username", "Password"), $form->inputField("password", "password", ""));
    $form->setFormField("", $form->inputField("submit", "login", "Login") . " or " . GenerateUrl::buildLink("../auth", "register.php", "Register"));
    return $form->DisplayFields($GLOBALS["form_labling"]);
    $form->endForm();
}
function categoryForm()
{
    //put contents here
    $process = new ProcessForm();
    $validate = $process::validate();
    $postdata = new Table("pagecategory");
    if ($GLOBALS["action"] == "editpgcate") {
        $postdata::$id = "Id=" . $GLOBALS["id"];
        $editcate = $postdata::findRow($postdata::$id);
        $category = $editcate->Category;
        $visible = $editcate->Visible;
        $position = $editcate->Position;
    } else {
        $category = "";
        $visible = "";
        $position = "";
    }
    if ($process->submitForm()) {
        /*@setting validation rules*/
        $required = array("category");
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
        $check_invalidchars = array("category");
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_invalidChars($check_invalidchars));
        $requiredlen = array("category" => 30);
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_FieldLength($requiredlen));
        $selectedindex = array("position" => "--Select Menu Position--");
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_selectField($selectedindex));
        $process->message("category has been successfully submmited.");
        if ($process->successflag) {
            //echo "success happened and all fields are sent to database, Thank you ! :)";//
            $postdata::$tablefields = array("Category" => $_POST["category"], "Position" => $_POST["position"], "Visible" => $_POST["visible"]);
            $postdata->save();
        }
    }
    $form = new Form("sitenavform", $_SERVER['PHP_SELF'] . "?" . $_SERVER['QUERY_STRING'], "post", "enctype=\"application/x-www-form-urlencoded\"\n");
    //Company
    $form->startForm();
    $form->setFormField("", $form->addFormInfo("<p>" . GenerateUrl::buildLink(".", "dashboard.php", "&laquo;Back to Sammary Page", "action=view,target=managesite") . "</p>" . "<h2>Use this form to add new page category.</h2><p>Required Fields are labelled with asterics (*)<hr/>"));
    //Category
    $form->setFormField($form->inputLabel("category", "*Category Name"), $form->inputField("text", "category", $process->post("category", $category)), $validate->displayErrorField($process->errorinfo, "category"));
    //Position
    $cateposition = function () {
        $getposition = new Table("sitemenu");
        $position_options = $getposition::findAllRecords("ORDER BY Id ASC");
        foreach ($position_options as $opt) {
            $options[0] = "--Select Menu Position--";
            $options[$opt->Position] = $opt->Nav_name;
        }
        return $options;
    };
    $form->setFormField($form->inputLabel("position", "*Menu Position"), $form->selectOptions("position", $cateposition(), $process->post("position", $position)), $validate->displayErrorField($process->errorinfo, "position"));
    //Radio for Visible//
    $form->setFormField($form->inputLabel("visible", "Menu Visibility"), $form->radioButton("Yes", "visible", "Y", $process->post("visible", $visible) == "Y" ? true : false) . $form->radioButton("No", "visible", "N", $process->post("visible", $visible) == "N" ? true : false));
    //Submit Form//
    $form->setFormField(null, $form->inputField("submit", "send", "Save"));
    $form->endForm();
    return $form->DisplayFields($GLOBALS["form_labling"], $process->message);
}
function viewProfile()
{
    global $users, $session;
    //$output .= "<p style=\"color:red; margin-left: 2em;\">" ;
    // $$msg ="Your Profile has been successfully updated, thank you.";
    //$output .= isset($_GET["msg"])?${$_GET["msg"]}:'' ;
    // @$$changepass_msg ="Your password has been successfully changed.";
    //$output .= isset($_GET["changepass_msg"])?${$_GET["changepass_msg"]}:'' ;
    $u = $users::findRow("Id={$session->userid}");
    $authlevel = function ($param) {
        switch ($param) {
            case ADMIN:
                return "Administrator";
                break;
            case MODERATOR:
                return "Moderator";
                break;
            case EDITOR:
                return "Editor";
                break;
            case USER:
                return "User";
                break;
        }
    };
    $output = "";
    $editlink = GenerateUrl::buildLink(".", "dashboard.php", "+Edit Profile", "target=profile,action=editregister,id={$u->Id}");
    $changepasslink = GenerateUrl::buildLink(".", "dashboard.php", "Change Password", "target=profile,action=changepass,id={$u->Id}");
    $password = $u->Password ? "*********" : "";
    $gender = $u->Gender == "M" ? "Male" : "Female";
    $output .= <<<HTML
<div id="admdetail">
\t  <h2>My Profile</h2>
      <table border="1" style="text-align:left;">
        <tr>
          <th colspan="3" style="text-align:center">Personal Information</th>
        </tr>
        <tr>
     \t<th colspan="6"><p>{$editlink}</p></th>
        </tr>
        <tr>
          <th scope="row">Fullname:</th>
          <td>{$u->fullName()}</td>
          <td rowspan="2">Upload your picture here</td>
         </tr>
        <tr>
          <th scope="row">Gender:</th>
          <td>{$gender}</td>
        </tr>
        <tr>
          <th colspan="3" style="text-align:center">Login Information</th>
         </tr>
        <tr>
          <th scope="row">Username:</th>
          <td colspan="2">{$u->Username}</td>
        </tr>
        <tr>
          <th scope="row">Email:</th>
          <td colspan="2" >{$u->Email}</td>
        </tr>
        <tr>
          <th scope="row">Password:</th>
          <td>{$password}</td>
          <td>{$changepasslink}</td>
        </tr> 
HTML;
    $output .= "<tr><th scope=\"row\">Userlevel:</th>\n        <td>" . $authlevel($u->Authlevel) . "</td>\n        <td>&nbsp;</td></tr>\n </table></div>";
    return $output;
}
function register()
{
    //put contents here
    include_once "../includes/admin_init.php";
    $process = new ProcessForm();
    $validate = $process::validate();
    $postdata = new User("users");
    $id = $postdata::$id = isset($GLOBALS["id"]) ? "Id=" . $GLOBALS["id"] : null;
    //id recieved form querystring
    if ($GLOBALS["action"] == "editregister") {
        $edit = $postdata::findRow($id);
        //
        $firstname = $edit->Firstname;
        $lastname = $edit->Lastname;
        $gender = $edit->Gender;
        $username = $edit->Username;
        $email = $edit->Email;
    } else {
        $firstname = "";
        $lastname = "";
        $gender = "";
        $username = "";
        $password = "";
        $email = "";
    }
    if ($process->submitForm()) {
        /*@setting validation rules*/
        $required = array("firstname", "lastname", "gender", "username", "email_address");
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
        $check_invalidchars = array("firstname", "lastname", "username");
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_invalidChars($check_invalidchars));
        $requiredlen = array("firstname" => 50, "lastname" => 50, "username" => 50);
        $process->errorinfo = array_merge($process->errorinfo, $validate->check_FieldLength($requiredlen));
        //$selectedindex = $setuserlevel==true?array("gender"=>"--Select Gender--","ulevel"=>"--Select User Level--"):array("gender"=>"--Select Gender--");
        //$process->errorinfo = array_merge($process->errorinfo,$validate->check_selectField($selectedindex));
        if ($_POST) {
            $getrow = $postdata::fieldExists("Username={$_POST["username"]}");
            //$uservalidate = (isset($_POST["username"]))?$getrow->Username:null;
            if ($getrow != null) {
                $process->errorinfo["username"] = $_POST["username"] . " already a users, try anther username please";
            }
        }
        if ($GLOBALS["action"] == "register" || $GLOBALS["action"] == "adduser") {
            array_push($required, "password");
            $process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
            $process->errorinfo = array_merge($process->errorinfo, $validate->check_PasswordFields("password", "cpassword"));
        }
        //Sucess
        //$process->message("Hey successfully submmited the form");
        $linkto = GenerateUrl::buildLink("../auth", ".", "Login");
        $process->message("Your registeration was successfully, please you can {$linkto}  now.");
        if ($process->successflag) {
            //echo "success happened and all fields are sent to database, Thank you ! :)";
            $postdata::$tablefields = array("Firstname" => $_POST["firstname"], "Lastname" => $_POST["lastname"], "Gender" => $_POST["gender"], "Username" => $_POST["username"], "Email" => $_POST["email_address"], "Password" => md5($_POST["password"]));
            $postdata->save();
        }
    }
    $querystr = isset($_SERVER['QUERY_STRING']) ? "?" . $_SERVER['QUERY_STRING'] : null;
    $form = new Form("Register", $_SERVER['PHP_SELF'] . $querystr, "post", "enctype=\"application/x-www-form-urlencoded\"\n");
    $form->startForm();
    //form heading
    if ($GLOBALS["action"] == "editregister") {
        $form->setFormField(null, $form->addFormInfo("<h2>Edit your profile ..</h2>"));
    } elseif ($GLOBALS["action"] == "edituser") {
        $form->setFormField(null, $form->addFormInfo("<h2>Edit User Account</h2>"));
    } else {
        $form->setFormField(null, $form->addFormInfo("<h2>Use this form to add register new users..</h2>"));
    }
    //FIrstname
    $form->setFormField($form->inputLabel("firstname", "Firstname"), $form->inputField("text", "firstname", $process->post("firstname", $firstname)), $validate->displayErrorField($process->errorinfo, "firstname"));
    //Lastname
    $form->setFormField($form->inputLabel("lastname", "Lastname"), $form->inputField("text", "lastname", $process->post("lastname", $lastname)), $validate->displayErrorField($process->errorinfo, "lastname"));
    //gender
    $gender_options = array("--Select Gender--", "M" => "Male", "F" => "Female");
    $form->setFormField($form->inputLabel("gender", "Gender"), $form->selectOptions("gender", $gender_options, $process->post("gender", $gender)), $validate->displayErrorField($process->errorinfo, "gender"));
    //Username
    $form->setFormField($form->inputLabel("username", "Username"), $form->inputField("text", "username", $process->post("username", $username)), $validate->displayErrorField($process->errorinfo, "username"));
    //Email Address
    $form->setFormField($form->inputLabel("email", "Email"), $form->inputField("email", "email_address", $process->post("email_address", $email)), $validate->displayErrorField($process->errorinfo, "email_address"));
    //checks userlevel
    //if in edit mode
    if ($GLOBALS["action"] != "editregister") {
        //Password
        $form->setFormField($form->inputLabel("password", "Password"), $form->inputField("password", "password", $process->post("password")), $validate->displayErrorField($process->errorinfo, "password"));
        $form->setFormField($form->inputLabel("cpassword", "Confirm Password"), $form->inputField("password", "cpassword", $process->post("cpassword")), $validate->displayErrorField($process->errorinfo, "cpassword"));
    }
    //Submit Form
    $hyperlink = GenerateUrl::buildLink("..", ".", "Terms and Conditions of use", "target=terms.html");
    //checks submit type
    if ($GLOBALS["action"] == "editregister") {
        $form->setFormField(null, $form->inputField("submit", "send", "Update My Profile "));
    } else {
        $form->setFormField(null, $form->addFormInfo("<strong role=\"agreement\">By Clicking on Register you Agree to our {$hyperlink}.</strong>"));
        $form->setFormField(null, $form->inputField("submit", "send", "Register"));
    }
    $form->endForm();
    return $form->DisplayFields($GLOBALS["form_labling"], $process->message);
}
 public function hyperlink($url, $addfile, $linktext, $params = '', $id = '')
 {
     return GenerateUrl::buildLink($url, $addfile, $linktext, $params, $id);
 }