public function __construct(HotelInterface $hotel, TaxInterface $tax, CountryInterface $country)
{
$this->hotel = $hotel;
$this->tax = $tax;
$this->country = $country;
authorize('manage_hotels');
}
public function __construct(RoomInterface $room, TaxInterface $tax, HotelInterface $hotel)
{
$this->room = $room;
$this->roomtype = $tax;
$this->hotel = $hotel;
authorize('manage_rooms');
}
function request_token($tmhOAuth)
{
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), array('oauth_callback' => tmhUtilities::php_self()));
if ($code == 200) {
$_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
authorize($tmhOAuth);
} else {
outputError($tmhOAuth);
}
}
public function massdel(Request $request)
{
authorize('delete_users');
try {
$this->user->massdel($request);
return redirect()->back()->with('Mess', 'Đã xóa!');
} catch (NullException $e) {
return redirect()->back()->with('errorMess', $e->getErrors());
}
}
function createAccount($email, $name)
{
$query = "INSERT INTO accounts (`email`, `fullname`) VALUES (" . sqlSafe($email) . ", " . sqlSafe($name) . ")";
if (writeQuery($query)) {
authorize($email);
return true;
} else {
var_dump(getSQLerrors());
return false;
}
}
public function store(Request $request)
{
authorize('create_services');
DB::beginTransaction();
try {
$this->services->create($request);
DB::commit();
return redirect()->route('admin.services.index')->with('Mess', 'Thêm thành công');
} catch (ValidateException $e) {
DB::rollBack();
return redirect()->back()->withInput()->withErrors($e->getError());
}
}
public function massdel(Request $request)
{
authorize('delete_tags');
DB::beginTransaction();
try {
$this->tag->massdel($request);
DB::commit();
return redirect()->back()->with('Mess', 'Đã xóa!');
} catch (ExcuteNullException $e) {
DB::rollBack();
return redirect()->back()->with('errorMess', $e->getErrors());
}
}
function request_token($tmhOAuth)
{
$code = $tmhOAuth->request('POST', $tmhOAuth->url('oauth/request_token', ''), array('oauth_callback' => tmhUtilities::php_self()));
if ($code == 200) {
$_SESSION['oauth'] = $tmhOAuth->extract_params($tmhOAuth->response['response']);
if (isset($_SESSION['account']['id'])) {
// We already have a logged in user account
authorize($tmhOAuth);
} else {
authenticate($tmhOAuth);
}
} else {
outputError($tmhOAuth);
}
}
function source($submitid)
{
global $is_admin;
global $mysqli_;
if (1 != $is_admin) {
authorize();
}
// параметры
if (!isset($submitid)) {
fail(_error_no_submit_id_code);
}
// читаем данные
$query = $mysqli_->prepare('select S.source, S.contestid, S.userid, U.nickname, L.desc, S.submittime, S.message from ((select Si.contestId, Si.userid, Si.langId, Si.source, Si.submittime, Si.message from `submit` Si where Si.submitID=?) S inner join `user` U on S.userid=U.id) inner join Lang L on S.langId=L.langId');
$query->bind_param('i', $submitid);
$query->bind_result($source, $contestid, $userid, $nickname, $language, $submitdate, $submitmessage);
if (!$query->execute()) {
fail(_error_mysql_query_error_code);
}
// auto-close of query
$query->store_result();
if (0 == $query->num_rows) {
fail(_error_no_submit_found_code);
}
// auto-close of quert
$query->fetch();
if ('' == $source) {
fail(_error_submit_source_is_empty_code);
}
// auto-close of query
$query->close();
// конец считывания данных
data('source', $source);
data('submitid', $submitid);
data('contestid', $contestid);
data('nickname', $nickname);
data('userid', $userid);
data('language', $language);
data('submitdate', $submitdate);
data('submitmessage', $submitmessage);
data('top', isset($_GET['top']) ? $_GET['top'] : -1);
data('topuserid', isset($_GET['userid']) ? $_GET['userid'] : -1);
}
function set_access($allModules, $userRights)
{
$data = array();
for ($i = 0, $c = count($allModules); $i < $c; $i++) {
$row = array();
for ($j = 0, $c2 = count($userRights); $j < $c2; $j++) {
if ($userRights[$j]["rr_modulecode"] == $allModules[$i]["mod_modulecode"]) {
if (authorize($userRights[$j]["rr_create"]) || authorize($userRights[$j]["rr_edit"]) || authorize($userRights[$j]["rr_delete"]) || authorize($userRights[$j]["rr_view"])) {
$row["menu"] = $allModules[$i]["mod_modulegroupcode"];
$row["menu_name"] = $allModules[$i]["mod_modulename"];
$row["page_name"] = $allModules[$i]["mod_modulepagename"];
$row["create"] = $userRights[$j]["rr_create"];
$row["edit"] = $userRights[$j]["rr_edit"];
$row["delete"] = $userRights[$j]["rr_delete"];
$row["view"] = $userRights[$j]["rr_view"];
$data[$allModules[$i]["mod_modulegroupcode"]][$userRights[$j]["rr_modulecode"]] = $row;
$data[$allModules[$i]["mod_modulegroupcode"]]["top_menu_name"] = $allModules[$i]["mod_modulegroupname"];
}
}
}
}
return $data;
}
function task_data($db_id)
{
global $dv_conf;
$dd = get_dd($db_id);
if (!authorize($dd)) {
print '<br /><p class="error">Sorry, you are not authorized to view this page.</p>';
return;
}
$filter = strtolower(Request::getVar('type', 'json'));
$file = JPATH_COMPONENT . DS . "filter/{$filter}.php";
if (file_exists($file)) {
require_once $file;
}
if ($dd) {
$link = get_db();
$sql = query_gen($dd);
$res = get_results($sql, $dd);
print filter($res, $dd);
exit(0);
} else {
print print "<p class=\"error\">Invalid Request</p>";
exit(1);
}
}
<?
// управление заказчиками
include_once $GLOBALS["DOCUMENT_ROOT"]."/lib/sql.php";
authorize(); // вызов авторизации
if (isset($edit) || isset($add) ) {
if (!isset($accept)) {
if ($edit) {
$sql = "SELECT * FROM customers WHERE id='".$edit."'";
$res = mysql_query($sql);
$rs=mysql_fetch_array($res);
}
echo "<form method=post id=editform action='http://".$_SERVER['HTTP_HOST'].$GLOBALS["PHP_SELF"]."'>";
echo "<input type='hidden' value='".(isset($edit)?$edit:"0")."' name='edit'>";
echo "<input type=hidden name=tid value=$tid>";
if (isset($order)) echo "<input type=hidden name=order value=$order>";
if (isset($idstr)) echo "<input type=hidden name=idstr value=$idstr>";
if (isset($find))echo "<input type=hidden name=find value=$find>";
if (isset($all)) echo "<input type=hidden name=all value=$all>";
echo "<input type=hidden name=accept value='yes'>";
echo "Краткое название (имя каталога):<input type=text name=customer size=20 value='".$rs["customer"]."'><br>";
echo "Полное название (для теззаданий): <input type=text name=fullname size=50 value='".$rs["fullname"]."'><br>";
echo "Каталог на диске К (для сверловок): <input type=text name=kdir size=50 value='".$rs["kdir"]."'><br>";
echo "<input type=button value='Сохранить' onclick=\"editrecord('customers',$('#editform').serialize())\"><input type=button value='Отмена' onclick='closeedit()'>";
} else {
// сохрнение
if ($edit) {
// редактирование
$sql = "UPDATE customers SET customer='$customer', fullname='$fullname', kdir='$kdir' WHERE id='$edit'";
require_once './config/require.php';
if (isset($firstattempt)) {
authorize();
}
// попытка войти
if (isset($login) && isset($password)) {
if (time() - $login_lastaccess < antiSpamTimeOut) {
$header = 'Не удалось войти в систему';
$message = 'В целях защиты от спама не разрешается делать попытки входа в систему с интервалом между ними менее ' . antiSpamTimeOut . ' секунд. Попробуйте повторить запрос позже.';
} else {
$q = $mysqli_->prepare('SELECT id,nickname,is_admin FROM `user` WHERE login=? AND `password`=password(?)');
$q->bind_param('ss', $login, $password);
$q->bind_result($curuserid, $curnickname, $is_admin);
if ($q->execute() && $q->fetch()) {
$authorized = 1;
$curlogin = $login;
$curpass = $password;
$message = 'Вход в систему произведен успешно';
} else {
$message = 'Не удалось выполнить операцию сверки имени пользователя и пароля. Возможно, login или пароль введены неверно. Попробуйте повторить запрос позже.';
}
$q->close();
}
$login_lastaccess = time();
} else {
$message = "Не указаны все необходимые параметры. Попробуйте повторить запрос позже.";
}
// конец попытки войти
data('message', $message);
authorize($data);
<?php
if (!defined('REST')) {
exit('Access Denied');
}
include_once "class_pwd.php";
include_once "config_common.php";
include_once "config_sql.php";
include_once "class_response.php";
$restID = $_POST["rest_id"];
$restKey = $_POST["rest_key"];
$restName = $_POST["rest_name"];
if (!authorize($restID, $restKey, $restName)) {
$response = new Response();
$response->status = 0;
$response->msg = "authorize failed";
} else {
$pwd = new PWD();
$response = $pwd->get();
}
echo $response;
function dupe_comments($GroupID, $Comments)
{
global $DB, $LoggedUser;
authorize();
if (!check_perms('users_mod')) {
error(403);
}
if (!is_number($GroupID)) {
error(403);
}
$DB->query("\n\t\tSELECT SHA1(Comments) AS CommentHash\n\t\tFROM dupe_groups\n\t\tWHERE ID = {$GroupID}");
list($OldCommentHash) = $DB->next_record();
if ($OldCommentHash != sha1($Comments)) {
$AdminComment = sqltime() . " - Linked accounts updated: Comments updated by " . $LoggedUser['Username'];
if ($_POST['form_comment_hash'] == $OldCommentHash) {
$DB->query("\n\t\t\t\tUPDATE dupe_groups\n\t\t\t\tSET Comments = '" . db_string($Comments) . "'\n\t\t\t\tWHERE ID = '{$GroupID}'");
} else {
$DB->query("\n\t\t\t\tUPDATE dupe_groups\n\t\t\t\tSET Comments = CONCAT('" . db_string($Comments) . "\n\n',Comments)\n\t\t\t\tWHERE ID = '{$GroupID}'");
}
$DB->query("\n\t\t\tUPDATE users_info AS i\n\t\t\t\tJOIN users_dupes AS d ON d.UserID = i.UserID\n\t\t\tSET i.AdminComment = CONCAT('" . db_string($AdminComment) . "\n\n', i.AdminComment)\n\t\t\tWHERE d.GroupID = {$GroupID}");
}
}
// to remove unwanted actions
// it's not the best solution, maybe someone can do this without so many loops?
// first build special (helper) bindings table for authorize() function
foreach ($ExecStack->_BINDTABLE as $idx => $binding) {
list($pre, $act) = explode('/', $idx);
foreach ($binding as $bind) {
$bindtable[$bind]['action'][] = $act;
$bindtable[$bind]['count']++;
}
}
reset($ExecStack->_MODINFO);
// reset for each() function below
while (list($mod_name, $mod_info) = each($ExecStack->_MODINFO)) {
if (isset($mod_info['actions'])) {
foreach ($mod_info['actions'] as $action_name => $action_info) {
authorize($mod_name, $action_name);
}
}
}
// the same with menus (I don't kwnow how to do this in one loop)
$_MODINFO = $ExecStack->_MODINFO;
// copy for nested loops below
reset($ExecStack->_MODINFO);
// reset again
while (list($mod_name, $mod_info) = each($ExecStack->_MODINFO)) {
if (isset($mod_info['menus'])) {
foreach ($mod_info['menus'] as $menu_idx => $menu_array) {
foreach ($_MODINFO as $mod_array) {
if (isset($mod_array['actions'])) {
foreach ($mod_array['actions'] as $act) {
if (isset($act['menu']) && $act['menu'] == $menu_array['id']) {
function invite($teamid, $mode)
{
global $is_admin;
global $mysqli_;
if (1 != $is_admin) {
authorize();
}
// параметры
if (!isset($teamid)) {
return _error_no_team_id_code;
}
// запрос на проверку существования команды
if (-1 < $teamid) {
$query = $mysqli_->prepare('select count(*) from `teams` T where T.teamID=?');
$query->bind_param('i', $teamid);
$query->bind_result($count);
if (!$query->execute()) {
fail(_error_mysql_query_error_code);
}
// auto-close of query
$query->fetch();
if (0 == $count) {
return _error_no_team_found_code;
}
// auto-close of query
$query->close();
}
// конец проверки существования команды
// проверяем, что команда еще не приглашена
$query = $mysqli_->prepare('select count(*) from `teams` T where T.teamID=? and T.invited=1-?');
$query->bind_param('ii', $teamid, $mode);
$query->bind_result($count);
if (!$query->execute()) {
fail(_error_mysql_query_error_code);
}
// auto-close of query
$query->fetch();
if (0 == $count && 1 == $mode) {
return _error_team_already_invited_code;
}
// auto-close of query
if (0 == $count && 0 == $mode) {
return _error_team_not_invited_code;
}
// auto-close of query
$query->close();
// проставляем галочку
$query = $mysqli_->prepare('update `teams` set invited=? where teamid=?');
$query->bind_param('ii', $mode, $teamid);
if (!$query->execute() || 0 == $query->affected_rows) {
fail(_error_mysql_query_error_code);
}
// auto-close of query
$query->close();
// пытаемся отправить уведомление
global $messages;
$code = notify(-1, $teamid, 1 == $mode ? $messages[_header_you_are_invited_code] : $messages[_header_you_are_fired_code], 1 == $mode ? $messages[_message_you_are_invited_code] : $messages[_message_you_are_fired_code]);
if (_success_notify_added_code != $code) {
return $code;
}
// конец попытки отправить уведомление
return 1 == $mode ? _success_team_invited_code : _success_team_declined_code;
}
* Please bear in mind, that this software was written for _fun_ =)
*************************/
/************************
* Usersnew - add new users to the station admin panel
*----------------------------------------
* This page will allow the registration of new users to the station. This simply
* inludes the creation of a new account.
*
* 2DO - Tie to XMLRPC Interface
************************/
include("init.inc.php"); # include the global framwork
include("classes/sendMail.class.php"); # include the mail sender
$myNav->add($SECTION[USERS],'users.php'); # add entry to Navigation Bar Stack
$myNav->add($SECTION[USERSNEW],'usersnew.php'); # add entry to Navigation Bar Stack
authorize('edit_users'); # check access rights
/**
* random_char() - will return a random charachter
*
* @param $string -- string to pick a random charachter from
* @return char
*
* Alexey Koulikov - 12.01.2001
*/
function random_char($string){
$length = strlen($string);
$position = mt_rand(0, $length - 1);
return($string[$position]);
}
echo json_encode($fotosDAO->selectAll(), JSON_NUMERIC_CHECK);
exit;
});
$app->get('/fotos/:id/?', authorize(), function ($id) use($fotosDAO) {
header("Content-Type: application/json");
echo json_encode($fotosDAO->selectById($id), JSON_NUMERIC_CHECK);
exit;
});
$app->post('/fotos/?', authorize(), function () use($app, $fotosDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
echo json_encode($fotosDAO->insert($post), JSON_NUMERIC_CHECK);
exit;
});
$app->delete('/fotos/:id/?', authorize(), function () use($fotosDAO) {
header("Content-Type: application/json");
echo json_encode($fotosDAO->delete());
exit;
});
$app->put('/fotos/:id/?', authorize(), function () use($app, $fotosDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
echo json_encode($fotosDAO->update($id, $post), JSON_NUMERIC_CHECK);
exit;
});
public function __construct(TaxInterface $tax, BannerInterface $banner)
{
$this->bannergroup = $tax;
$this->banner = $banner;
authorize('manage_bannergroups');
}
<?php
if (authorize($_SESSION["access_module"]["INVT"]["PURCHASES"]["edit"])) {
?>
<button class="btn btn-sm btn-info" type="button"><i class="fa fa-edit"></i> EDIT</button>
<?php
}
?>
<?php
if (authorize($_SESSION["access_module"]["INVT"]["PURCHASES"]["view"])) {
?>
<button class="btn btn-sm btn-warning" type="button"><i class="fa fa-search-plus"></i> VIEW</button>
<?php
}
?>
<?php
if (authorize($_SESSION["access_module"]["INVT"]["PURCHASES"]["delete"])) {
?>
<button class="btn btn-sm btn-danger" type="button"><i class="fa fa-trash-o"></i> DELETE</button>
<?php
}
?>
</td>
</tr>
<?php
}
?>
</tbody></table>
</div>
</div>
<?php
session_start();
require 'Slim/Slim.php';
$app = new Slim();
$app->get('/employees', authorize('user'), 'getEmployees');
$app->get('/employees/:id', authorize('user'), 'getEmployee');
$app->get('/employees/:id/reports', authorize('user'), 'getReports');
$app->get('/employees/search/:query', authorize('user'), 'getEmployeesByName');
$app->get('/employees/modifiedsince/:timestamp', authorize('user'), 'findByModifiedDate');
// I add the login route as a post, since we will be posting the login form info
$app->post('/login', 'login');
$app->run();
// api/index.php
/**
* Quick and dirty login function with hard coded credentials (admin/admin)
* This is just an example. Do not use this in a production environment
*/
function login()
{
if (!empty($_POST['email']) && !empty($_POST['password'])) {
// normally you would load credentials from a database.
// This is just an example and is certainly not secure
if ($_POST['email'] == 'admin' && $_POST['password'] == 'admin') {
$user = array("email" => "admin", "firstName" => "Clint", "lastName" => "Berry", "role" => "user");
$_SESSION['user'] = $user;
echo json_encode($user);
} else {
$error = array("error" => array("text" => "You shall not pass..."));
echo json_encode($error);
}
<?php
authorize(true);
/*
User topic subscription page
*/
if (!empty($LoggedUser['DisableForums'])) {
print json_encode(array('status' => 'failure'));
die;
}
include SERVER_ROOT . '/classes/class_text.php';
// Text formatting class
$Text = new TEXT();
if (isset($LoggedUser['PostsPerPage'])) {
$PerPage = $LoggedUser['PostsPerPage'];
} else {
$PerPage = POSTS_PER_PAGE;
}
list($Page, $Limit) = page_limit($PerPage);
if ($LoggedUser['CustomForums']) {
unset($LoggedUser['CustomForums']['']);
$RestrictedForums = implode("','", array_keys($LoggedUser['CustomForums'], 0));
$PermittedForums = implode("','", array_keys($LoggedUser['CustomForums'], 1));
}
$ShowUnread = !isset($_GET['showunread']) && !isset($HeavyInfo['SubscriptionsUnread']) || isset($HeavyInfo['SubscriptionsUnread']) && !!$HeavyInfo['SubscriptionsUnread'] || isset($_GET['showunread']) && !!$_GET['showunread'];
$ShowCollapsed = !isset($_GET['collapse']) && !isset($HeavyInfo['SubscriptionsCollapse']) || isset($HeavyInfo['SubscriptionsCollapse']) && !!$HeavyInfo['SubscriptionsCollapse'] || isset($_GET['collapse']) && !!$_GET['collapse'];
$sql = 'SELECT
SQL_CALC_FOUND_ROWS
MAX(p.ID) AS ID
FROM forums_posts AS p
LEFT JOIN forums_topics AS t ON t.ID = p.TopicID
echo json_encode($userDAO->selectById($id), JSON_NUMERIC_CHECK);
exit;
});
$app->get('/users/login/:mail/?', authorize(), function ($mail) use($userDAO) {
header("Content-Type: application/json");
echo json_encode($userDAO->selectByMail($mail), JSON_NUMERIC_CHECK);
exit;
});
$app->post('/users/?', authorize(), function () use($app, $userDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
echo json_encode($userDAO->insert($post), JSON_NUMERIC_CHECK);
exit;
});
$app->delete('/users/:id/?', authorize(), function () use($userDAO) {
header("Content-Type: application/json");
echo json_encode($userDAO->delete());
exit;
});
$app->put('/users/:id/?', function ($id) use($app, $userDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
echo json_encode($userDAO->update($id, $post), JSON_NUMERIC_CHECK);
exit;
});
* Author: Kulikov Alexey - alex@pvl.at, alex@ita-studio.com
*********************************
* Please bear in mind, that this software was written for _fun_ =)
*************************/
/************************
* myseries - shows the series of some user
*----------------------------------------
* This page will display a list of all the possible users registered with
* this station and their access levels. The Administrator can always
* add new users to the list or take away privileges or even delete them...
************************/
include("init.inc.php"); # include the global framwork
include("classes/pageSplit.class.php"); # include the page splitting utility
$myNav->add($SECTION[SERIES],'myseries.php'); # add entry to Navigation Bar Stack
authorize('edit_series'); # check access rights
$me = $_SESSION['USER']->get("auth_id"); # global ME :)
//can I edit this?
if($_GET['id']){
if($_SESSION['USER']->get("auth_id") == $db->getOne("SELECT series.owner FROM series WHERE series.id = '$_GET[id]'")){
$mod = true;
}
}
if(($_SESSION['USER']->get("edit_station")==2) or ($mod)){
$mod_flag = TRUE;
}
################# PROCESS POST ACTION ######################################################
$app->get('/contactos/justnames/:clientid', authorize(), 'getContactosJustNames');
$app->get('/contactos/total/', authorize(), 'getContactosTotal');
$app->get('/contactos/:id', authorize(), 'getContactosById');
$app->get('/contactos/name/:name', authorize(), 'getContactosByName');
$app->get('/contactos/page/:pagenumber', authorize(), 'getContactosByPage');
$app->post('/contactos', authorize(), 'addContactos');
$app->put('/contactos/:id', authorize(), 'updateContactosById');
$app->delete('/contactos/:id', authorize(), 'deleteContactos');
//segmentos
$app->get('/segmentos', authorize(), 'getSegmentos');
$app->get('/segmentos/justnames/', authorize(), 'getSegmentosJustNamesAll');
$app->get('/segmentos/justnames/:clientid', authorize(), 'getSegmentosJustNames');
$app->get('/segmentos/total/', authorize(), 'getSegmentosTotal');
$app->get('/segmentos/:id', authorize(), 'getSegmentosById');
$app->get('/segmentos/name/:name', authorize(), 'getSegmentosByName');
$app->get('/segmentos/page/:pagenumber', authorize(), 'getSegmentosByPage');
$app->post('/segmentos', authorize(), 'addSegmentos');
$app->put('/segmentos/:id', authorize(), 'updateSegmentosById');
$app->delete('/segmentos/:id', authorize(), 'deleteSegmentos');
//subsegmentos
//usuarios
$app->get('/usuarios', authorize(), 'getUsuarios');
//$app->get('/usuarios/justnames/', authorize(), 'getUsuariosJustNamesAll');
//$app->get('/usuarios/total/', authorize(), 'getUsuariosTotal');
$app->get('/usuarios/:id', authorize(), 'getUsuariosById');
//$app->get('/usuarios/name/:name', authorize(), 'getUsuariosByName');
//$app->get('/usuarios/page/:pagenumber', authorize(), 'getUsuariosByPage');
$app->post('/usuarios', authorize(), 'addUsuarios');
$app->put('/usuarios/:id', authorize(), 'updateUsuariosById');
$app->delete('/usuarios/:id', authorize(), 'deleteUsuarios');
// Make the client connect and exchange tokens
try {
$connection->connect();
} catch (\Exception $e) {
throw new Exception('Could not connect to Moneybird: ' . $e->getMessage());
}
// Save the new tokens for next connections
setValue('accesstoken', $connection->getAccessToken());
return $connection;
}
// If authorization code is returned from Moneybird, save this to use for token request
if (isset($_GET['code']) && is_null(getValue('authorizationcode'))) {
setValue('authorizationcode', $_GET['code']);
}
// If we do not have a authorization code, authorize first to setup tokens
if (getValue('authorizationcode') === null) {
authorize($redirectUrl, $clientId, $clientSecret);
}
// Create the Moneybird client
$connection = connect($redirectUrl, $clientId, $clientSecret);
$connection->setAdministrationId($administrationId);
$moneybird = new \Picqer\Financials\Moneybird\Moneybird($connection);
// Get the sales invoices from our administration
try {
$salesInvoices = $moneybird->salesInvoice()->get();
foreach ($salesInvoices as $salesInvoice) {
var_dump($salesInvoice);
}
} catch (\Exception $e) {
echo get_class($e) . ' : ' . $e->getMessage();
}
<?php
include "funcuser.php";
include "template.php";
CreateCatalog($mysqli, $tmpl['category1'], $tmpl['category2'], $tmpl['search']);
//Переход на страницу с формой входа
if (isset($_POST['FormLogIn'])) {
openFormLogIn($tmpl['LogIn']);
} else {
if (isset($_POST['FormSingUp'])) {
openFormSingUp($tmpl['LogIn']);
} else {
if (isset($_POST['LogIn'])) {
if (authorize($mysqli, $_POST['login'], $_POST['password'], $tmpl['logout'])) {
$_SESSION["pageNumber"] = 1;
$_SESSION["pagelist"] = $tmpl["pagenumber"];
guest_event($mysqli, $tmpl['mininews'], $tmpl['pagenumber'], $tmpl['page']);
hotnews($mysqli, $tmpl["hotnews"]);
}
} else {
if (isset($_POST['LogOut'])) {
if (LogOut($mysqli, $tmpl['regist'])) {
/*НОВАЯ АВТОРИЗАЦИЯ ДЛЯ ГОСТЯ*/
if (!isset($_SESSION["pageNumber"])) {
$_SESSION["pageNumber"] = 1;
}
if (!isset($_SESSION["maxCountNews"])) {
$_SESSION["maxCountNews"] = 2;
}
$_SESSION["postCateg"] = "Главная страница";
$_SESSION['select'] = $tmpl['selectnumbernews'];
<?php
//******************************************************************************//
//--------------- Fill a request -----------------------------------------------//
$RequestID = $_REQUEST['requestid'];
if (!is_number($RequestID)) {
error(0);
}
authorize();
//VALIDATION
if (!empty($_GET['torrentid']) && is_number($_GET['torrentid'])) {
$TorrentID = $_GET['torrentid'];
} else {
if (empty($_POST['link'])) {
error('You forgot to supply a link to the filling torrent');
} else {
$Link = $_POST['link'];
if (!preg_match('/' . TORRENT_REGEX . '/i', $Link, $Matches)) {
error('Your link didn\'t seem to be a valid torrent link');
} else {
$TorrentID = $Matches[4];
}
}
if (!$TorrentID || !is_number($TorrentID)) {
error(404);
}
}
//Torrent exists, check it's applicable
$DB->query("\n\tSELECT\n\t\tt.UserID,\n\t\tt.Time,\n\t\ttg.ReleaseType,\n\t\tt.Encoding,\n\t\tt.Format,\n\t\tt.Media,\n\t\tt.HasLog,\n\t\tt.HasCue,\n\t\tt.LogScore,\n\t\ttg.CategoryID,\n\t\tIF(t.Remastered = '1', t.RemasterCatalogueNumber, tg.CatalogueNumber)\n\tFROM torrents AS t\n\t\tLEFT JOIN torrents_group AS tg ON t.GroupID = tg.ID\n\tWHERE t.ID = {$TorrentID}\n\tLIMIT 1");
if (!$DB->has_results()) {
error(404);
echo json_encode($groupDAO->selectById($id), JSON_NUMERIC_CHECK);
exit;
});
$app->get('/group/:groupname/?', authorize(), function ($groupname) use($groupDAO) {
header("Content-Type: application/json");
echo json_encode($groupDAO->selectByGroupName($groupname), JSON_NUMERIC_CHECK);
exit;
});
$app->post('/group/?', function () use($app, $groupDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
echo json_encode($groupDAO->insert($post), JSON_NUMERIC_CHECK);
exit;
});
$app->delete('/group/:id/?', authorize(), function () use($groupDAO) {
header("Content-Type: application/json");
echo json_encode($groupDAO->delete());
exit;
});
$app->put('/group/:id/?', authorize(), function ($id) use($app, $groupDAO) {
header("Content-Type: application/json");
$post = $app->request->post();
if (empty($post)) {
$post = (array) json_decode($app->request()->getBody());
}
echo json_encode($groupDAO->updateGroup($id, $post), JSON_NUMERIC_CHECK);
exit;
});
