public function paging($start, $end, $max, $where = array(), $options = null)
 {
     $page = isset($start) ? (int) Input::escape($start) : 1;
     $perPage = isset($end) && Input::escape($end) <= $max ? (int) Input::escape($end) : 5;
     $pages = $page > 1 ? $page * $perPage - $perPage : 0;
     $this->_total = ceil($this->count()[0]->Total / $perPage);
     $this->_database->select(array($this->_rows), $this->_table, $where, array('LIMIT' => "{$pages},{$perPage}"));
     return $this->_database->results();
 }
Beispiel #2
0
 public function setInput()
 {
     $input = Input::escape(Input::get($this->key));
     if (!empty($input)) {
         try {
             $this->isSet = true;
             if ($this->isDate) {
                 $input = Input::getdate($this->key);
                 $input = $input->format('Y-m-d');
             } else {
                 if ($this->isNumber) {
                     $input = Input::escape(Input::getnumber($this->key));
                 } else {
                     $input = Input::escape(Input::getWordName($this->key));
                 }
             }
         } catch (InvalidArgumentException $e) {
             $this->isSet = false;
             $this->exMessage = $e->getMessage();
             var_dump('invalarg');
         } catch (OutOfRangeException $e) {
             $this->isSet = false;
             $this->exMessage = $e->getMessage();
             var_dump('outorange');
         } catch (DomainException $e) {
             $this->isSet = false;
             $this->exMessage = $e->getMessage();
             var_dump('domainex');
         } catch (LengthException $e) {
             $this->isSet = false;
             $this->exMessage = $e->getMessage();
             var_dump('length');
         } catch (RangeException $e) {
             $this->isSet = false;
             $this->exMessage = $e->getMessage();
             var_dump('range');
         } catch (Exception $e) {
             $this->isSet = false;
             $this->exMessage = $e->getMessage();
             var_dump('exp');
         }
     }
     return $input;
 }
Beispiel #3
0
function pageController()
{
    session_start();
    $username = Input::has('username') ? Input::get('username') : "";
    $password = Input::has('password') ? Input::get('password') : "";
    $username = Input::escape($username);
    $password = Input::escape($password);
    if (Auth::attempt($username, $password)) {
        header('Location: authorized.php');
        die;
    }
    // $attemptedUsername = isset($_POST['username']) ? $_POST['username'] : '';
    // $attemptedPassword = isset($_POST['password']) ? $_POST['password'] : '';
    // if($attemptedUsername == $username && $attemptedPassword == $password) {
    // 	$_SESSION['logged_in_user'] = $username;
    // 	header('Location: authorized.php');
    // 	die();
    // } elseif($attemptedPassword != '' || $attemptedUsername != '') {
    // 	echo "The username or password is incorrect";
    // }
    return ['username' => $username, 'password' => $password];
}
Beispiel #4
0
 // continue only if there aren't any errors
 if ($errorHandler->hasErrors() === false) {
     $phpmailer = new PHPMailer();
     $mailer = new Mail($errorHandler, $phpmailer);
     /*===========================================================
       =            Composing email with customer order            =
       ===========================================================*/
     $recipient = Config::get('mail/receive_orders_to');
     $subject = 'Заказ';
     $body = 'Адрес: <b>' . Input::escape(Input::get('address')) . '</b><br>';
     $body .= 'Ф.И.О.: <b>' . Input::escape(Input::get('customer_name')) . '</b><br>';
     if (empty(Input::get('quantity')) === false) {
         $body .= 'Количество экземпляров: <b>' . Input::get('quantity') . '</b><br>';
     }
     if (empty(Input::get('info')) === false) {
         $body .= 'Дополнительная информация: <b>' . Input::escape(Input::get('info')) . '</b><br>';
     }
     /**
      * compose a section of email conserning book info
      * (desired fields can be configured by website administrator through config.ini)
      **/
     $desiredMailData = Config::csvToArray(Config::get('mail/product_info'));
     $mailData = '';
     foreach ($desiredMailData as $field) {
         $mailData .= $field . ': <b>' . $book->{$field} . '</b><br>';
     }
     $body .= '<br>Информация о товаре:<br> ' . $mailData;
     // send it
     $mailer->mail($recipient, $subject, $body);
     if ($errorHandler->hasErrors() === true) {
         Session::flash('home', 'Произошла ошибка при попытке отправить письмо с информацией о заказе.');
    <title>Login</title>
</head>
<body>
	Session Id: <?php 
echo $sessionId;
?>
<br>
    View Count: <?php 
echo $viewCount;
?>
    <form method="POST">
        <label>Name</label>
        <input value ="<?php 
echo Input::escape($name);
?>
"type="text" name="name"><br>
        <label>Password</label>
        <input value ="<?php 
echo Input::escape($password);
?>
"type="password" name="password"><br>
        <input type="submit">
        <input type="hidden" name="reset" value="reset">
    </form>
    <script language="javascript">
    	<?php 
echo $javascript;
?>
	</script>
</body>
</html>
require_once '../Input.php';
require_once '../Auth.php';
session_start();
if (!Auth::check()) {
    header("Location: login.php");
    die;
}
$username = ucfirst(Auth::user());
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="description" content="Assignment 7.1.4. POST Requests">
    <meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Authorized</title>
	<link rel="shortcut icon" href="/img/php.png">
	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
	<link rel="stylesheet" href="/css/form-example.css">
</head>
<body>
	<h2>Congratulations, You're Authorized!!!</h2>
	<h2><?php 
echo 'Hello, ' . Input::escape($username);
?>
</h2>
	<a class="btn btn-primary" href="/logout.php">Logout</a>
</body>
</html>
    die;
}
?>

<!DOCTYPE html>
<html>
<head>
    <title>LOGIN</title>
    <link rel= "stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
    <link rel= "stylesheet" href="/logincss.css">
</head>
<body>
	<h2>PLEASE LOGIN</h2>
	<div id = "container">
	    <form method="POST">
	        <label>UserName:</label>
	        <input value="<?php 
echo Input::escape($userName);
?>
" type="text" name="userName"><br>
	        <label>Password:</label>
	        <input type="password" name="password"><br>
	        <input type="submit">
	    </form>
	    <h2><?php 
echo $login;
?>
<h2>
    </div>
</body>
</html>
Beispiel #8
0
 public function __set($name, $value)
 {
     $value = Input::escape($value);
     $this->attributes[$name] = $value;
 }
    ?>
 </td>
								    <td><?php 
    echo Input::escape($park['location']);
    ?>
 </td>
								    <td><?php 
    echo Input::escape($park['date_established']);
    ?>
 </td>
								    <td><?php 
    echo Input::escape($park['area_in_acres']);
    ?>
 </td>
								    <td><?php 
    echo Input::escape($park['description']);
    ?>
 </td>
								    <td>
							    		<form role="form" method="POST">
											<button type="submit" class="btn btn-info btn-xs" value="<?php 
    echo $park['id'];
    ?>
" name="id">Delete</button>
										</form>
									</td>
								</tr>
							</tbody>
						<?php 
}
?>
Beispiel #10
0
    <div class="parks-container">
        <h1>US National Parks</h1>

        <div class="flex-container">
            <?php 
foreach ($parks as $park) {
    ?>
                <div class="each-park">
                    <h3><a href="http://www.google.com/#safe=on&q=<?php 
    echo $park['park_name'];
    ?>
+national+park" target="_blank"><?php 
    echo $park['park_name'];
    ?>
</a>,<br><?php 
    echo Input::escape($park['park_loc']);
    ?>
</h3>
                    <ul class="park-info">
                        <li><span>Established:</span> <?php 
    echo $park['date_est'];
    ?>
</li>
                        <li><span>Area:</span> <?php 
    echo $park['area_in_acres'];
    ?>
 acres</li>
                        <li><button type="button" class="btn btn-primary open-desc-modal" data-toggle="modal" data-target="#desc-modal" data-description="<?php 
    echo $park['about_park'];
    ?>
">Description</button></li>
Beispiel #11
0
 private function _parseOperators($value, $escape = true)
 {
     $operator = '` =';
     if (strpos($value, '>') !== false or strpos($value, '<') !== false) {
         if (substr($value, 1, 1) == '=' or substr($value, 0, 2) == '<>') {
             $operator = '` ' . substr($value, 0, 2);
             $value = substr($value, 2, strlen($value));
         } else {
             $operator = '` ' . substr($value, 0, 1);
             $value = substr($value, 1, strlen($value));
         }
     } elseif (strpos($value, '!=') !== false) {
         $operator = '` ' . substr($value, 0, 2);
         $value = substr($value, 2, strlen($value));
     }
     $value = is_numeric($value) ? $value : '\'' . ($escape ? Input::escape($value) : $value) . '\'';
     return array('operator' => $operator, 'value' => $value);
 }
Beispiel #12
0
</li>
							<li>Location: <?php 
    echo Input::escape($nationalPark['location']);
    ?>
</li>
							<li>Date-Established: <?php 
    echo Input::escape($nationalPark['date_established']);
    ?>
</li>
							<li>Area in Acres: <?php 
    echo Input::escape($nationalPark['area_in_acres']);
    ?>
</li>
						</ul>
						<p class="description col-md-12">Description: <?php 
    echo Input::escape($nationalPark['description']);
    ?>
</p>
					</div>			
				<?php 
}
?>
			</div>
		</div> <!-- .nationalParksLoop -->
		
		<?php 
foreach ($errors as $error) {
    ?>
			<p><?php 
    echo $error;
    ?>
Beispiel #13
0
    if (Token::check(Input::get('token'))) {
        if (Input::found('book_edit')) {
            $sql = 'SELECT id FROM book WHERE title = ?;';
            $id = Database::getInstance()->query($sql, [Input::get('book_edit')])->first()->id;
            if (isset($id) == false) {
                $input = Input::escape(Input::get('book_edit'));
                Session::flash('home', 'Книги под названием "' . $input . '" не существует');
                Redirect::to();
            }
            Redirect::to('editbook.php?id=' . $id);
        }
        if (Input::found('author_edit')) {
            $sql = 'SELECT id FROM author WHERE name = ?;';
            $id = Database::getInstance()->query($sql, [Input::get('author_edit')])->first()->id;
            if (isset($id) == false) {
                $input = Input::escape(Input::get('author_edit'));
                Session::flash('home', 'Автора под именем "' . $input . '" не существует');
                Redirect::to();
            }
            Redirect::to('editauthor.php?id=' . $id);
        }
    }
}
// there would be 2 forms on this page so we need to generate anti-csrf token beforehand
$token = Token::generate();
?>
<div class="wrapper">
    <div class="manage">
        <a href="addbook.php">
            <div class="option">
                <p>Добавить новую книгу в каталог</p>
Beispiel #14
0
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="description" content="Assignment 7.1.4. POST Requests">
    <meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Login</title>
	<link rel="shortcut icon" href="/img/php.png">
	<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
	<link rel="stylesheet" href="/css/form-example.css">
</head>
<body>
	<form method="POST" role="form">
		<h4><?php 
echo $loginError;
?>
</h4>
		<div class="form-group">
			<label for="username">Username</label>
			<input type="text" class="form-control" name="username">
		</div>
		<div class="form-group">
			<label for="password">Password</label>
			<input type="password" class="form-control" name="password">
		</div>
		<h5><?php 
echo $info . ' ' . Input::escape($username);
?>
</h5>
		<button class="btn btn-primary">Submit</button>
	</form>
</body>
</html>