public function handleFirstStep($post)
{
/*
* @todo: xss security
* @todo: csrf security
* @todo: gump validation
*/
$name = $post['group_name'];
$descr = $post['group_descr'];
if (strlen($name) < 4) {
$error[] = 'Group name is too short.';
} else {
$check = $this->getGroupName($name);
if (strtolower($check[0]->nume) == strtolower($name)) {
$error[] = 'Group name already taken.';
}
}
$tokenString = hash('sha256', mt_rand());
$groupData = array('id_autor' => Session::get('id'), 'nume' => $name, 'descr' => $descr, 'completed' => $tokenString);
if (!isset($error)) {
$this->db->insert('grupuri', $groupData);
setcookie('unfinished_group', $tokenString, time() + COOKIE_RUNTIME);
Url::redirect(DIR . 'teacher/new-group-2', true);
}
return $error;
}
public function __construct()
{
parent::__construct();
if (!Session::get('loggedin')) {
Url::redirect('login');
}
}
public function register()
{
if (Session::get('logged')) {
Url::redirect();
}
$data['title'] = 'הרשמה';
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'שם משתמש הוא שדה נדרש';
}
if ($this->_model->get_user($username)) {
$error[] = 'שם המשתמש תפוס, בעסה';
}
if ($password == '') {
$error[] = 'צריך סיסמא כדי להירשם, אחרת כל אחד יוכל להיכנס במקומך...';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'כדי להירשם צריך מייל, למקרה ששכחת את הסיסמא';
}
if (!$error) {
$postdata = array('user_name' => $username, 'user_password' => Password::make($password), 'user_email' => $email);
$this->_model->add_user($postdata);
$this->login_user($username);
// Session::set('message','User Added');
Url::redirect();
}
}
View::renderTemplate('header', $data);
View::render('register', $data, $error);
View::renderTemplate('footer', $data);
}
public static function img($url, $options = [])
{
if (!array_key_exists('class', $options)) {
$options['class'] = 'img-responsive';
}
return '<img src="' . Url::autoDecide($url) . '"' . static::buildOptions($options) . '>';
}
public function edit($id)
{
$data['title'] = 'Edit Member';
$data['row'] = $this->model->get_member($id);
if (isset($_POST['submit'])) {
if ($_POST['token'] != Session::get('token')) {
Url::redirect('admin/login');
}
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'Username is required';
}
if ($password == '') {
$error[] = 'Password is required';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'Email is not valid';
}
if (!$error) {
$postdata = array('member_username' => $username, 'member_password' => Password::make($password), 'member_email' => $email);
$where = array('member_id' => $id);
$this->model->update_member($postdata, $where);
Session::set('message', 'Member Updated');
Url::redirect('admin/members');
}
}
View::renderadmintemplate('header', $data);
View::render('admin/members/edit', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function register()
{
if (Session::get('loggedin')) {
Url::redirect('');
}
$data['title'] = "Registrace";
$model = new \Models\Users();
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$repeatPassword = $_POST['repeatPassword'];
$email = $_POST['email'];
if ($password == $repeatPassword) {
if (!$model->exists($username)) {
// array of values for new user
$postdata = array('name' => $username, 'pass' => Password::make($password), 'email' => $email);
$model->add($postdata);
Url::redirect('login');
} else {
$error[] = 'Jméno je již zabráno. Zkuste prosím jiné';
}
} else {
$error[] = 'Heslo a ověření hesla se neshodují. Zkuste je prosím vyplnit znovu.';
}
}
View::renderTemplate('header', $data);
View::render('auth\\register', $data, $error);
View::renderTemplate('footer', $data);
}
public function index()
{
$data['title'] = "Sistema de Administración de Aerolíneas";
$data['page'] = "page2";
if (!is_null(filter_input(INPUT_POST, 'insertar'))) {
$nombre = $_POST['nombre'];
$responsable = $_POST['responsable'];
$numero = $_POST['numero'];
$email = $_POST['correo'];
$datos = array('NOMBRE' => $nombre, 'NOMBRE_RESPONSABLE' => $responsable, 'AVIONES' => $numero, 'EMAIL' => $email);
$this->_model->insertar_aerolinea($datos);
Url::redirect("aerolineas?aer=1");
} elseif (!is_null(filter_input(INPUT_POST, 'eliminar'))) {
$id_aerolinea = $_POST['id_aerolinea'];
$where = array('aerolinea_id' => $id_aerolinea);
$this->_model->eliminar_aerolinea($where);
} elseif (!is_null(filter_input(INPUT_POST, 'editar'))) {
$nombre = $_POST['nombre'];
$responsable = $_POST['responsable'];
$numero = $_POST['numero'];
$email = $_POST['correo'];
$id_aerolinea = $_POST['id_aerolinea'];
$data = array('NOMBRE' => $nombre, 'NOMBRE_RESPONSABLE' => $responsable, 'AVIONES' => $numero, 'EMAIL' => $email);
$where = array('aerolinea_id' => $id_aerolinea);
$this->_model->actualizar_aerolinea($data, $where);
}
$data['aerolineas'] = $this->_model->obtener_aerolineas();
$data['aviones'] = $this->_model->obtener_aviones();
View::renderTemplate('header', $data);
View::render('aerolineas/aerolineas', $data);
View::renderTemplate('footer', $data);
}
public function index()
{
if (!Session::get('loggedin')) {
Url::redirect('login');
}
if (isset($_POST['submit']) && $_FILES['fileToUpload']['size'] > 0) {
$name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']);
$description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if (isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
$error = "Sorry, file already exists." . $error;
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], str_replace(' ','-',strtolower($target_file)))) {
//echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$product['product'] = array('name' => $name, 'price' => $price, 'description' => $description, 'lastUpdate' => date('Y-m-d G:i:s'));
$product['image'] = array('image' => file_get_contents($_FILES['fileToUpload']['tmp_name']), 'size' => $_FILES["fileToUpload"]["size"], 'type' => $imageFileType);
$this->_model->insertProduct($product);
//unlink(str_replace(' ','-',strtolower($target_file)));
}
}
Hooks::addHook('js', 'Controllers\\menu@indexJS');
Hooks::addHook('css', 'Controllers\\menu@indexCss');
$data['title'] = 'index';
$data['username'] = Session::get('username');
View::rendertemplate('header', $data);
View::render('menu/index', $data, $error);
View::rendertemplate('footer', $data);
}
public function index()
{
$data['title'] = "Sistema de Administración de Aerolíneas";
$data['page'] = "page3";
if (!is_null(filter_input(INPUT_POST, 'insertar'))) {
$matricula = $_POST['matricula'];
$asientos = $_POST['asientos'];
$id_aerolinea = $_POST['id_aerolinea'];
$datos = array('ASIENTOS' => $matricula, 'MATRICULA' => $asientos, 'AEROLINEA_ID' => $id_aerolinea);
$this->_model->insertar_avion($datos);
Url::redirect("aviones?aer=1");
} elseif (!is_null(filter_input(INPUT_POST, 'eliminar'))) {
$id_aerolinea = $_POST['id_avion'];
$where = array('avion_id' => $id_aerolinea);
$this->_model->eliminar_avion($where);
} elseif (!is_null(filter_input(INPUT_POST, 'editar'))) {
$matricula = $_POST['matricula'];
$asientos = $_POST['asientos'];
$id_aerolinea = $_POST['id_aerolinea'];
$id_avion = $_POST['id_avion'];
$datos = array('ASIENTOS' => $matricula, 'MATRICULA' => $asientos, 'AEROLINEA_ID' => $id_aerolinea);
$where = array('avion_id' => $id_avion);
$this->_model->actualizar_avion($datos, $where);
}
$data['aerolineas'] = $this->_model->obtener_aerolineas();
$data['aviones'] = $this->_model->obtener_aviones();
View::renderTemplate('header', $data);
View::render('aviones/aviones', $data);
View::renderTemplate('footer', $data);
}
/**
* Logs the user out
*
*/
public function logout()
{
Session::destroy();
/* Clear all sessions set for this project */
Url::redirect("http://something.sellerstam.mebokund.com/", true);
/* Goes back to the home page */
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Session::get('loggedin')) {
Url::redirect('login');
}
$this->language->load('Dashboard');
}
/**
* Phone Book - default view
*/
public function index()
{
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/tables/datatables/datatables.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/responsive.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/buttons.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/jszip/jszip.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/pdfmake/pdfmake.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/pdfmake/vfs_fonts.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/buttons.html5.min.js', Url::assetPath('js') . 'plugins/pickers/moment.min.js', Url::assetPath('js') . 'plugins/pickers/bootstrap-datetimepicker.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/jquery.dataTables.yadcf.js', Url::assetPath('js') . 'pages/phonebook.js');
$data['users'] = $this->phonebook->getPhonebook();
View::renderTemplate('header', $data);
View::render('phonebook/index', $data, $error);
View::renderTemplate('footer', $data);
}
public function search_post()
{
if (isset($_REQUEST['q'])) {
$this->search($_REQUEST['q']);
} else {
Url::redirect();
}
}
public function loguit()
{
//Unset de sessions.
\Helpers\Session::destroy('username');
\Helpers\Session::destroy('id');
\Helpers\Session::destroy('rechten');
//Stuurt je door naar de homepagina.
\Helpers\Url::redirect('home');
}
public function logout()
{
session_start();
$_SESSION = array();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
session_destroy();
\Helpers\Url::redirect('');
}
/**
* Change the Framework Language.
*/
public function change($language)
{
// Only set language if it's in the Languages array
if (preg_match('/[a-z]/', $language) && in_array($language, CoreLanguage::$codes)) {
Session::set('language', ucfirst($language));
// Store the current Language into Cookie.
Cookie::set(PREFIX . 'language', $language);
}
Url::redirect();
}
public static function authRole($role)
{
//CHECK IF USER IS LOGGED IN
self::block();
$user = Session::get('user');
if ($user->role != $role) {
// var_dump($user->role);
Url::redirect('home');
}
}
public static function none($level)
{
$sessionLogin = Session::get('loggedin');
if ($sessionLogin) {
if ($level == 'student') {
Url::redirect(DIR, true);
} else {
Url::redirect(DIR . 'teacher', true);
}
}
}
public function playLevel($id)
{
if (Session::get('level') >= $id - 1) {
$data['title'] = "Amusez vous bien sur cette map ! ";
$data['level'] = "Level: " . $id;
View::renderTemplate('header', $data);
View::render('play/playLevel', $data);
View::renderTemplate('footer', $data);
} else {
Url::redirect();
}
}
/**
* Define Index page title and load template files
*/
public function index()
{
$sessid = Session::get('us_id');
if ($sessid == null) {
Url::redirect("Login");
}
$data = array();
$data['title'] = 'Billing';
View::renderTemplate('header', $data);
View::renderTemplate('main', $data);
View::renderTemplate('footer');
}
public function jsRedirect()
{
$app_info = Session::get('app_info');
if (!$app_info) {
Url::redirect('error');
}
$fb = new \Facebook\Facebook(['app_id' => $app_info->app_id, 'app_secret' => $app_info->app_secret_id, 'default_graph_version' => $app_info->app_version]);
$js_helper = Facebook::getTokenFromJsHelper($fb);
$is_admin = $this->isAdmin($js_helper['user_id'], $fb, $app_info->app_id, $app_info->app_token);
$role = $is_admin ? 'admin' : 'user';
$this->setSession($js_helper['accesstoken'], $js_helper['user_id'], $role);
Url::redirect('');
}
public function create()
{
if (filter_has_var(INPUT_POST, 'submit')) {
$name = filter_input(INPUT_POST, 'name');
$desc = filter_input(INPUT_POST, 'desc');
$this->shareList->create($name, $desc);
Url::redirect("/Share");
} else {
$data['title'] = "Создать Акцию";
View::renderTemplate('header', $data);
View::renderTemplate('share_create', $data);
View::renderTemplate('footer');
}
}
public function login()
{
if (isset($_POST['submit'])) {
$data['login_error'] = $this->teacherMember->runLogin($_POST);
if (!isset($data['login_error'])) {
Url::redirect(DIR . 'teacher', true);
}
}
$data['title'] = 'Teacher Login';
$data['css-assets'] = array('teacher-login.css');
View::renderTemplate('teacher-header', $data, 'teacher-dashboard');
View::renderTemplate('teacher-sidebar', $data, 'teacher-dashboard');
View::render('teacher-dashboard/login', $data);
}
public function edit($ratingID)
{
$model = new \Models\Ratings();
$data['title'] = "Recenze";
$data['rating'] = $model->getRatingAndTale($ratingID);
if (isset($_POST['submit'])) {
$postdata = array('originality' => $_POST['originality'], 'theme' => $_POST['theme'], 'quality' => $_POST['quality']);
$where = array('ratingID' => $data['rating'][0]->ratingID);
$model->update($postdata, $where);
Url::redirect('ratings');
}
View::renderTemplate('header', $data);
View::render('review\\ratingsEdit', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Funció que guarda un arxiu json de configuració o dades
* @name = Nom de l'arxiu dins static o adreça amb el json inclòs
**/
public static function saveJsonConfigFile($name, $Data, $convert = true)
{
$JSON = "";
$nom = getcwd() . Url::templatePath() . 'json/' . $name;
if (file_exists($nom)) {
if ($convert) {
$JSON = json_encode($Data, TRUE);
} else {
$JSON = $Data;
}
file_put_contents($nom, $JSON);
} else {
throw new MyException("No he trobat l'arxiu: " . $name);
}
}
/**
*
*/
public function index()
{
//Is user admin ?
if (true) {
$data['title'] = $this->language->get('page_title');
$data['logout'] = $this->language->get('logout');
//$data['welcome_message'] = $this->language->get('welcome_message');
View::renderTemplate('backoffice/header', $data);
View::renderTemplate('backoffice/main_header', $data);
View::render('dashboard/dashboard', $data);
View::renderTemplate('backoffice/footer');
} else {
Url::redirect('index');
}
}
public function index()
{
$role = Session::get('fb_role');
if ($role == 'user') {
$this->front();
//TODO redirect to simple user page
} else {
if ($role == 'admin') {
$this->admin();
//TODO redirect to dashboard page
} else {
Url::redirect('error');
}
}
}
/**
* Pàgina principal per càrrega
**/
public function home($idComanda = 0)
{
//Afegit per editar una comanda
if ($idComanda > 0) {
Session::set('idComanda', $idComanda);
}
//Si entrem amb un usuari que és comptable, anem directament a usuaris
if (!strcmp($this->Credentials, 'U')) {
Url::redirect('admin/usuaris');
}
//Carreguem els templates
View::renderTemplate('admin/headerTemplate', array());
View::renderTemplate('admin/menuTemplate', array('menu' => $this->menu));
View::renderTemplate('admin/homeTemplate', array('menu' => $this->menu, 'idComanda' => $idComanda, 'Credentials' => $this->Credentials));
}
public function index()
{
if (!Auth::isLogged()) {
Url::redirect('login');
}
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/notifications/bootbox.min.js', Url::assetPath('js') . 'pages/settings.js');
$settings = $this->setting->getSettings();
if (isset($settings)) {
foreach ($settings as $obj) {
$data[$obj->name] = $obj->value;
}
}
if (isset($_POST['update'])) {
$site_name = $_POST['site_name'];
$site_email = $_POST['site_email'];
$domains = $_POST['domains'];
if ($site_name == '') {
$error[] = $this->language->get('site_name_required');
}
if ($site_email == '') {
$error[] = $this->language->get('site_email_required');
}
if ($domains == '') {
$error[] = $this->language->get('domains_required');
}
if (!$error) {
foreach ($_POST as $key => $value) {
$data2 = array('value' => $value);
$where = array('name' => $key);
$log[$key] = $value;
if (!empty($value) && $data[$key] != $log[$key]) {
$this->setting->updateSettings($data2, $where);
Log::notice('log_settings_edit', json_encode(array($data2, $where)));
}
}
Session::set('success', $this->language->get('msg_settings_edit'));
Url::redirect('settings');
}
}
View::renderTemplate('header', $data);
View::render('settings/index', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Define Index page title and load template files
*/
public function index()
{
$data = array('login_text' => 'User', 'password_text' => 'Password');
if (filter_has_var(INPUT_POST, 'submit')) {
$user = filter_input(INPUT_POST, 'login');
$password = filter_input(INPUT_POST, 'passowrd');
$ds = $this->users->exist($user, $password);
if (empty($ds)) {
$data['error'] = 'User not found';
} else {
Session::set('auth', true);
Session::set("us_id", $ds[0]['id']);
Url::redirect();
}
}
View::renderTemplate('header', array('title' => 'Login'));
View::renderTemplate('login', $data);
View::renderTemplate('footer');
}