/** * Редактирование сообщения */ public function edit($id) { if (!User::check()) { App::abort(403); } if (!($guest = Guestbook::find_by_id($id))) { App::abort('default', 'Сообщение не найдено!'); } if (!User::isAdmin() && $guest->user_id != User::getUser('id')) { App::abort('default', 'Редактирование невозможно, вы не автор данного сообщения!'); } if (!User::isAdmin() && $guest->created_at < Carbon::now()->subMinutes(10)) { App::abort('default', 'Редактирование невозможно, прошло более 10 мин.'); } if (Request::isMethod('post')) { $guest->token = Request::input('token', true); $guest->text = Request::input('text'); if ($guest->save()) { App::setFlash('success', 'Сообщение успешно изменено!'); App::redirect('/guestbook'); } else { App::setFlash('danger', $guest->getErrors()); App::setInput($_POST); } } App::view('guestbook.edit', compact('guest')); }
function login() { //登录 if (isset($_POST['name'])) { $model = new User(); if ($model->check()) { //检查用户输入的用户名和密码是否有效 setcookie('user', $_POST['name']); //有效则将用户信息存入cookie和session中 $_SESSION['name'] = $model->getName(); $_SESSION['id'] = $model->getID(); $_SESSION['role'] = $model->getRole(); header('location:http://' . $_SERVER['HTTP_HOST'] . '/WeiXianPin/index.php'); //重定向到主页 exit; } else { $error = '用户名或密码错误,请重新登录'; } } else { $error = ''; } //没有提交登录表单,自然没错 include 'login.html.php'; //进入登录页面并显示错误信息(如果没有则不显示) }
public function validate() { if ($this->token && $this->token !== $_SESSION['token']) { $this->errors->add('token', 'Неверный идентификатор сессии, повторите действие!'); } if (!User::check() && $this->captcha !== $_SESSION['captcha']) { $this->errors->add('captcha', 'Неверный проверочный код'); } }
function login_POST() { $username = _post('username'); $password = _post('password'); if ($user = User::check($username, $password)) { $user->login(); $back_url = _get('back_url') ?: DEFAULT_LOGIN_REDIRECT_URL; redirect($back_url); } else { $GLOBALS['msg'] = $GLOBALS['config']['error']['info']['USERNAME_OR_PASSWORD_INCORRECT']; } }
/** * Отправка жалобы */ public function complaint() { if (!Request::ajax()) { App::redirect('/'); } $token = Request::input('token', true); $relate_type = Request::input('type'); $relate_id = Request::input('id'); if (User::check() && $token == $_SESSION['token']) { $spam = Spam::first(['conditions' => ['relate_type = ? AND relate_id = ?', $relate_type, $relate_id]]); if ($spam) { exit(json_encode(['status' => 'exists'])); } $spam = new Spam(); $spam->relate_type = $relate_type; $spam->relate_id = $relate_id; $spam->user_id = User::get('id'); if ($spam->save()) { exit(json_encode(['status' => 'added'])); } } exit(json_encode(['status' => 'error'])); }
<?php if (\User::check()) { $user = \User::getUser(); } ?> @extends('front.app') @section('title') Company Register | Programme Chameleon @stop @section('content') <div id="wrapper"> @include('front.include.header') <div class="common-page-wrapper"> <div class="container"> <h1 class="page-title lighten"> Company Register </h1> <div class="row"> <div class="col-md-5"> <div id="register-form-wrapper" class="element-bottom-30"> <form role="form" id="register-form" onsubmit="return false;" data-parsley-validate data-route="{{ route('company.postRegister') }}"> <div class="form-group"> <label>Company Name</label> <input class="form-control" name="company_name" placeholder="Company Name" required="required" type="text"> </div> <div class="form-group"> <label>Company Position</label>
} $user = new User(); $groupuser = new Group_User(); //print_r($_POST);exit(); if (empty($_GET["id"]) && isset($_GET["name"])) { $user->getFromDBbyName($_GET["name"]); glpi_header($CFG_GLPI["root_doc"] . "/front/user.form.php?id=" . $user->fields['id']); } if (empty($_GET["name"])) { $_GET["name"] = ""; } if (isset($_REQUEST['getvcard'])) { if (empty($_GET["id"])) { glpi_header($CFG_GLPI["root_doc"] . "/front/user.php"); } $user->check($_GET['id'], 'r'); $user->generateVcard($_GET["id"]); } else { if (isset($_POST["add"])) { $user->check(-1, 'w', $_POST); // Pas de nom pas d'ajout if (!empty($_POST["name"]) && ($newID = $user->add($_POST))) { Event::log($newID, "users", 4, "setup", $_SESSION["glpiname"] . " " . $LANG['log'][20] . " " . $_POST["name"] . "."); } glpi_header($_SERVER['HTTP_REFERER']); } else { if (isset($_POST["delete"])) { $user->check($_POST['id'], 'w'); $user->delete($_POST); Event::log(0, "users", 4, "setup", $_SESSION["glpiname"] . " " . $LANG['log'][22] . " " . $_POST["id"] . "."); $user->redirectToList();
if (is_object($user)) { $user->logout(); } redirect(); } // if user is already logged in, // to index since we didn't provide such a link if ($has_login) { redirect(); // to index } $username = _post('username'); $password = _post('password'); $msg = ''; if ($by_post) { if (User::check($username, $password)) { $user = User::getByName($username); $user->login(); $type = strtolower($user->type); ${$type} = $user->instance(); $back_url = _get('back_url') ?: DEFAULT_LOGIN_REDIRECT_URL; switch ($user->type) { case 'SuperAdmin': $back_url = 'user'; break; case 'Admin': case 'Customer': break; default: throw new Exception("unkonwn user type: {$user}->{$type}"); break;
*\note the typecard can be * - cred card for the debit only if j is set * - deb card for the debit only if j is set * - filter card for debit and credit only if j OR type is set * - list of fd_id * */ $jrn = !isset($_REQUEST['j']) ? -1 : $_REQUEST['j']; $filter_card = ""; $cn = new Database(dossier::id()); $d = $_REQUEST['e']; $filter_card = ''; require_once 'class_user.php'; global $g_user; $g_user = new User($cn); $g_user->check(); $g_user->check_dossier(dossier::id()); set_language(); if ($d == 'all') { $filter_card = ''; } else { if (strpos($d, 'sql]') == true) { $filter_card = str_replace('[sql]', " and ", $d); } else { $filter_card = "and fd_id in ({$d})"; } } if ($jrn != -1) { switch ($d) { case 'cred': $filter_jrn = $cn->make_list("select jrn_def_fiche_cred from jrn_def where jrn_def_id=\$1", array($jrn));
public function __construct() { if (User::check() && User::get('level') == 'banned' && Request::path() != 'logout') { App::abort('default', 'Вы забанены'); } }
/** * Добавление в закладки */ public function bookmark() { if (!Request::ajax()) { App::redirect('/'); } $token = Request::input('token', true); $topic_id = Request::input('id'); if (User::check() && $token == $_SESSION['token']) { /* Проверка темы на существование */ if ($topic = Topic::find_by_id($topic_id)) { /* Добавление темы в закладки */ if ($bookmark = Bookmark::find_by_topic_id_and_user_id($topic_id, User::get('id'))) { if ($bookmark->delete()) { exit(json_encode(['status' => 'deleted'])); } } else { $bookmark = new Bookmark(); $bookmark->topic_id = $topic->id; $bookmark->user_id = User::get('id'); $bookmark->posts = $topic->postCount(); if ($bookmark->save()) { exit(json_encode(['status' => 'added'])); } } } } exit(json_encode(['status' => 'error'])); }
$douban_id = str_replace("http://api.douban.com/people/", "", $doubanInfo->id); $uid = check_user("douban", $douban_id); //echo $douban_id; //echo $uid ; if (!$uid) { exit; } $user = new User($uid); switch ($_GET['app']) { case "myinfo": $out = json_encode($arr); echo $out; break; case "check": $word = $_POST['word']; echo $user->check($word); break; case "addword": $word = $_POST['word']; $is_new = $_POST['is_new']; $result = $user->add_word($word, $is_new); //$user->add_wordtodic("kiss"); echo $result; break; case "list": $max = $_POST['max']; $page = $_POST['page']; $user->list_newwords($max, $page); break; } exit;
private static function outputOption($name, $value, $default, $forceSelect = false) { if ($name == User::$GENDER && !$forceSelect) { echo '<label for="' . $name . $value . '">' . $value . '</label>'; echo '<input type="radio" name="' . $name . '" value="' . $value . '" id="' . $name . $value . '" '; User::check($default, $value); echo ' />'; } else { User::outputCustomOption($value, $value, $default); } }
public function checkPhone() { $request = $this->getHeaderBody(); $yzmkey = 'YZM_' . MD5($request->phoneid . $request->phone); //验证手机 模拟通过 $userModel = new User(); if ($userModel->check($request)) { sendMsg('PHONE USED', 1); } if ($this->mCache->get($yzmkey) != $request->code) { sendMsg('CHECK ERROR', 1); } //清理key $this->mCache->delete($yzmkey); $mkey = MD5($request->phoneid . $request->phone . time()); $this->mCache->save($mkey, ['phoneid' => $request->phoneid, 'phone' => $request->phone]); sendMsg(['key' => $mkey]); }
/** * Скрытие текста от неавторизованных пользователей * @param callable $match массив элементов * @return string скрытый код */ public function hiddenText($match) { if (empty($match[1])) { $match[1] = 'Текст отсутствует'; } return '<div class="hiding"> <span class="strong">Скрытый контент:</span> ' . (User::check() ? $match[1] : 'Для просмотра необходимо авторизоваться!') . '</div>'; }
$db->connect(); $user = new User(); $mo_settings = array(); $mo_request = ''; $mo_plugin = array(); $mo_theme = ''; $mo_theme_floder = ''; $mo_theme_file = ''; mo_load_settings(); $mo_request = mo_analyze(); getPT(); if (count($mo_plugin)) { foreach ($mo_plugin as $plugin) { require_once $plugin; } } if ($mo_theme_file) { require_once $mo_theme_file; } do_action('loadPT'); // Check if logged in or trying to if ($user->autoLogin()) { $user->loadAll($_SESSION['uid']); $user->check(); } do_action('loadBasic'); if (defined('OUTPUT') && OUTPUT == True && $mo_theme_file) { call_user_func($mo_theme); } do_action('loadDone'); mo_write_note('The page has been processed successfully.');
$_GET["id"] = ""; } $user = new User(); $groupuser = new Group_User(); if (empty($_GET["id"]) && isset($_GET["name"])) { $user->getFromDBbyName($_GET["name"]); Html::redirect($CFG_GLPI["root_doc"] . "/front/user.form.php?id=" . $user->fields['id']); } if (empty($_GET["name"])) { $_GET["name"] = ""; } if (isset($_GET['getvcard'])) { if (empty($_GET["id"])) { Html::redirect($CFG_GLPI["root_doc"] . "/front/user.php"); } $user->check($_GET['id'], READ); $user->generateVcard(); } else { if (isset($_POST["add"])) { $user->check(-1, CREATE, $_POST); // Pas de nom pas d'ajout if (!empty($_POST["name"]) && ($newID = $user->add($_POST))) { Event::log($newID, "users", 4, "setup", sprintf(__('%1$s adds the item %2$s'), $_SESSION["glpiname"], $_POST["name"])); if ($_SESSION['glpibackcreated']) { Html::redirect($user->getFormURL() . "?id=" . $newID); } } Html::back(); } else { if (isset($_POST["delete"])) { $user->check($_POST['id'], DELETE);
* - i id * for delete * - gDossier * - i id */ define('ALLOWED', 1); require_once '../include/constant.php'; require_once NOALYSS_INCLUDE . '/class_dossier.php'; require_once NOALYSS_INCLUDE . '/class_todo_list.php'; require_once NOALYSS_INCLUDE . '/class_database.php'; require_once NOALYSS_INCLUDE . '/class_user.php'; mb_internal_encoding("UTF-8"); $cn = Dossier::connect(); global $g_user; $g_user = new User($cn); $g_user->check(true); $g_user->check_dossier(Dossier::id(), true); set_language(); ajax_disconnected('add_todo_list'); //////////////////////////////////////////////////////////////////////////////// // Display the note //////////////////////////////////////////////////////////////////////////////// if (isset($_REQUEST['show'])) { $cn = new Database(dossier::id()); $todo = new Todo_list($cn); $todo->set_parameter('id', $_REQUEST['id']); $todo->load(); $content = $todo->display(); header('Content-type: text/xml; charset=UTF-8'); $dom = new DOMDocument('1.0', 'UTF-8'); $tl_id = $dom->createElement('tl_id', $todo->get_parameter('id'));
/** * Загрузка фото в профиль */ public function image() { if (!Request::ajax() || !User::check()) { App::redirect('/'); } // Удаление и размер $image = Request::file('image'); if ($image->isValid()) { $ext = $image->getClientOriginalExtension(); if (in_array($ext, ['jpeg', 'jpg', 'png', 'gif'])) { $filename = uniqid(mt_rand()) . '.' . $ext; $user = User::get(); $user->deleteImages(); $img = new SimpleImage($image->getPathName()); $img->best_fit(1280, 1280)->save('uploads/users/photos/' . $filename); $img->best_fit(200, 200)->save('uploads/users/thumbs/' . $filename); $img->thumbnail(48, 48)->save('uploads/users/avatars/' . $filename); $user->avatar = $filename; if ($user->save()) { exit(json_encode(['status' => 'uploaded'])); } else { exit(json_encode(['status' => 'nosave'])); } } else { exit(json_encode(['status' => 'invalid'])); } } }
// clear db entries that was insert by test include 'clear_db.php'; $all_pass = true; begin_test(); test(1, 1, 'test for 1 === 1'); begin_test(); $username = '******'; $password = '******'; $realname = '小池'; $phone = '13711231212'; $email = '*****@*****.**'; $info = compact('username', 'password', 'realname', 'phone', 'email'); $customer = Customer::create($info); test(1, 1, array('name' => 'register Customer, db')); begin_test(); test(User::check($username, $password), true, array('name' => 'User::check($username, $password)')); begin_test(); $username = '******'; $password = '******'; $user = User::getByName('root'); $superadmin = $user->instance(); $admin = $superadmin->createAdmin(compact('username', 'password')); $ideal_arr = array('name' => $username, 'password' => md5($password), 'type' => 'Admin'); $id = Pdb::lastInsertId(); $real_arr = Pdb::fetchRow('name, password, type', User::$table, array('id=?' => $id)); test($real_arr, $ideal_arr, array('name' => 'Super Admin create Admin, db')); begin_test(); $prd_types = Product::types(); $info = array('name' => '唯爱心形群镶女戒_test', 'type' => reset(array_keys($prd_types)), 'material' => json_encode(array('PT950', '白18K金', '黄18K金', '红18K金')), 'rabbet_start' => '0.30', 'rabbet_end' => '0.60', 'weight' => 9, 'small_stone' => 3, 'st_weight' => 2.1, 'images' => array('400' => array('/test/static/img/i400-1.jpg', '/test/static/img/i400-2.jpg', '/test/static/img/i400-3.jpg'), 'thumb' => array('/test/static/img/i80-1.jpg', '/test/static/img/i80-2.jpg', '/test/static/img/i80-3.jpg'))); $product = Product::create($info); test(1, 1, array('name' => 'Admin post Product, db'));