function init_module($module)
{
$modpath = BASEPATH . 'modules/' . $module . '/';
if (is_dir($modpath)) {
$modcfg = array('name' => $module, 'path' => $modpath, 'validate' => 'user', 'redirect' => 'login', 'layout' => 'main');
if (file_exists($modpath . 'config.php')) {
$config = (include $modpath . 'config.php');
foreach ($config as $key => $val) {
$modcfg[$key] = $val;
}
}
$modcfg = json_decode(json_encode($modcfg));
add_module($module, $modcfg);
if ($modcfg->validate) {
if (!has_session($modcfg->validate)) {
if (is_ajax()) {
echo json_encode(array('success' => false, 'message' => __('Your session has been expired !'), 'redirect' => site_url($modcfg->redirect)));
exit;
} else {
redirect($modcfg->redirect);
}
}
}
} else {
show_404(sprintf(__('Page %s does not found!'), $module));
}
return get_module($module);
}
/**
* fungsi khusus untuk mendapatkan session user
*/
function get_user_session($key, $default = '')
{
if (has_session('user')) {
$user = get_session('user');
return isset($user[$key]) ? $user[$key] : $default;
}
return $default;
}
<?php
$google = new Google_Client();
$google->setApplicationName('YOUR-APPLICATION-NAME');
$google->setClientId(config('google.client.id'));
$google->setClientSecret(config('google.client.secret'));
$gaservice = new Google_AnalyticsService($client);
$infoservice = new Google_Oauth2Service($client);
$google->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/auth');
if ($user = has_session()) {
try {
$client->setAccessToken($user->google_access_token);
} catch (Google_AuthException $e) {
$gaservice = false;
}
} else {
$gaservice = false;
}
function ga_get_accounts()
{
global $gaservice, $current_user;
$cache_key = "ga_get_accounts({$current_user->id})";
if ($cache = memget($cache_key)) {
return $cache;
}
$response = $gaservice->management_accounts->listManagementAccounts();
$accounts = $response['items'];
usort($accounts, function ($a, $b) {
return strcasecmp($a['name'], $b['name']);
});
memset($cache_key, $accounts, 300);
<?php
/*
* hyCMS
* Copyright(C)2009 by Peter Neubauer
* Published under the terms of the Lesser GNU General Public License v2
*
*/
include "session.php";
if (has_session()) {
// maybe Change into is_authorised
$hycms_json_data = $_POST["hycms_json_data"];
$hycms_content = htmlspecialchars(trim($_POST["hycms_content"]));
$hycms_folder = explode("/", $hycms_content);
$hycms_folder = array_splice($hycms_folder, 0, -1);
//deletes Filename
if (substr_count($hycms_content, './')) {
echo "FAIL -- Bad Path";
} else {
//Creates new Folder
if (!is_dir("../storage/persistent/" . implode("/", $hycms_folder) . "/")) {
mkdir("../storage/persistent/" . implode("/", $hycms_folder) . "/", 0744);
}
//Writes .json file
$hycms_path = "../storage/persistent/" . $hycms_content . ".json";
if (!($handle = fopen($hycms_path, "w+"))) {
echo "Not able to open " . $hycms_path;
} else {
if (!fwrite($handle, $hycms_json_data)) {
echo "Not able to wirte " . $hycms_path;
} else {
/**
* @public
*/
static function prefs($prefs)
{
global $app;
$req = $app->request();
if (!has_session()) {
throw new AccessException();
}
if ($req->isGet()) {
return current_user()->getPrefs(true);
}
if ($req->isPost()) {
// preferences are set by the client, so we allow pretty much
// anything to be stored there - don't forget this!
// it's really designed for storing flags, like whether or not
// a particular screen or message has been seen before
foreach ($prefs as $pname => $value) {
$name = 'pref_' . trim($pname);
if (strlen($name) > UserSetting::MAX_NAME_LENGTH) {
throw new Exception("Preference name [{$pname}] is too long");
}
if (!preg_match('/^[\\w_-]+$/', $name)) {
throw new Exception("Invalid preference name [{$pname}] is too long");
}
ORM::raw_execute("\n INSERT INTO user_setting (\n `user_id`,\n `name`,\n `value`\n ) VALUES (\n ?, ?, ?\n ) ON DUPLICATE KEY UPDATE\n `user_id` = VALUES(`user_id`),\n `name` = VALUES(`name`),\n `value` = VALUES(`value`) \n ", array(current_user()->id, $name, maybe_serialize($value)));
}
}
if ($req->isDelete()) {
foreach ($prefs as $pname => $value) {
$name = 'pref_' . trim($pname);
ORM::raw_execute("\n DELETE FROM user_setting \n WHERE\n `user_id` = ?\n AND `name` = ?\n LIMIT 1\n ", array(current_user()->id, $name));
}
}
}
<?php
if (has_session('pelanggan')) {
redirect('pelanggan/profile');
}
?>
<!-- Modal Login -->
<div class="modal modal-info fade" id="modal-logpel" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog" style="max-width:450px">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
<h4 class="modal-title">Login</h4>
</div>
<div class="modal-body">
<form id="form-logpel" method="post" action="<?php
echo site_url('logpel/validate');
?>
">
<?php
csrf_inject();
?>
<div class="form-group">
<label class="sr-only" for="inputEmail">Email</label>
<input type="email" class="form-control" id="inputEmail" name="email" required="" placeholder="Email">
</div>
<div class="form-group">
<label class="sr-only" for="inputPassword">Password</label>
<input type="password" class="form-control" id="inputPassword" name="password" required="" placeholder="Password">
</div>
<div class="form-group clearfix">
$('#category').on('change', function(){
var category = $(this).val();
// clear cascaded value
$('#name').val('').children().show();
$('#slug').val('').children().show();
if (category) {
$('#name > option[data-category!='+category+']').hide();
$('#slug > option[data-category!='+category+']').hide();
}
});
var hasSession = '<?php
echo has_session("pelanggan");
?>
';
$('.link-product-detail').on('click', function(e){
e.preventDefault();
var slug = $(this).data('slug');
if ( ! hasSession) {
alert('Untuk melihat detail, Anda harus login dulu');
//loadPage(siteUrl('logpel') + '?ref=search-pag');
showModal();
} else {
loadPage(siteUrl('products/' + slug));
}
<?php
if (has_session('user')) {
redirect('home');
}
?>
<!DOCTYPE html>
<html class="no-js before-run" lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=0, minimal-ui">
<meta name="description" content="<?php
echo get_config('description');
?>
">
<meta name="author" content="<?php
echo get_config('author');
?>
">
<title>Login | Immortal</title>
<link rel="stylesheet" type="text/css" href="<?php
echo asset_url('vendor/bootstrap/css/bootstrap.css');
?>
">
<link rel="stylesheet" type="text/css" href="<?php
echo asset_url('vendor/bootstrap/css/bootstrap-extend.css');
?>
$post = get_post();
$result = array('success' => false, 'message' => 'Invalid email address or password');
$login_attempt = get_session('login_attempt', 1);
$remains = 30;
if (has_session('login_timer')) {
$elapsed = microtime(true) - get_session('login_timer');
$remains = round(30 - $elapsed);
if ($elapsed >= 30) {
unset_session('login_timer');
$login_attempt = 1;
}
}
if ($login_attempt == 3) {
$result['message'] = 'Too many failed login attempts. Please try again in ' . $remains . ' seconds';
if (!has_session('login_timer')) {
set_session('login_timer', microtime(true));
}
} else {
$user = db_fetch_one('SELECT * FROM users WHERE email = ?', array($post['email']));
if ($user && md5($post['password']) == $user['passwd']) {
csrf_protect();
$result['success'] = true;
$result['message'] = '';
unset($user['passwd']);
set_session('user', $user);
unset_session('login_attempt');
unset_session('login_timer');
} else {
$login_attempt++;
set_session('login_attempt', $login_attempt);
