/**
  * Checks to see if a user is logged in
  * @return bool True if the user is logged in
  */
 public static function is_logged_in()
 {
     if (SessionUtil::session('user') && SessionUtil::session('loggedIn')) {
         $user = unserialize(SessionUtil::session('user'));
         if (self::user_token($user->salt) == SessionUtil::session('loggedIn')) {
             return true;
         }
     }
     return false;
 }
Beispiel #2
0
 /**
  * Template constructor
  * @param string $title Title of the web page
  * @param bool $noTemplate If set to true then no menus or sidebars will be used. It will be a single page.
  * @param bool $maintenance If set it wont redirect when the site is in maintenance mode
  */
 function __construct($title, $noTemplate = false, $maintenance = false)
 {
     //Set flags
     $this->noTemplate = $noTemplate;
     $this->maintenance = $maintenance;
     $this->title = $title;
     SessionUtil::start_session();
     //Check for a user and save the data
     if (SessionUtil::session('user')) {
         $this->user = unserialize(SessionUtil::session('user'));
     }
 }
Beispiel #3
0
    private function render_add_user()
    {
        $errorMessage = '';
        //Check to see if the add button was pressed
        if (param('btnAdd')) {
            //Check the token
            if (SessionUtil::session('token') != param('hidToken')) {
                $errorMessage .= 'Invalid Token try again. ';
            }
            //Validation Block
            if (!ValidationUtil::text(param('txtName'), 30, 1)) {
                $errorMessage .= 'You must provide a name between 1 and 30 characters long. ';
            }
            if (!ValidationUtil::email(param('txtEmail'))) {
                $errorMessage .= 'Email is invalid. ';
            }
            if (!ValidationUtil::text(param('txtCompany'), 30, 1)) {
                $errorMessage .= 'You must provide a company name with a max of 30 characters. ';
            }
            if (!ValidationUtil::text(param('txtPassword'), 12, 8)) {
                $errorMessage .= 'You must enter in a password that is a min of 8 and a max of 12. ';
            }
            if (!$errorMessage) {
                $errorMessage = $this->add_user();
            }
        }
        //Set the token for the page
        $token = SessionUtil::token();
        SessionUtil::session_set('token', $token);
        //Render the page
        ?>
        <div class="admin-page-wrapper">
            <form action="/pages/admin/useradmin.php?subPage=Add User" method="post">
                <div class="admin-user-wrapper">
                    <h1>Add User</h1>
                    <?php 
        //Check to see if there is any messages and display them if there is any
        if ($errorMessage) {
            echo '<span class="warning">' . $errorMessage . '</span>';
        }
        ?>
                    <div class="user-admin-content">
                        <input type="hidden" name="hidToken" value="<?php 
        echo $token;
        ?>
" />
                        <label for="txtName">User Name:</label><br />
                        <input type="text" name="txtName" id="txtName" /><br />
                        <label for="txtEmail">Email:</label><br />
                        <input type="email" name="txtEmail" id="txtEmail" /><br />
                        <label for="txtCompany">Company:</label><br />
                        <input type="text" name="txtCompany" id="txtCompany" /><br />
                        <label for="txtPassword">Password:</label><br />
                        <input type="text" name="txtPassword" id="txtPassword" value="<?php 
        echo AuthenticationUtil::generate_password();
        ?>
" />
                    </div>
                    <h3>Privileges</h3>
                    <div>
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_VIEW_MERCHANT_PAGE;
        ?>
" id="cbx1" />
                        <label for="cbx1">Merchant View</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_VIEW_ADMIN_PAGE;
        ?>
" id="cbx2" />
                        <label for="cbx2">Admin View</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_ASSIGN_PRIVILEGES;
        ?>
" id="cbx3" />
                        <label for="cbx3">Assign Privileges</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_PAGE_ADMIN;
        ?>
" id="cbx4" />
                        <label for="cbx4">Admin Pages</label><br />
                        <input type="checkbox" name="cbxPrivs[]" value="<?php 
        echo AuthenticationUtil::PRIVILEGE_USER_ADMIN;
        ?>
" id="cbx5" />
                        <label for="cbx5">Admin Users</label><br />
                    </div>
                    <input type="submit" name="btnAdd" />
                </div>
            </form>
        </div>
    <?php 
    }