/** * Login */ public function login($username, $password) { # Check user exists if (!array_key_exists($username, $this->config['users'])) { JSON::parse(100, 'negative', 'Unrecognised Username.', array($username), true); } # If user does exist, check password if ($password === $this->config['users'][$username]['password']) { # Create Session session_add('user', array('name' => $this->config['users'][$username]['name'])); # Pass back positive response JSON::parse(200, 'positive', 'You\'re now logged in, if you\'re not redirected in 10 seconds, <a href="/">click here</a>.', null, true); } else { JSON::parse(100, 'negative', 'Incorrect password.', null, true); } }
function display_select($sth, $q) { global $dbh, $DB, $sqldr, $reccount, $is_sht, $xurl; $rc = array("o", "e"); $dbn = $DB['db']; $sqldr = ''; $keys = array_keys($_POST); $is_enclevel = strstr($keys[0], "cryptdb"); if (isset($_POST['cryptdb_describe_table']) || $is_enclevel != FALSE) { $is_shd = preg_match('/^show\\s+databases/i', $q); $is_sht = preg_match('/^show\\s+tables|^SHOW\\s+TABLE\\s+STATUS/', $q); $is_show_crt = preg_match('/^show\\s+create\\s+table/i', $q); if ($sth === FALSE or $sth === TRUE) { return; } #check if $sth is not a mysql resource $reccount = mysql_num_rows($sth); $fields_num = mysql_num_fields($sth); $w = ''; $sqldr .= "<table class='res {$w}'>"; $headers = "<tr class='h'>"; if ($is_sht) { $headers .= "<td><input type='checkbox' name='cball' value='' onclick='chkall(this)'></td>"; } for ($i = 0; $i < $fields_num; $i++) { if ($is_sht && $i > 0) { break; } $meta = mysql_fetch_field($sth, $i); $headers .= "<th>" . $meta->name . "</th>"; } $headers .= "<th>Submit column for analysis</th>"; $headers .= "</tr>\n"; $sqldr .= $headers; $swapper = false; $idpos = 0; while ($row = mysql_fetch_row($sth)) { $identifier = $row[0]; $sqldr .= "<tr class='" . $rc[$swp = !$swp] . "' onmouseover='tmv(this)' onmouseout='tmo(this)' onclick='tc(this)' align=\"center\">"; for ($i = 0; $i < $fields_num; $i++) { $v = $row[$i]; $more = ''; if ($is_show_crt) { $v = "<pre>{$v}</pre>"; } $sqldr .= "<td>{$v}" . (!strlen($v) ? "<br>" : '') . "</td>"; } $sqldr .= "<td><form action=\"{$self}\" value={$dbn}{$idpos} method=\"post\">"; if ($is_enclevel == FALSE) { session_add('s_PROXY', "CryptDBProxy"); session_add('s_QUERY', $q); session_add('s_DB', $DB['db']); session_add('s_TABLE', $_POST['cryptdb_describe_table']); session_append('s_ID', $identifier . "&"); } $var = $idpos . '_cryptdb_sensitive'; $sqldr .= "<select name=\"{$var}\" id=\"{$var}\" onChange=\"\"> \n <option name=sensitive_field value=\"sensitive_field\" selected>Sensitive Field</option> \n <option name=best_effort_encryption value=\"best_effort_encryption\">Best Effort Encryption</option> \n <option name=unencrypted value=\"unencrypted\">Unencrypted</option>\n </select><input type=\"submit\" value=\"Submit\" /></td>"; $sqldr .= "</form></td>"; $idpos++; } $sqldr .= "</td></tr></table>\n.{$abtn}"; } else { //do something } }