Beispiel #1
0
 /**
  *
  * @param mixed $data
  * @param boolean $loadforbreadcrumb 
  */
 function load($data, $loadforbreadcrumb = false)
 {
     if ($data) {
         $this->id = $data->id;
         $this->title = $data->title;
         $this->ownerid = $data->owner;
         $this->menu = $data->menu;
         $this->alias = $data->alias;
         $this->editorContent = $data->content;
         $this->loadforbeadrcumb = $loadforbreadcrumb;
         $this->editorText = $data->editor;
         $this->canonical = $data->canonical;
         $this->advancedHtmlHeader = $data->advanced_html_header;
         $this->changeFrequence = $data->change_frequence;
         $this->priority = $data->priority;
         $this->inSitemap = $data->in_sitemap_ifnull == 1;
         if (!isset(User::Current()->role) || !User::Current()->role->canAccess($this)) {
             if (Settings::getValue("accessdenied") != $this->id) {
                 throw new AccessDeniedException("Access denied: " . $this->alias);
             }
         }
     } else {
         throw new FileNotFoundException("File Not Found: " . $this->alias);
     }
 }
Beispiel #2
0
    public function show($command, $params, $user)
    {
        ?>
<div class="container">
    <div class='row'>
        <div class='span6 offset3'>
            <h1>Der opstod en fejl</h1>
            <div class="well">
				<p>Der opstod en fejl under visning af den forespurgte side.<br/>
				Det kan skyldes at du har en fejl i den indtastede URL, eller at du ikke har adgang til siden</p>
				<p>DEBUG Nuværende brugertype: <?php 
        echo User::Current()->type;
        ?>
<br/>
				Forespurgt side: <?php 
        echo $command;
        ?>
 DEBUG</p>
                <p>Muligheder:</p>
				<ul>
					<li>Gå til <a href='./'>forsiden</a></li>
					<li><a href='./logout'>Log ud og log ind igen</a></li>
					<li>TODO:<a href='mailto:derp@example.com'>Send os en mail</a></li>
					<li>Prøv igen senere</li>
				</ul>
            </div>
        </div>
    </div>
</div> <!-- /container -->
<?php 
    }
Beispiel #3
0
    public function show($command, $params, $user)
    {
        $where = "";
        if (User::Current()->type == User::USERTYPE_FMK) {
            $where = "";
        }
        if (User::Current()->type == User::USERTYPE_ARTIST) {
            $where = "AND " . User::Current()->corresponding_id . " = a.`id`";
        }
        if (User::Current()->type == User::USERTYPE_VENUE) {
            $where = "AND " . User::Current()->corresponding_id . " = v.`id`";
        }
        $q = mysql_query("SELECT e.*, a.`name` as `artist_name`, v.`name` as `venue_name` FROM `event` e, `artist` a, `venue` v\n\t\t\tWHERE e.`venue` = v.`id` AND e.`artist` = a.`id` {$where} ORDER BY e.`date` ASC LIMIT 15;");
        ?>
    <div class="container">
     <div class='row'>
      <div class='span4'>
      </div>
     </div>
      <h1 class='pull-left'>Kommende koncerter</h1>
      <table class='eventTable table table-striped table-bordered'>
      <thead>
       <tr><th>Artist</th><th>Spillested</th><th>Dato & Tid</th><th width='100px'>Status</th><th width='100px'>Handlinger</th></tr>
       </thead>
       <tbody>
       <?php 
        while ($res = mysql_fetch_assoc($q)) {
            echo "<tr><td>{$res['artist_name']}</td><td>{$res['venue_name']}</td><td>{$res['date']} {$res['time']}</td><td>Todo</td><td><a class='btn btn-primary' href='./event/{$res['id']}'><i class='icon-eye-open icon-white'></i></a> <a class='btn btn-info' href='./edit/{$res['id']}'><i class='icon-cog icon-white'></i></a></td>";
        }
        ?>
       </tbody>
      </table>
    </div> <!-- /container -->
<?php 
    }
Beispiel #4
0
 public function display()
 {
     $template = new Template();
     $template->load("plugin_changepassword_changepassword");
     $template->show_if('PASSWORD_WRONG', false);
     $template->show_if('SUCCESSFUL', false);
     $template->show_if('OLD_PASSWORD_WRONG', false);
     if (isset($_REQUEST['old_password']) && !empty($_REQUEST['old_password']) && is_string($_REQUEST['old_password']) && isset($_REQUEST['new_password']) && !empty($_REQUEST['new_password']) && is_string($_REQUEST['new_password']) && isset($_REQUEST['confirm_password']) && !empty($_REQUEST['confirm_password']) && is_string($_REQUEST['confirm_password'])) {
         $old_password = DataBase::Current()->EscapeString($_REQUEST['old_password']);
         $new_password = DataBase::Current()->EscapeString($_REQUEST['new_password']);
         $confirm_password = DataBase::Current()->EscapeString($_REQUEST['confirm_password']);
         if ($new_password != $confirm_password) {
             $template->show_if('PASSWORD_WRONG', true);
         } else {
             $password = DataBase::Current()->EscapeString(md5($new_password . Settings::getInstance()->get("salt")));
             $old_password = DataBase::Current()->EscapeString(md5($old_password . Settings::getInstance()->get("salt")));
             $db_password = DataBase::Current()->ReadField("SELECT `password` FROM `{'dbprefix'}user` WHERE `id` = '" . User::Current()->id . "'; ");
             if ($db_password && $db_password != null) {
                 if ($db_password != $old_password) {
                     $template->show_if('OLD_PASSWORD_WRONG', true);
                 } else {
                     DataBase::Current()->Execute("UPDATE `{'dbprefix'}user` SET `password` = '" . $password . "' WHERE `id` = '" . User::Current()->id . "'; ");
                     $template->show_if('SUCCESSFUL', true);
                     EventManager::raiseEvent("plugin_changepassword_change", array('old_password' => $old_password, 'new_password' => $password, 'userid' => User::Current()->id));
                     Cache::clear("tables", "userlist");
                 }
             } else {
                 //Der User ist nicht in der Datenbank aufgeführt.
             }
         }
     }
     $template->assign_var('ACTION', UrlRewriting::GetUrlByAlias($this->page->alias));
     echo $template->getCode();
 }
Beispiel #5
0
    public function display()
    {
        ?>
            <h2>Login</h2>
        <?php 
        if (isset($_POST['name']) && $_POST['name']) {
            if (User::Current()->login($_POST['name'], $_POST['password'])) {
                echo Language::DirectTranslate("HELLO") . " " . User::Current()->name;
                ?>
<script language="JavaScript"><!--
var zeit=(new Date()).getTime(); 
var stoppZeit=zeit+4000; 
while((new Date()).getTime()<stoppZeit){}; 
window.location.href="<?php 
                echo UrlRewriting::GetUrlByAlias("admin/home");
                ?>
";
// --></script> 
<?php 
            } else {
                echo Language::DirectTranslate("LOGIN_FAILED");
            }
        }
        if (User::Current()->isGuest()) {
            ?>
            <form method="POST">
                <table>
                    <tr>
                        <td><?php 
            echo Language::DirectTranslate("USERNAME");
            ?>
:</td>
                        <td><input name="name" autofocus /></td>
                    </tr>
                    <tr>
                        <td><?php 
            echo Language::DirectTranslate("PASSWORD");
            ?>
:</td>
                        <td> <input name="password" type="password" /></td>
                    </tr>
                </table>
                <input type="submit" value="Login" />
            </form>
            <?php 
        } else {
            ?>
<script language="JavaScript"><!--
window.location.href="<?php 
            echo UrlRewriting::GetUrlByAlias("admin/home");
            ?>
";
// --></script> 
<?php 
        }
    }
Beispiel #6
0
 public function consumePost($command, $params, $user)
 {
     if (!isset($_POST['username']) || !isset($_POST['password'])) {
         return false;
     }
     User::Login($_POST['username'], $_POST['password']);
     if (User::Current()->type == User::USERTYPE_NONE) {
         $this->error = true;
         return false;
     }
     if (count($params) > 0) {
         return './' . $command . '/' . implode('/', $params);
     } else {
         return './' . $command;
     }
 }
Beispiel #7
0
    public function display()
    {
        ?>
        <h1>Bis zum n&auml;chsten Mal!</h1>
      <?php 
        User::Current()->logout();
        ?>
        <script type="text/javascript">
          <!--
            setTimeout("self.location.href='<?php 
        echo Settings::getInstance()->get("host");
        ?>
'",750);
          //-->
        </script>
      <?php 
    }
Beispiel #8
0
    public function display()
    {
        ?>
            <h2><?php 
        echo Language::DirectTranslateHtml("SIGN_UP");
        ?>
</h2>
        <?php 
        if (User::Current()->isGuest()) {
            ?>
            <form action="<?php 
            echo $_SERVER['REQUEST_URI'];
            ?>
" method="POST">
                <table>
                    <tr>
                        <td><?php 
            Language::DirectTranslateHtml("USERNAME");
            ?>
:</td>
                        <td><input name="name" /></td>
                    </tr>
                    <tr>
                        <td><?php 
            Language::DirectTranslateHtml("EMAIL");
            ?>
:</td>
                        <td> <input name="email" /></td>
                    </tr>
                </table>
                <input type="submit" value="<?php 
            echo Language::DirectTranslateHtml("SIGN_UP");
            ?>
" />
            </form>
            <?php 
        }
    }
Beispiel #9
0
 /**
  *
  * @return string
  */
 public static function getCurrentDesktopSkinName()
 {
     if (isset($_GET['blank']) && $_GET['blank'] == "true") {
         $res = "blank";
     } else {
         if ((isset($_GET['skin']) || isset($_GET['save_settings'])) && User::Current()->isAdmin()) {
             if (isset($_GET['save_settings']) && User::Current()->isAdmin()) {
                 $res = "backenddefault";
             } else {
                 $res = $_GET['skin'];
             }
         } else {
             $res = self::getSkinName(SkinController::getCurrentSkinId());
         }
     }
     if ($res) {
         return $res;
     } else {
         return "default";
     }
 }
Beispiel #10
0
include "./classes/pages/ErrorPage.php";
include "./classes/pages/EventPage.php";
include "./classes/pages/SettingsPage.php";
include "./classes/pages/LogoutPage.php";
include "./classes/pages/ViewEventPage.php";
include "config.php";
include "pages.php";
session_start();
///////////////////////////////////////////////////////
//Command logic
$requestURI = explode('/', $_SERVER['REQUEST_URI']);
$scriptName = explode('/', $_SERVER['SCRIPT_NAME']);
$commandArr = array_values(array_diff_assoc($requestURI, $scriptName));
$command = isset($commandArr[0]) ? $commandArr[0] : '';
$params = array_slice($commandArr, 1);
$currentuser = User::Current();
///////////////////////////////////////////////////////
//Page logic
foreach ($pages as $page) {
    if ($page['command'] == $command || $page['command'] == '_ANY_') {
        if (preg_match('/' . $currentuser->type . '/', $page['usertype'])) {
            $currentpage = $page['page'];
        }
    }
}
if (!isset($currentpage)) {
    $currentpage = new ErrorPage();
}
$reload = $currentpage->consumePost($command, $params, $currentuser);
if ($reload !== false) {
    header("Location: {$reload}");
Beispiel #11
0
 /**
  *
  * @return boolean
  */
 public function delete()
 {
     $res = false;
     if (!$this->equals(User::Current())) {
         $id = DataBase::Current()->EscapeString(strtolower(trim($this->id)));
         $res = DataBase::Current()->Execute("DELETE FROM {'dbprefix'}user WHERE id = '" . $id . "'");
         Cache::clear("tables", "userlist");
         $args = array();
         $args["user"] = $this;
         EventManager::RaiseEvent("user_deleted", $args);
     }
     return $res;
 }
Beispiel #12
0
 /**
  * Validates the current user's login credentials and redirects to the login form if they do not have access to the requested page.
  * This function is intended to be called at the top of any pages that require a user be logged in.
  *
  * @static
  * @param string $type Optional user type (part of the table schema) to test against.  Use this to validate admin users on admin only pages.
  * @access public
  */
 static function Validate()
 {
     if (!User::LoggedIn()) {
         $_SESSION['LoginRequest'] = WebPath::Me();
         $_SESSION['LoginMessage'] = "You must be logged-in to access that page.";
         Response::Redirect('/login/');
     } elseif (func_num_args()) {
         if (!User::Current()->isType(func_get_args())) {
             $page = new pErrorPage("You do not have permission to view this page.");
             //pErrorPage is a Page template for displaying errormessages.  This is a cleaner option to calling die() and stops page execution.
         }
     }
 }
Beispiel #13
0
 /**
  *
  * @return int 
  */
 protected static function getRoleID()
 {
     return User::Current()->role->ID;
 }
Beispiel #14
0
<?php

include "../config.php";
session_start();
include "../classes/User.php";
if (User::Current() == User::USERTYPE_NONE) {
    return;
}
if (!isset($_GET['venue']) || !is_numeric($_GET['venue'])) {
    return;
}
?>

<option value='0'>V&aelig;lg kontaktperson</option>
<?php 
$venue_id = $_GET['venue'];
$contact_type = $_GET['type'];
$contacts_query = mysql_query("SELECT * FROM `contact` WHERE `venue` = '{$venue_id}' ORDER BY `name` DESC;");
$selected_id = 0;
$venue_query = mysql_query("SELECT * FROM `venue` WHERE `id` = '{$venue_id}' LIMIT 1;");
$venue = mysql_fetch_assoc($venue_query);
if (isset($venue[$contact_type])) {
    $selected_id = $venue[$contact_type];
}
while ($res = mysql_fetch_assoc($contacts_query)) {
    if ($selected_id == $res['id']) {
        echo "<option value='{$res['id']}' selected>{$res['name']} - {$res['phone']}</option>";
    } else {
        echo "<option value='{$res['id']}'>{$res['name']} - {$res['phone']}</option>";
    }
}
Beispiel #15
0
<?php

User::Validate("Admin");
if ($_POST['password']) {
    switch (User::Current()->changePassword($_POST['password']['old'], $_POST['password']['new'], $_POST['password']['confirm'])) {
        case ERR_PASSCHANGE_WRONGCURRENT:
            $ERROR['password'] = '******';
            break;
        case ERR_PASSCHANGE_WRONGCONFIRM:
            $ERROR['password'] = '******';
            break;
        case ERR_PASSCHANGE_TOOSHORT:
            $ERROR['password'] = '******';
            break;
        case ERR_PASSCHANGE_OK:
            $passwordChanged = true;
    }
}
$page = new pSubPage();
$page->addStyle("flowform.css");
$page->start();
?>

<form method="post" accept-charset="utf-8" class="flow">
<?php 
if ($ERROR['password']) {
    ?>
	<div row id="error">
		<h4>Your password could not be updated:</h4>
		<ul><?php 
    foreach ($ERROR as $v) {
Beispiel #16
0
 /**
  *
  * @return string
  */
 static function getCurrentUserName()
 {
     return User::Current()->name;
 }