/** * * @param mixed $data * @param boolean $loadforbreadcrumb */ function load($data, $loadforbreadcrumb = false) { if ($data) { $this->id = $data->id; $this->title = $data->title; $this->ownerid = $data->owner; $this->menu = $data->menu; $this->alias = $data->alias; $this->editorContent = $data->content; $this->loadforbeadrcumb = $loadforbreadcrumb; $this->editorText = $data->editor; $this->canonical = $data->canonical; $this->advancedHtmlHeader = $data->advanced_html_header; $this->changeFrequence = $data->change_frequence; $this->priority = $data->priority; $this->inSitemap = $data->in_sitemap_ifnull == 1; if (!isset(User::Current()->role) || !User::Current()->role->canAccess($this)) { if (Settings::getValue("accessdenied") != $this->id) { throw new AccessDeniedException("Access denied: " . $this->alias); } } } else { throw new FileNotFoundException("File Not Found: " . $this->alias); } }
public function show($command, $params, $user) { ?> <div class="container"> <div class='row'> <div class='span6 offset3'> <h1>Der opstod en fejl</h1> <div class="well"> <p>Der opstod en fejl under visning af den forespurgte side.<br/> Det kan skyldes at du har en fejl i den indtastede URL, eller at du ikke har adgang til siden</p> <p>DEBUG Nuværende brugertype: <?php echo User::Current()->type; ?> <br/> Forespurgt side: <?php echo $command; ?> DEBUG</p> <p>Muligheder:</p> <ul> <li>Gå til <a href='./'>forsiden</a></li> <li><a href='./logout'>Log ud og log ind igen</a></li> <li>TODO:<a href='mailto:derp@example.com'>Send os en mail</a></li> <li>Prøv igen senere</li> </ul> </div> </div> </div> </div> <!-- /container --> <?php }
public function show($command, $params, $user) { $where = ""; if (User::Current()->type == User::USERTYPE_FMK) { $where = ""; } if (User::Current()->type == User::USERTYPE_ARTIST) { $where = "AND " . User::Current()->corresponding_id . " = a.`id`"; } if (User::Current()->type == User::USERTYPE_VENUE) { $where = "AND " . User::Current()->corresponding_id . " = v.`id`"; } $q = mysql_query("SELECT e.*, a.`name` as `artist_name`, v.`name` as `venue_name` FROM `event` e, `artist` a, `venue` v\n\t\t\tWHERE e.`venue` = v.`id` AND e.`artist` = a.`id` {$where} ORDER BY e.`date` ASC LIMIT 15;"); ?> <div class="container"> <div class='row'> <div class='span4'> </div> </div> <h1 class='pull-left'>Kommende koncerter</h1> <table class='eventTable table table-striped table-bordered'> <thead> <tr><th>Artist</th><th>Spillested</th><th>Dato & Tid</th><th width='100px'>Status</th><th width='100px'>Handlinger</th></tr> </thead> <tbody> <?php while ($res = mysql_fetch_assoc($q)) { echo "<tr><td>{$res['artist_name']}</td><td>{$res['venue_name']}</td><td>{$res['date']} {$res['time']}</td><td>Todo</td><td><a class='btn btn-primary' href='./event/{$res['id']}'><i class='icon-eye-open icon-white'></i></a> <a class='btn btn-info' href='./edit/{$res['id']}'><i class='icon-cog icon-white'></i></a></td>"; } ?> </tbody> </table> </div> <!-- /container --> <?php }
public function display() { $template = new Template(); $template->load("plugin_changepassword_changepassword"); $template->show_if('PASSWORD_WRONG', false); $template->show_if('SUCCESSFUL', false); $template->show_if('OLD_PASSWORD_WRONG', false); if (isset($_REQUEST['old_password']) && !empty($_REQUEST['old_password']) && is_string($_REQUEST['old_password']) && isset($_REQUEST['new_password']) && !empty($_REQUEST['new_password']) && is_string($_REQUEST['new_password']) && isset($_REQUEST['confirm_password']) && !empty($_REQUEST['confirm_password']) && is_string($_REQUEST['confirm_password'])) { $old_password = DataBase::Current()->EscapeString($_REQUEST['old_password']); $new_password = DataBase::Current()->EscapeString($_REQUEST['new_password']); $confirm_password = DataBase::Current()->EscapeString($_REQUEST['confirm_password']); if ($new_password != $confirm_password) { $template->show_if('PASSWORD_WRONG', true); } else { $password = DataBase::Current()->EscapeString(md5($new_password . Settings::getInstance()->get("salt"))); $old_password = DataBase::Current()->EscapeString(md5($old_password . Settings::getInstance()->get("salt"))); $db_password = DataBase::Current()->ReadField("SELECT `password` FROM `{'dbprefix'}user` WHERE `id` = '" . User::Current()->id . "'; "); if ($db_password && $db_password != null) { if ($db_password != $old_password) { $template->show_if('OLD_PASSWORD_WRONG', true); } else { DataBase::Current()->Execute("UPDATE `{'dbprefix'}user` SET `password` = '" . $password . "' WHERE `id` = '" . User::Current()->id . "'; "); $template->show_if('SUCCESSFUL', true); EventManager::raiseEvent("plugin_changepassword_change", array('old_password' => $old_password, 'new_password' => $password, 'userid' => User::Current()->id)); Cache::clear("tables", "userlist"); } } else { //Der User ist nicht in der Datenbank aufgeführt. } } } $template->assign_var('ACTION', UrlRewriting::GetUrlByAlias($this->page->alias)); echo $template->getCode(); }
public function display() { ?> <h2>Login</h2> <?php if (isset($_POST['name']) && $_POST['name']) { if (User::Current()->login($_POST['name'], $_POST['password'])) { echo Language::DirectTranslate("HELLO") . " " . User::Current()->name; ?> <script language="JavaScript"><!-- var zeit=(new Date()).getTime(); var stoppZeit=zeit+4000; while((new Date()).getTime()<stoppZeit){}; window.location.href="<?php echo UrlRewriting::GetUrlByAlias("admin/home"); ?> "; // --></script> <?php } else { echo Language::DirectTranslate("LOGIN_FAILED"); } } if (User::Current()->isGuest()) { ?> <form method="POST"> <table> <tr> <td><?php echo Language::DirectTranslate("USERNAME"); ?> :</td> <td><input name="name" autofocus /></td> </tr> <tr> <td><?php echo Language::DirectTranslate("PASSWORD"); ?> :</td> <td> <input name="password" type="password" /></td> </tr> </table> <input type="submit" value="Login" /> </form> <?php } else { ?> <script language="JavaScript"><!-- window.location.href="<?php echo UrlRewriting::GetUrlByAlias("admin/home"); ?> "; // --></script> <?php } }
public function consumePost($command, $params, $user) { if (!isset($_POST['username']) || !isset($_POST['password'])) { return false; } User::Login($_POST['username'], $_POST['password']); if (User::Current()->type == User::USERTYPE_NONE) { $this->error = true; return false; } if (count($params) > 0) { return './' . $command . '/' . implode('/', $params); } else { return './' . $command; } }
public function display() { ?> <h1>Bis zum nächsten Mal!</h1> <?php User::Current()->logout(); ?> <script type="text/javascript"> <!-- setTimeout("self.location.href='<?php echo Settings::getInstance()->get("host"); ?> '",750); //--> </script> <?php }
public function display() { ?> <h2><?php echo Language::DirectTranslateHtml("SIGN_UP"); ?> </h2> <?php if (User::Current()->isGuest()) { ?> <form action="<?php echo $_SERVER['REQUEST_URI']; ?> " method="POST"> <table> <tr> <td><?php Language::DirectTranslateHtml("USERNAME"); ?> :</td> <td><input name="name" /></td> </tr> <tr> <td><?php Language::DirectTranslateHtml("EMAIL"); ?> :</td> <td> <input name="email" /></td> </tr> </table> <input type="submit" value="<?php echo Language::DirectTranslateHtml("SIGN_UP"); ?> " /> </form> <?php } }
/** * * @return string */ public static function getCurrentDesktopSkinName() { if (isset($_GET['blank']) && $_GET['blank'] == "true") { $res = "blank"; } else { if ((isset($_GET['skin']) || isset($_GET['save_settings'])) && User::Current()->isAdmin()) { if (isset($_GET['save_settings']) && User::Current()->isAdmin()) { $res = "backenddefault"; } else { $res = $_GET['skin']; } } else { $res = self::getSkinName(SkinController::getCurrentSkinId()); } } if ($res) { return $res; } else { return "default"; } }
include "./classes/pages/ErrorPage.php"; include "./classes/pages/EventPage.php"; include "./classes/pages/SettingsPage.php"; include "./classes/pages/LogoutPage.php"; include "./classes/pages/ViewEventPage.php"; include "config.php"; include "pages.php"; session_start(); /////////////////////////////////////////////////////// //Command logic $requestURI = explode('/', $_SERVER['REQUEST_URI']); $scriptName = explode('/', $_SERVER['SCRIPT_NAME']); $commandArr = array_values(array_diff_assoc($requestURI, $scriptName)); $command = isset($commandArr[0]) ? $commandArr[0] : ''; $params = array_slice($commandArr, 1); $currentuser = User::Current(); /////////////////////////////////////////////////////// //Page logic foreach ($pages as $page) { if ($page['command'] == $command || $page['command'] == '_ANY_') { if (preg_match('/' . $currentuser->type . '/', $page['usertype'])) { $currentpage = $page['page']; } } } if (!isset($currentpage)) { $currentpage = new ErrorPage(); } $reload = $currentpage->consumePost($command, $params, $currentuser); if ($reload !== false) { header("Location: {$reload}");
/** * * @return boolean */ public function delete() { $res = false; if (!$this->equals(User::Current())) { $id = DataBase::Current()->EscapeString(strtolower(trim($this->id))); $res = DataBase::Current()->Execute("DELETE FROM {'dbprefix'}user WHERE id = '" . $id . "'"); Cache::clear("tables", "userlist"); $args = array(); $args["user"] = $this; EventManager::RaiseEvent("user_deleted", $args); } return $res; }
/** * Validates the current user's login credentials and redirects to the login form if they do not have access to the requested page. * This function is intended to be called at the top of any pages that require a user be logged in. * * @static * @param string $type Optional user type (part of the table schema) to test against. Use this to validate admin users on admin only pages. * @access public */ static function Validate() { if (!User::LoggedIn()) { $_SESSION['LoginRequest'] = WebPath::Me(); $_SESSION['LoginMessage'] = "You must be logged-in to access that page."; Response::Redirect('/login/'); } elseif (func_num_args()) { if (!User::Current()->isType(func_get_args())) { $page = new pErrorPage("You do not have permission to view this page."); //pErrorPage is a Page template for displaying errormessages. This is a cleaner option to calling die() and stops page execution. } } }
/** * * @return int */ protected static function getRoleID() { return User::Current()->role->ID; }
<?php include "../config.php"; session_start(); include "../classes/User.php"; if (User::Current() == User::USERTYPE_NONE) { return; } if (!isset($_GET['venue']) || !is_numeric($_GET['venue'])) { return; } ?> <option value='0'>Vælg kontaktperson</option> <?php $venue_id = $_GET['venue']; $contact_type = $_GET['type']; $contacts_query = mysql_query("SELECT * FROM `contact` WHERE `venue` = '{$venue_id}' ORDER BY `name` DESC;"); $selected_id = 0; $venue_query = mysql_query("SELECT * FROM `venue` WHERE `id` = '{$venue_id}' LIMIT 1;"); $venue = mysql_fetch_assoc($venue_query); if (isset($venue[$contact_type])) { $selected_id = $venue[$contact_type]; } while ($res = mysql_fetch_assoc($contacts_query)) { if ($selected_id == $res['id']) { echo "<option value='{$res['id']}' selected>{$res['name']} - {$res['phone']}</option>"; } else { echo "<option value='{$res['id']}'>{$res['name']} - {$res['phone']}</option>"; } }
<?php User::Validate("Admin"); if ($_POST['password']) { switch (User::Current()->changePassword($_POST['password']['old'], $_POST['password']['new'], $_POST['password']['confirm'])) { case ERR_PASSCHANGE_WRONGCURRENT: $ERROR['password'] = '******'; break; case ERR_PASSCHANGE_WRONGCONFIRM: $ERROR['password'] = '******'; break; case ERR_PASSCHANGE_TOOSHORT: $ERROR['password'] = '******'; break; case ERR_PASSCHANGE_OK: $passwordChanged = true; } } $page = new pSubPage(); $page->addStyle("flowform.css"); $page->start(); ?> <form method="post" accept-charset="utf-8" class="flow"> <?php if ($ERROR['password']) { ?> <div row id="error"> <h4>Your password could not be updated:</h4> <ul><?php foreach ($ERROR as $v) {
/** * * @return string */ static function getCurrentUserName() { return User::Current()->name; }