/**
* Sets the user as "order_master" on a collection
*
* @param \collection $collection The collection to apply
* @param Boolean $bool Wheter the user is order master or not
*
* @return ACL
*/
public function set_order_master(\collection $collection, $bool)
{
$sql = 'UPDATE basusr SET order_master = :master
WHERE usr_id = :usr_id AND base_id = :base_id';
$stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute([':master' => $bool ? 1 : 0, ':usr_id' => $this->user->getId(), ':base_id' => $collection->get_base_id()]);
$stmt->closeCursor();
return $this;
}
function register()
{
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/user.class.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/userProfile.class.php';
$userObj = new user();
$upObj = new userProfile();
$failure = false;
$failureMsg = '';
$result = array();
if (isset($_POST['email'])) {
$email = $_POST['email'];
if (stristr($email, '@newscloud.com') !== false) {
$failureMsg = ' Please use a valid email address of yours - not ours.';
$failure = true;
}
// check that email isn't already registered
$checkExist = $userObj->getId($email);
if ($checkExist !== false) {
$failureMsg = 'Sorry, this email address is already registered.';
$failure = true;
}
} else {
$failure = true;
}
if (!isset($_POST['memberName']) || !isset($_POST['pass1']) || !isset($_POST['pass2'])) {
$failure = true;
}
if ($failure) {
$msg = 'There was an error with your registration. Please try again.' . $failureMsg;
$result['reg'] = false;
$result['msg'] = $msg;
} else {
$result['reg'] = true;
$memberName = $_POST['memberName'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$city = '';
$result = $upObj->newRegistration($email, $memberName, $pass1, $pass2, $city);
if ($result['reg']) {
// check if it was an invitation response
$result['msg'] = $this->buildConfirmationText($email, '');
}
}
return $result;
}
?>
<script>
alert("密码错误!请重试!");
document.location.href = './index.html';
</script>
<?php
} elseif ($user->getState() != 1) {
?>
<script>
alert("无效账号!等待管理员验证!");
document.location.href = './index.html';
</script>
<?php
}
session_start();
$_SESSION['uid'] = $user->getId();
$_SESSION['name'] = $user->getName();
$_SESSION['rname'] = $user->getRealName();
$_SESSION['mes'] = $user->getMes();
$_SESSION['img'] = $user->getHeadimg();
$_SESSION['email'] = $user->getEmail();
$_SESSION['phone'] = $user->getPhone();
$_SESSION['depart'] = $user->getDepart();
$_SESSION['identy'] = $user->getIdenty();
}
?>
<script>
function show_mes()
<?php
require_once 'user.php';
require_once 'io.inc.php';
$config = (include 'config.php');
switch ($_GET['a']) {
/*GM acions*/
case 'createUser':
if ($_POST != NULL || $_POST['id'] != NULL) {
//TODO: fix this, as we enter the if even with a void POST request.
$user = new user(str_replace(' ', '', $_POST['name']), $_POST['name'], $_POST['align'], $_POST['race'], $_POST['class'], $_POST['str'], $_POST['dex'], $_POST['con'], $_POST['intel'], $_POST['wis'], $_POST['cha'], $_POST['maxhp'], $_POST['dmg'], $_POST['armour'], $_POST['hp'], $_POST['lvl'], $_POST['xp'], $_POST['bonds'], $_POST['gear'], $_POST['moves']);
if (load($user->getId()) != false) {
$result['success'] = false;
$result['msg'] = "Error : User already exists";
$result['id'] = $_GET['id'];
} else {
if (!store($user)) {
$result['success'] = false;
$result['msg'] = "Error : Unable to store user";
$result['id'] = $_POST['id'];
} else {
$result['success'] = true;
}
}
} else {
$result['success'] = false;
$result['msg'] = "Error : no user given.";
}
break;
case 'rmUser':
$id = str_replace(' ', '', $_GET['name']);
*/
public function getContentType()
{
return null;
}
public function delete()
{
unlink($this->{$myPath});
}
}
$auth = new Sabre_HTTP_BasicAuth();
$result = $auth->getUserPass();
$aUser = $result[0];
$aPass = $result[1];
$userObj = new user();
$profile = $userObj->getProfile($userObj->getId($aUser));
if (!$profile) {
$auth->requireLogin();
echo "Username doesn't exist!\n";
die;
}
if ($profile["pass"] != sha1(trim($aPass))) {
$auth->requireLogin();
echo "Wrong password!\n";
die;
}
$userObj->login($aUser, $aPass);
/*
if (!$result || $result[0]!=$u || $result[1]!=$p) {
$auth->requireLogin();
private function isAccessibleBy(user $user)
{
return (bool) db::query('SELECT 1 FROM documents WHERE id = ' . db::value($this->id) . ' AND author = ' . $user->getId() . ' LIMIT 1');
}
return "Email inconnu !";
}
if (!passIsOk($Tab['email'], $Tab['password'])) {
return "Password incorrect !";
}
if (banni($Tab['email']) == true) {
return "Merci d'activer votre compte via l'email reçu lors de l'inscription !";
}
return "NoError";
}
//checklog()
if ($_POST['send']) {
$error = checklog($_POST);
if ($error == "NoError") {
$User = new user($_POST['email']);
$_SESSION['id'] = $User->getId();
if ($User->getLastco() == NUll) {
$_SESSION['msg'] = "<div class='success' ><p class='success-txt' >Bienvenue, Share2Go vous souhaite un bon voyage !</p></div>";
}
updateCo(True);
$_SESSION['login'] = "******";
$_SESSION['email'] = $_POST['email'];
$_SESSION['lastco'] = $User->getlastco();
$_SESSION['nbnewmess'] = getNbNewMess($User->getId());
$_SESSION['lu'] = false;
header('Location: index.php');
} else {
echo "<div class='error' ><p class='error-txt' >" . $error . "</p></div>";
}
}
if ($_GET['tok']) {
public function setIdAuthor(user $user)
{
$this->id_author = $user->getId();
return true;
}
/**
* Check if $user user can cancel $this (only for pending subs, admins only can cancel active subs)
* @param user $user
* @return boolean
*/
public function canCancel($user)
{
return $this->getBuyerUserId() == $user->getId() && !$this->isActive() && $this->getTmrStatus() == 'PE' || $user->isAllowed(WP_ADMIN_RIGHT);
}
<?php
require_once "../Core/utils.php";
require_once "../Model/profil.php";
isNoLog("login.php");
$user = new user($_SESSION['email']);
$listvehicule = recupVehicule($user->getId());
$listTrajetProprio = recupTrajetProprio($user->getId());
$listTrajetReserv = recupTrajetReserv($user->getId());
function checkused($idv, $listTrajetProprio, $listvehicule)
{
foreach ($listTrajetProprio as $trajet) {
if ($trajet->idvehicule == $idv) {
return "Véhicule utilisé pour un trajet, merci de supprimer le trajet avant de pouvoir supprimer le véhicule.";
}
}
foreach ($listvehicule as $vehi) {
if ($vehi->iduser && $vehi->iduser != $_SESSION['id']) {
return "Vous n'êtes pas le proriétaire du vehicule ! Petit insolent !";
}
}
return "Suppression enregistrée !";
}
function checktrajet($idt, $listTrajetProprio)
{
foreach ($listTrajetProprio as $trajet) {
if ($trajet->idtrajet && $trajet->idauteur != $_SESSION['id']) {
return "Vous n'êtes pas le prorietaire du trajet ! Petit insolent !";
}
}
if (countUserTrajet($idt) > 0) {
