function load($user_id) { if (self::$user) { return true; } db::table('admin_users'); db::where('user_id', $user_id); db::where('user_pub', 1); db::limit(1); self::$user = db::assoc(); if (db::rows() == 0) { admin::logout(); } define("ADMIN_USER_ID", $user_id); define("ADMIN_USER_SITE_ID", self::get('site_id')); define("ADMIN_USER_GROUP_ID", self::get('group_id')); s::set('ADMIN_USER_LOGIN', self::get('user_login')); s::set('ADMIN_USER_ID', $user_id); return true; }
break; case "login": if ($ps->login()) { if ($_POST['forward_url']) { header("Location: " . $_POST['forward_url']); } $ps->select_gallery($_POST['gallery']); $adminMessage = "Welcome to Organize"; $includeFile = "view"; } else { $adminMessage = $ps->last_error(); $includeFile = "login"; } break; case "logout": $ps->logout(); $adminMessage = "Thank you and goodbye!"; $includeFile = "login"; break; case "manageusers": if (!$ps->is_admin()) { $ps->select_gallery(); $adminMessage = "You do not have permission to perform this operation."; $includeFile = "view"; } else { $includeFile = "manageusers"; } break; case "newuser": if (!$ps->is_admin()) { $ps->select_gallery();
<?php /** * Load required classes */ load_class(array('login', 'admin')); $login_obj = new login(); if (isset($_GET["logout"])) { admin::logout(); } if (isset($_POST["method"]) && $_POST["method"] == 'change_password') { $current_password = $_POST["current_password"]; $new_password = $_POST["new_password"]; $user_id = $_SESSION["admin_data"]["user_id"]; $data_array = array("password" => $new_password, "modified" => currentDate()); $login_obj->db->where("user_id", $user_id); $login_obj->db->where("password", $current_password); $row = $login_obj->db->get($login_obj->tableName, null, 'user_id'); if ($row) { $login_obj->db->where("user_id", $user_id); $row = $login_obj->db->update($login_obj->tableName, $data_array); echo "success"; } else { echo "invaild"; } die; }