function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Add Date Criteria', 'content' => 'content/reportFormDate.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $library = $user['library_short_name']; $libraryID = $user['library_id']; $result['library_id'] = $libraryID; $result['library'] = $library; $result['user'] = $user; $report_id = grwd('report_id'); $result['report_id'] = $report_id; // get all the info on the reports $reportFinder = new ReportFinder($db); $reportCount = $reportFinder->getReportCount(); $result['reportCount'] = $reportCount; // get the information for the chosen report by requiring Reports.php and all the reports $report_class_handle = new Report(); $report_class_get = $report_class_handle->get(); // declare the report class by using it's ID $report_info = new $report_id(); $result['reportList'] = $report_info->info(); $libraryFinder = new LibraryFinder($db); $result['libraryList'] = $libraryFinder->getAllLibraries(); $locationFinder = new LocationFinder($db); $result['locationList'] = $locationFinder->getAllLocations(); return $result; }
public function userLogin() { $Request = new Request(); if ($_SESSION['BadLogin'] >= 5 && BADLOGIN_ACTIVATED) { $this->showLogin("Maximale Logins verbraucht bitte Probieren Sie es In einer stunde wieder"); return false; } $UserFinder = new UserFinder(); /* TODO: Salt für neuen Benutzeranmeldung !!! */ $User = $UserFinder->findByNameAndPass($Request->getAsString("tb_Name"), md5($Request->getAsString("tb_Pass"))); if ($User->getId() == 0) { $this->showLogin(); if (!$_SESSION['BadLogin']) { $_SESSION['BadLogin'] = 1; } else { $_SESSION['BadLogin']++; } return false; } $_SESSION['UserId'] = $User->getId(); $_SESSION['UserName'] = $Request->getAsString("tb_Name"); $_SESSION['UserPass'] = md5($Request->getAsString("tb_Pass")); if ($User->getLooked()) { // der User ist gesperrt und darf sich nicht einloggen $TempLate = Template::getInstance("tpl_Login.php"); $TempLate->renderError("Fehler", ":T_LOGIN_ERROR1:", "index.php"); return false; } Controler_Main::getInstance()->setUser($User); Controler_Main::getInstance()->addPermanentOutPut(); $UserManager = new UserManager(); $UserManager->updateLoginTime($User->getId()); $HomeControler = new Controler_Home(); $HomeControler->showHomescreen(); }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Library Admin ', 'content' => 'content/admin/libraryAdmin.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $uf = new UserFinder($db); $user = $uf->findById($_SESSION['userId']); $result['user'] = $user; $lf = new LibraryFinder($db); $libraryList = $lf->getAllLibraries(); $result['libraryList'] = $libraryList; if (isset($_POST['library_id'])) { $libraryID = $_POST['library_id']; $library = $lf->getLibraryName($libraryID); } else { $library = $user['library_short_name']; $libraryID = $user['library_id']; } $result['library_id'] = $libraryID; $result['library'] = $library; $locationFinder = new LocationFinder($db); $result['locationList'] = $locationFinder->findByLibraryID($libraryID); $result['distinctLocationList'] = $locationFinder->getDistinctLocations(); $af = new AdminFinder($db); $adminTableList = $af->getAdminTables(); $result['adminTables'] = $adminTableList; return $result; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Advanced Search', 'content' => 'content/advancedSearchForm.php'); // don't lose the db! $db = $_REQUEST['db']; //var_dump($_REQUEST); // where are we? $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $library = $user['library_short_name']; $libraryId = $user['library_id']; $result['library_id'] = $libraryId; $result['library'] = $library; $result['user'] = $user; // The library that got searched for last time, probably... $selLibId = grwd('search_library_id', $libraryId); $result['search_library_id'] = $selLibId; $libraryFinder = new LibraryFinder($db); $libraryList = $libraryFinder->getAllLibraries(); array_unshift($libraryList, array('library_id' => $libraryId, 'short_name' => $user['library_short_name'], 'full_name' => $user['library_full_name']), array('library_id' => '0', 'short_name' => 'All Libraries', 'full_name' => 'All Libraries'), array('library_id' => '', 'short_name' => '----------------------------', 'full_name' => '----------------------------')); $result['libraryList'] = $libraryList; $locationFinder = new LocationFinder($db); $result['locationList'] = $locationFinder->getAllLocations(); return $result; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Library Admin', 'content' => 'content/admin/libraryEditForm.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $uf = new UserFinder($db); $user = $uf->findById($_SESSION['userId']); $result['user'] = $user; $af = new AdminFinder($db); $adminTableList = $af->getAdminTables(); $result['adminTables'] = $adminTableList; $lf = new LibraryFinder($db); $table = 'libraries'; $result['everything'] = $lf->getAllLibraries(); if (isset($_POST['library_id'])) { $libraryID = $_POST['library_id']; $library = $lf->getLibraryName($libraryID); } else { $library = $user['library_short_name']; $libraryID = $user['library_id']; } $af = new AdminFinder($db); $parent_table_data = $af->getAdminTableRow($table); $result['parent_table_data'] = $parent_table_data; return $result; }
public function getFileList() { $Request = new Request(); $UserName = $Request->getAsString("User"); $UserPass = $Request->getAsString("Pass"); $UserFinder = new UserFinder(); $User = $UserFinder->findByNameAndPass($UserName, $UserPass); if ($User->getId() == 0) { return false; } //echo $User->getFolder(); $this->listDir("./" . $User->getFolder()); return true; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Reports', 'content' => 'content/reportForm.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $result['user'] = $user; $reportFinder = new ReportFinder($db); $reportCount = $reportFinder->getReportCount($db); $result['reportCount'] = $reportCount; return $result; }
function isAdmin() { //Check for Admin if (AUTO_ADMIN_LOGON) { return true; } $userId = $_SESSION['userId'] + 0; $admin = false; $uf = new UserFinder($_REQUEST['db']); $result = $uf->findByID($userId); if ($result['admin'] == 1) { $admin = true; } return $admin; }
/** * Looks up user supplied email address / alias and sends a mail * * @param $email email address or username */ function sendMail($in) { $in = trim($in); if (is_email($in)) { $user_id = UserFinder::byEmail($in); } else { $user_id = UserFinder::byUsername($in); } $error = ErrorHandler::getInstance(); if (!$user_id) { $error->add('Invalid email address or username'); return false; } $email = UserSetting::getEmail($user_id); if (!$email) { throw new \Exception('entered email not found'); } $code = Token::generate($user_id, 'activation_code'); $pattern = array('/@USERNAME@/', '/@IP@/', '/@URL@/', '/@EXPIRETIME@/'); $user = User::get($user_id); $page = XmlDocumentHandler::getInstance(); $url = $page->getUrl() . 'u/reset_pwd/' . $code; $replacement = array($user->getName(), client_ip(), $url, shortTimePeriod($this->expire_time_email)); $msg = preg_replace($pattern, $replacement, $this->password_msg); //d($msg); $mail = SendMail::getInstance(); $mail->addRecipient($email); $mail->setSubject('Forgot password'); $mail->send($msg); return true; }
function perform() { $db = $_REQUEST['db']; $uf = new UserFinder($db); $cookieVal = isset($_COOKIE['login']) ? $_COOKIE['login'] : ''; $uf->clearCookieCredentials($cookieVal); setcookie('login', '', mktime(0, 0, 0, 0, 0, 2038)); // Destroy the loggedIn and userId session varialbes $_SESSION['loggedIn'] = false; unset($_SESSION['loggedIn']); unset($_SESSION['userId']); // and kill the whole session session_destroy(); $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Logged Out', 'content' => 'content/loggedOut.php'); $result['username'] = ''; return $result; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Option Admin ', 'content' => 'content/admin/optionAdminForm.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $uf = new UserFinder($db); $user = $uf->findById($_SESSION['userId']); $result['user'] = $user; $af = new AdminFinder($db); $adminTableList = $af->getAdminTables(); $result['adminTables'] = $adminTableList; if (isset($_GET['table'])) { $table = $_GET['table']; } //echo($table); $result['everything'] = $af->getTableFields($table); //var_dump($result['everything']); $lf = new LibraryFinder($db); $libraryList = $lf->getAllLibraries(); $result['libraryList'] = $libraryList; if (isset($_GET['library_id'])) { $libraryID = $_GET['library_id']; $library = $lf->getLibraryName($libraryID); } else { $library = $user['library_short_name']; $libraryID = $user['library_id']; } if (isset($table)) { $parent_table = $table; } else { $parent_table = 'locations'; } $af = new AdminFinder($db); $parent_table_data = $af->getAdminTableRow($parent_table); $result['library_id'] = $libraryID; $result['library'] = $library; $parentFinder = new $parent_table_data['parent_finder']($db); $result['bridgeTableList'] = $parentFinder->findByLibraryID($libraryID); $result['parentTableList'] = $parentFinder->getDistinctList(); $result['parent_table_data'] = $parent_table_data; return $result; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => 'Help? ', 'content' => 'content/admin/help.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $result['user'] = $user; $library_id_post = $user['library_id']; $help_id = $_REQUEST['advice']; $result['help_id'] = $help_id; //$help_id = 1; $helpFinder = new HelpFinder($db); $result['helpList'] = $helpFinder->getHelpDesc($help_id); $table = $result['helpList']['related_table']; //$result['pageTitle'] .= $result['helpList']['help_name']; $library_id = array('database_field' => 'library_id', 'relation' => '=', 'value' => $library_id_post, 'type' => 'INT'); $criteria = array('library_id' => $library_id); $sql = " FROM " . $table . " WHERE "; $i = 0; $param = array(); foreach ($criteria as $value) { if ($value["value"] == 0 and $value["type"] == 'INT') { continue; } if ($i != 0) { $sql .= 'AND' . ' ' . $value["database_field"] . ' ' . $value["relation"] . ' ? '; $param[$i] = $value["value"]; } else { $sql .= $value["database_field"] . ' ' . $value["relation"] . ' ? '; $param[$i] = $value["value"]; } $i++; } $sql .= " ORDER BY list_order"; $result['optionList'] = $helpFinder->getFieldOptions($sql, $param); $result['descPatron'] = $helpFinder->getPatronOptions($library_id_post); $result['descQuestionType'] = $helpFinder->getQuestionTypeOptions($library_id_post); $result['descLocation'] = $helpFinder->getLocationOptions($library_id_post); return $result; }
/** * prepare information to save in database * @result = array containing information to insert/update in the table * */ function perform() { // Don't set up default destination here. We're going to use the // userAdminFormAction to display the result page. // don't lose the db! $db = $_REQUEST['db']; // where are we? $uf = new UserFinder($db); $user = $uf->findById($_SESSION['userId']); $result['user'] = $user; $editUser = $this->parseUserFromForm(); $saveResult = $uf->saveUser($editUser['user_id'], $editUser['username'], md5($editUser['password']), $editUser['library_id'], $editUser['admin']); $_REQUEST['selUserId'] = $editUser['user_id']; $_REQUEST['saveResult'] = $saveResult; $act = new UserAdminFormAction(); $result = $act->perform(); $result['saveResult'] = $saveResult; return $result; }
function perform() { $userFact = new UserFinder($_REQUEST['db']); $username = gpwd('username'); $password = gpwd('password'); $userId = $userFact->authenticate($username, md5($password)); if (!($userId === null)) { $_SESSION['loggedIn'] = true; $_SESSION['userId'] = $userId; // Set a cookie as well... $cookieVal = $this->createCookieValue(); setcookie('login', $cookieVal, mktime(0, 0, 0, 0, 0, 2038)); $userFact->setCookieCredentials($cookieVal, $userId); header("Location: {$_SESSION['destination']}"); exit; } else { $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Please Log In', 'header' => 'headers/header.php', 'content' => 'content/loginForm.php'); $result['username'] = $username; return $result; } }
function perform() { $layout = grwd('layout', 'menus'); $optionFunctions = array('pulldown' => 'getSelectPulldown', 'radio' => 'getRadioList', 'menus' => 'getSelectBox'); $optionFunction = $optionFunctions[$layout]; // Ensure we have the variable questionId $questionId = grwd('questionId', -1) + 0; $db = $_REQUEST['db']; $tsf = new TimeSpentFinder($db); $ptf = new PatronTypeFinder($db); $qff = new QuestionFormatFinder($db); $qtf = new QuestionTypeFinder($db); $if = new InitialsFinder($db); $lf = new LocationFinder($db); $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); if ($questionId != -1) { // to the edit form! $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Edit Question', 'content' => 'content/questionEditForm.php'); $result['optionFunction'] = $optionFunction; $libId = $user['library_id']; $result['timeSpentOpts'] = $tsf->findByLibrary($libId); $result['patronTypeOpts'] = $ptf->findByLibrary($libId); $result['questionTypeOpts'] = $qtf->findByLibrary($libId); $result['questionFormatOpts'] = $qff->findByLibrary($libId); $result['locationOpts'] = $lf->findByLibrary($libId); $result['locationId'] = $lf->getLastLocationId($_SERVER['REMOTE_ADDR'], $libId); $result['user'] = $user; $questionFinder = new QuestionFinder($db); $result['question'] = $questionFinder->getQuestion($questionId); $result['answer'] = $questionFinder->getQuestion($questionId); $result['delete_hide'] = gpwd('delete_hide'); $result['origin'] = grwd('origin', 'questionAddForm.do'); } else { echo "QuestionID {$questionId} not found"; // Send somewere else } return $result; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : User Admin', 'content' => 'content/admin/userAdminForm.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $uf = new UserFinder($db); $user = $uf->findById($_SESSION['userId']); $result['user'] = $user; // Find the list of users, and flag one as selected // If one isn't found, use "new" as the requester id $userList = $uf->findUsers(); $result['userList'] = $userList; $result['selId'] = grwd('selUserId', -1); $result['selUser'] = $uf->findById($result['selId']); if (!is_numeric($result['selId'])) { $result['selUser']['user_id'] = 'new'; } // Find libraries, and which library is selected $lf = new LibraryFinder($db); $result['libraryList'] = $lf->getAllLibraries(); return $result; }
// marking item approved is all that's needed case MODERATE_UPLOAD: case MODERATE_USER: case MODERATE_PHOTO: break; default: throw new \Exception('Unhandled ModerationObject type ' . $o->type); } redir('a/moderation'); } echo '<h1>Moderate object # ' . $this->child . '</h1>'; switch ($o->type) { case MODERATE_CHANGE_USERNAME: $u = User::get($o->owner); echo '<h2>' . $u->name . ' wants to change username to ' . $o->data . '</h2>'; if (UserFinder::byUsername($o->data)) { echo 'Username is taken!<br/>'; } else { echo '» ' . ahref('?approve', 'Approve') . '<br/>'; } echo '<br/>'; echo '» ' . ahref('?deny', 'Deny') . '<br/>'; break; case MODERATE_UPLOAD: echo '<h2>Moderate file with reference ' . $o->reference . '</h2>'; if ($o->owner) { $u = User::get($o->owner); echo 'Uploaded by ' . $u->name; } $view = new ViewModel('views/user/file_details.php'); $view->registerVar('owner', $o->data);
<?php require_once '../common.php'; $name = $_POST['username']; $uf = new UserFinder($pdo); $user = $uf->findOrCreate($name); $regs = $user->getRegistrations(); $req_data = $u2f->getRegisterData($regs); list($request, $sigs) = $req_data; $out = ['request' => $request, 'signatures' => $sigs]; echo json_encode($out);
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Search Results', 'content' => 'content/questionSearchResults.php'); // The number of questions and page offset we want $count = grwd('count', 50); $page = grwd('page', 1); $result['count'] = $count; $result['page'] = $page; // don't lose the db! $db = $_REQUEST['db']; $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $result['user'] = $user; // Generate a base URL for this search -- can't have page or count data // cos we're going to build pagination links from this $criteriaArray = $_GET; unset($criteriaArray['page']); unset($criteriaArray['count']); $advancedSearchString = implode_assoc('=', '&', $criteriaArray, true, true); $result['criteria_array'] =& $criteriaArray; $baseUrl = 'advancedSearch.do?' . $advancedSearchString; $result['advanced_search_string'] = $advancedSearchString; // gather request data $date1 = grwd('date1'); $date2 = grwd('date2'); $library_id_post = grwd('library_id') + 0; $location_id_post = grwd('location_id') + 0; $initials = grwd('initials'); $searchString = grwd('searchString'); $result['searchWords'] = $searchString; $questionFinder = new QuestionFinder($db); $startDate = array('database_field' => 'questions.question_date', 'relation' => '>=', 'value' => $date1, 'type' => 'DATE'); $endDate = array('database_field' => 'questions.question_date', 'relation' => '<=', 'value' => $date2, 'type' => 'DATE'); $library_id = array('database_field' => 'questions.library_id', 'relation' => '=', 'value' => $library_id_post, 'type' => 'INT'); $location_id = array('database_field' => 'questions.location_id', 'relation' => '=', 'value' => $location_id_post, 'type' => 'INT'); $initials = array('database_field' => 'questions.initials', 'relation' => 'LIKE', 'value' => $initials, 'type' => 'TEXT'); $searchCriteria = array('database_field' => array('question', 'answer'), 'relation' => 'fulltext', 'value' => $searchString, 'type' => 'FULLTEXT'); // pull together all of the search criteria $criteria = array('start_date' => $startDate, 'end_date' => $endDate, 'library_id' => $library_id, 'location_id' => $location_id, 'initials' => $initials, 'search_criteria' => $searchCriteria); $sql = ""; $param = array(); foreach ($criteria as $value) { if (!$value["value"]) { continue; } if (count($param) != 0) { $sql .= ' AND '; } if ($value["type"] == "FULLTEXT") { // Track if this is the first fulltext in group $orNeeded = false; $sql .= ' ( '; foreach ($value["database_field"] as $field) { if ($orNeeded) { $sql .= " OR "; } $sql .= 'MATCH(' . $field . ") AGAINST(? IN BOOLEAN MODE)"; $param[] = mySqlFulltextString($value["value"]); $orNeeded = true; } $sql .= ' ) '; } else { if ($value['type'] == "DATE") { // Make dates sane; the only part of this that's special $sDate = makeDateSane($value['value']); $sDate = date('Y-m-d', strtotime($sDate)); $sql .= $value["database_field"] . ' ' . $value["relation"] . ' ? '; $param[] = $sDate; } else { $sql .= $value["database_field"] . ' ' . $value["relation"] . ' ? '; $param[] = $value["value"]; } } } $questionFinder = new QuestionFinder($db); $qList =& $questionFinder->getPagedList($count, $page, $sql, $param); $result['questionList'] =& $qList['list']; $result['list_meta'] = $qList['meta']; $libraryFinder = new LibraryFinder($db); $searchLibName = $libraryFinder->getLibraryName($library_id_post); if ($library_id_post == 0) { $searchLibName = "All Libraries"; } if (isset($location_id_post)) { $locationFinder = new LocationFinder($db); $searchLocName = $locationFinder->getLocation($location_id_post); } $result['origin'] = $baseUrl . "&page={$page}&count={$count}"; $result['base_url'] = $baseUrl; $result['date1'] = $date1; $result['date2'] = $date2; $result['library_id'] = $library_id; $result['library_name'] = $searchLibName; $result['search_library_id'] = $library_id_post; $result['location_id'] = $location_id; $result['location_name'] = $searchLocName; $result['criteria'] = $criteria; // $result['sql'] = $sql; return $result; }
function perform() { // set display requirements $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Finished Report', 'content' => 'content/reportReturn.php'); // don't lose the db! $db = $_REQUEST['db']; // where are we? $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $result['user'] = $user; // gather posted data $date1 = trim(grwd('date1')); $date2 = trim(grwd('date2')); if ($date1 == '') { $date1 = '1/1/1990'; } if ($date2 == '') { $date2 = 'now'; } $report_id = grwd('report_id'); $library_id_post = grwd('library_id') + 0; $location_id_post = grwd('location_id') + 0; // function to sanity check dates $date1 = makeDateSane($date1); $date1 = date('Y-m-d G:i:s', strtotime($date1)); $date2 = makeDateSane($date2); $date2 = date('Y-m-d G:i:s', strtotime($date2)); $startDate = array('database_field' => 'questions.question_date', 'relation' => '>=', 'value' => $date1, 'type' => 'DATE'); $endDate = array('database_field' => 'questions.question_date', 'relation' => '<=', 'value' => $date2, 'type' => 'DATE'); $library_id = array('database_field' => 'questions.library_id', 'relation' => '=', 'value' => $library_id_post, 'type' => 'INT'); $location_id = array('database_field' => 'questions.location_id', 'relation' => '=', 'value' => $location_id_post, 'type' => 'INT'); // pull together all of the search criteria $criteria = array('start_date' => $startDate, 'end_date' => $endDate, 'library_id' => $library_id, 'location_id' => $location_id); $sql = " WHERE questions.delete_hide = 0 "; $i = 0; $param = array(); foreach ($criteria as $value) { if (!$value["value"]) { continue; } $sql .= 'AND' . ' ' . $value["database_field"] . ' ' . $value["relation"] . ' ? '; $param[$i] = $value["value"]; $i++; } // get the relevant data from the Report class $reportFinder = new ReportFinder($db); $reportCount = $reportFinder->getReportCount(); $reportQuestionCount = $reportFinder->getReportQuestionCount($sql, $param); // call the specific class of the report $report_class_handle = new Report(); $report_class_get = $report_class_handle->get(); $report_info = new $report_id(); // declare the report class by using it's ID $result['reportList'] = $report_info->info(); // start preparing the report for processing $reportPerform = new $_REQUEST["report_id"]($db); $reportResults = $reportPerform->perform($sql, $param); $libraryFinder = new LibraryFinder($db); $reportLibName = $libraryFinder->getLibraryName($library_id_post); if (isset($location_id_post)) { $locationFinder = new LocationFinder($db); $reportLocName = $locationFinder->getLocation($location_id_post); } // prepare $results // since a CSV report is handled differently with the headers, configure the report here if ($report_id == "DataCSVReport" || isset($_REQUEST["csv_export"])) { $result['renderer'] = 'template_csv.inc'; $result['content'] = 'content/outputCSV.php'; } $result['report_id'] = $report_id; $result['date1'] = $date1; $result['date2'] = $date2; $result['library_id'] = $library_id; $result['library_id_post'] = $library_id_post; $result['library_name'] = $reportLibName; $result['location_id'] = $location_id; $result['location_id_post'] = $location_id_post; $result['location_name'] = $reportLocName; $result['reportCount'] = $reportCount; $result['reportQuestionCount'] = $reportQuestionCount; $result['reportResults'] = $reportResults; $result['criteria'] = $criteria; $result['sql'] = $sql; return $result; }
function perform() { // Get the resources we need to do this update $db = $_REQUEST['db']; $userFinder = new UserFinder($db); $user = $userFinder->findById($_SESSION['userId']); $questionFinder = new QuestionFinder($db); // Grok all the relevant data from the form $qHash = array(); $qHash['library_id'] = $user['library_id']; $qHash['location_id'] = gpwd('location', null); $qHash['question_type_id'] = gpwd('questionType', null); $qHash['question_type_other'] = gpwd('questionTypeOther'); $qHash['time_spent_id'] = gpwd('timeSpent', null); $qHash['patron_type_id'] = gpwd('patronType', null); $qHash['question_format_id'] = gpwd('questionFormat', null); $qHash['initials'] = gpwd('initials'); $qHash['client_ip'] = getRemoteIp(); $qHash['user_id'] = $_SESSION['userId']; $qHash['question'] = gpwd('question'); $qHash['answer'] = gpwd('answer'); $qHash['question'] = trim($qHash['question']); $qHash['answer'] = trim($qHash['answer']); $qHash['hide'] = 0; if ($qHash['question'] == '' && $qHash['answer'] == '') { $qHash['hide'] = 1; } // Do the date $qHash['question_date'] = trim(gpwd('mydate', 'now')); if ($qHash['question_date'] == '') { $qHash['question_date'] = 'now'; } $stamp = strtotime($qHash['question_date']); if ($stamp != -1) { $qHash['question_date'] = date('Y-m-d H:i:s', $stamp); } else { $qHash['question_date'] = null; } $qHash['date_added'] = date('Y-m-d H:i:s'); // Clean up qHash; make numbers really numeric. The dirty little // trick: add 0 to non-null values names .*_id foreach ($qHash as $key => $val) { if (strpos($key, '_id')) { if ($val != null) { $qHash[$key] = $val + 0; } } } $target = "questionAddForm.do"; $res = $questionFinder->addQuestion($qHash); if (!DB::isError($res)) { // Use a Location: header to fly back; we don't want to // be able to double-enter by mistake.... I think. $url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}"; $url = substr($url, 0, -strrchr($url, '/')) . $target; header("Location: {$url}"); exit; } else { // A page error occurred! $_REQUEST['dbResult'] = $res; $act = new PageErrorAction(); return $act->perform(); } }
<?php require_once '../common.php'; $name = $_POST['username']; $uf = new UserFinder($pdo); $user = $uf->find($name); if (!$user) { throw new Exception('User not found'); } $request = json_decode($_POST['request_str']); $signature = json_decode($_POST['signature_str']); $user->authenticateSignature($u2f, $request, $signature); echo json_encode('Authentication successful!');
public function checkUser() { // $ReQuest = new Request(); $UserFinder = new UserFinder(); $User = $UserFinder->findByNameAndPass($ReQuest->getAsString("UserName"), $ReQuest->getAsString("UserPass")); if ($User->getId()) { echo "true"; return true; } echo "false"; return false; }
/** * * updateUserName * * @param String $ErrorString * @param String $StatusString */ public function updateUserName($ErrorString = "", $StatusString = "") { if (Controler_Main::getInstance()->getUserLevel() < BACKEND_USERLEVEL) { $ControlerStart = new Controler_Start(); $ControlerStart->start(); return false; } $Request = new Request(); $Controler_Main = Controler_Main::getInstance(); $ErrorString = ""; $ID = $Request->getAsString("EditUserID"); if (strlen($Request->getAsString("tb_Name")) < 3) { $ErrorString .= ":T_REGISTER_ERROR1: <br />"; } $UserFinder = new UserFinder(); if (strlen($Request->getAsString("tb_Name"))) { $User = $UserFinder->findByName($Request->getAsString("tb_Name")); if ($User->getId() != 0) { $ErrorString .= ":T_REGISTER_ERROR7: <br />"; } } if (strlen($ErrorString) != 0) { $this->showUserManagement($ErrorString); return false; } $UserManager = new UserManager(); $UserManager->updateUserNameByID($ID, $Request->getAsString("tb_Name")); $this->showEditUser("", ":T_USER_UPDATED_NAME_STATUS:"); }
public function userLogin() { $Request = new Request(); if ($_SESSION['BadLogin'] == 5) { $this->showLogin(); return false; } $UserFinder = new UserFinder(); $User = $UserFinder->findByNameAndPass($Request->getAsString("tb_Name"), md5($Request->getAsString("tb_Pass"))); if ($User->getId() == 0) { $this->showLogin(); if (!$_SESSION['BadLogin']) { $_SESSION['BadLogin'] = 1; } else { $_SESSION['BadLogin']++; } return false; } $_SESSION['UserId'] = $User->getId(); $_SESSION['UserName'] = $Request->getAsString("tb_Name"); $_SESSION['UserPass'] = md5($Request->getAsString("tb_Pass")); if ($User->getLooked()) { // der User ist gesperrt und darf sich nicht einloggen $TempLate = Template::getInstance("tpl_Login.php"); $TempLate->renderError("Fehler", ":T_LOGIN_ERROR1:", "index.php"); return false; } Controler_Main::getInstance()->setUser($User); Controler_Main::getInstance()->addPermanentOutPut(); $UserManager = new UserManager(); $UserManager->updateLoginTime($User->getId()); $ControlerData = new Controler_Download(); $ControlerData->start(); }
function perform() { $times = array(); $start = 0; $end = 0; $result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Add Question', 'content' => 'content/questionAddForm.php'); // The number of questions and page offset we want $count = grwd('count', 50); $page = grwd('page', 1); $result['count'] = $count; $result['page'] = $page; // Learn what kind of menus we need $layout = grwd('layout', 'menus'); $optionFunction = array('pulldown' => 'getSelectPulldown', 'radio' => 'getRadioList', 'menus' => 'getSelectBox'); $result['optionFunction'] = $optionFunction[$layout]; $db = $_REQUEST['db']; $tsf = new TimeSpentFinder($db); $ptf = new PatronTypeFinder($db); $qff = new QuestionFormatFinder($db); $qtf = new QuestionTypeFinder($db); $if = new InitialsFinder($db); $lf = new LocationFinder($db); $userFinder = new UserFinder($db); $start = mTimeFloat(); $user = $userFinder->findById($_SESSION['userId']); $end = mTimeFloat(); $times['userfind'] = $end - $start; $clientIp = getRemoteIp(); $libId = $user['library_id']; $start = mTimeFloat(); $result['timeSpentOpts'] = $tsf->findByLibrary($libId); $result['patronTypeOpts'] = $ptf->findByLibrary($libId); $result['questionTypeOpts'] = $qtf->findByLibrary($libId); $result['questionFormatOpts'] = $qff->findByLibrary($libId); $result['locationOpts'] = $lf->findByLibrary($libId); $times['menus'] = mTimeFloat() - $start; $start = mTimeFloat(); // Load the default (last used) values for this client $result['locationId'] = $lf->getLastLocationId($clientIp, $libId); if ($result['locationId'] == null) { $result['locationId'] = $result['locationOpts'][0]['location_id']; } $start = mTimeFloat(); $result['lastInitials'] = $if->getLastInitials($clientIp); $times['lastInitials'] = mTimeFloat() - $start; $start = mTimeFloat(); $result['lastTimeSpent'] = $tsf->getLast($clientIp); $times['lastTimeSpent'] = mTimeFloat() - $start; $start = mTimeFloat(); $result['lastPatronType'] = $ptf->getLast($clientIp); $times['lastPatronType'] = mTimeFloat() - $start; $start = mTimeFloat(); $result['lastQuestionType'] = $qtf->getLast($clientIp); $times['lastQuestionType'] = mTimeFloat() - $start; $start = mTimeFloat(); $result['lastQuestionFormat'] = $qff->getLast($clientIp); $times['lastQuestionFormat'] = mTimeFloat() - $start; $result['user'] = $user; $questionFinder = new QuestionFinder($db); $start = mTimeFloat(); $result['lastAdded'] = $questionFinder->getLastQuestionTime($clientIp, $libId); if ($result['lastAdded'] != null) { $result['lastAdded'] = date('n/d g:i A', strtotime($result['lastAdded'])); } $times['lastAdded'] = mTimeFloat() - $start; $start = mTimeFloat(); $qResult = $questionFinder->getPagedList($count, $page, 'questions.library_id = ?', array((int) $libId)); $result['questionList'] =& $qResult['list']; $result['list_meta'] = $qResult['meta']; $result['questionCount'] = $qResult['meta']['totalQuestions']; $result['nonemptyQuestionCount'] = $qResult['meta']['nonemptyQuestions']; $times['getQuestions'] = mTimeFloat() - $start; $origin = "questionAddForm.do?page=" . $result['page'] . "&count=" . $result['count']; $result['origin'] = $origin; $result['target'] = 'questionAddForm.do'; // Disabled debugging output // echo "<!-- "; // var_dump($times); // echo " -->"; return $result; }