function loggedInOrRedirect() { startSession(); if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) { die(header('Location: login.php')); } }
function checkFormToken($tokenName, $formTokenValue){ startSession(); if ($formTokenValue != $_SESSION[$tokenName]){ exit('ERROR: invalid form token! Do not submit your form twice.'); } unset($_SESSION[$tokenName]); }
function logOut() { startSession(); $_SESSION['id'] = ''; $_SESSION['username'] = ''; session_destroy(); header("Location: index.php"); }
function saveSession($email, $usertype, $firstname, $lastname, $userid) { startSession(); $_SESSION['userid'] = $userid; $_SESSION['firstname'] = $firstname; $_SESSION['lastname'] = $lastname; $_SESSION['email'] = $email; $_SESSION['usertype'] = $usertype; }
function loginAction() { $email = $_POST['email']; $pass = $_POST['password']; $remember = $_POST['rememberData']; $result = login($email); if ($result['message'] == 'OK') { $key = pack('H*', "bcb04b7e103a05afe34763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3"); $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); # --- DECRYPTION --- $ciphertext_dec = base64_decode($result['password']); $iv_dec = substr($ciphertext_dec, 0, $iv_size); $ciphertext_dec = substr($ciphertext_dec, $iv_size); $plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec); $count = 0; $length = strlen($plaintext_dec); for ($i = $length - 1; $i >= 0; $i--) { if (ord($plaintext_dec[$i]) === 0) { $count++; } } $plaintext_dec = substr($plaintext_dec, 0, $length - $count); if ($plaintext_dec === $pass) { $response = array('fName' => $result['fName'], 'lName' => $result['lName']); # Starting the sesion (At the server) startSession($result['fName'], $result['lName'], $result['email']); $inTwoMonths = 60 * 60 * 24 * 60 + time(); # Setting the cookies if ($remember) { setcookie("cookieUsername", $result['email'], $inTwoMonths); setcookie("cookiePassword", $result['password'], $inTwoMonths); } else { //if (isset($_COOKIE['cookieUsername']) && isset(($_COOKIE['cookiePassword']))) { unset($_COOKIE['cookieUsername']); unset($_COOKIE['cookiePassword']); //} } echo json_encode($response); } else { die(json_encode(errors(206))); } } else { die(json_encode($result)); } }
function formulaireIdentification() { startSession(); if ($_SESSION["connu"] === true) { printSession(); } else { if (!isset($_POST["submit_login"])) { print_login_form(); } else { $resultat = login($_POST["mail"], $_POST["mdp"]); if ($resultat === true) { printSession(); echo "Authentification réussie.</br>\n"; } else { print_login_form(); echo "Mauvais mail ou mot de passe.</br>"; } } } }
/** * shows a quick user message (flash/heads up) to provide user feedback * * Uses a Session to store the data until the data is displayed via bootswatchFeedback() * * Related feedback() function used to store message * * <code> * echo bootswatchFeedback(); #will show then clear message stored via feedback() * </code> * * @param none * @return string html & potentially CSS to style feedback * @see feedback() * @todo none */ function bootswatchFeedback() { startSession(); //startSession() does not return true in INTL APP! $myReturn = ""; //init if (isset($_SESSION['feedback']) && $_SESSION['feedback'] != "") { #show message, clear flash if (isset($_SESSION['feedback-level'])) { $level = $_SESSION['feedback-level']; } else { $level = ''; } switch ($level) { case 'warning': $level = 'warning'; break; case 'info': case 'notice': $level = 'info'; break; case 'success': $level = 'success'; break; case 'error': case 'danger': $level = 'danger'; break; } $myReturn .= ' <div class="alert alert-dismissable alert-' . $level . '" style="margin-top:.5em;"> <button class="close" data-dismiss="alert" type="button">×</button> ' . $_SESSION['feedback'] . '</div> '; $_SESSION['feedback'] = ""; #cleared $_SESSION['feedback-level'] = ""; } return $myReturn; //data passed back for printing }
public static function action() { // 注册AUTOLOAD方法 spl_autoload_register(['self', 'autoload']); define('_DOMAIN_', empty($_SERVER["HTTP_HOST"]) ? 'api.grlend.com' : $_SERVER["HTTP_HOST"]); ini_set('date.timezone', 'Asia/Shanghai'); // 设置时区 ini_set("display_errors", "On"); error_reporting(E_ALL); header("Content-type:text/html;charset=utf-8"); header("PowerBy: Han-zi,Liang"); header("F-Version: 1.0"); //框架版本 //载入防xss和sql注入文件 require_once 'waf.php'; //载入系统函数 require_once 'function.php'; startSession(); //启动程序 self::start(); }
function fillSession($array) { startSession(); $err = fullCheck($array); if ($err != "") { return $err; } if (!isset($array["connu"])) { sessionFillDefault(); return "Pofil inconnu.</br>\n"; } if ($array["connu"] === false) { sessionFillDefault(); return; } foreach ($varNames as $name) { //echo '$_SESSION['.$name.'] = $array['.$name.'];</br>\n'; $_SESSION[$name] = $array[$name]; } $_SESSION["connu"] = $array["connu"]; return ""; }
function validateUser($username, $password) { $conn = connectToDataBase(); $sql = "SELECT * FROM User WHERE userName = \"" . $username . "\" AND userPassword = \"" . $password . "\""; $result = mysqli_query($conn, $sql); $array = array(); if (mysqli_num_rows($result) > 0) { $array["response"] = "accepted"; $sql = "SELECT rolId, institutionId\n FROM HasRole hr, WorksInInstitution wi\n WHERE hr.userName = \"" . $username . "\" AND\n hr.userName = wi.userName;"; $result = mysqli_query($conn, $sql); if ($row = mysqli_fetch_assoc($result)) { $array["rolId"] = $row["rolId"]; $array["institutionId"] = $row["institutionId"]; $array["userName"] = $username; startSession($array); } } else { $array["response"] = "declined"; } closeDb($conn); echo json_encode($array); }
/** * shows a quick user message (flash/heads up) to provide user feedback * * Uses a Session to store the data until the data is displayed via showFeedback() * * Related feedback() function used to store message * * <code> * echo showFeedback(); #will show then clear message stored via feedback() * </code> * * changed from showFeedback() version 2.10 * * @param none * @return string html & potentially CSS to style feedback * @see feedback() * @todo none */ function showFeedback() { startSession(); //startSession() does not return true in INTL APP! $myReturn = ""; //init if (isset($_SESSION['feedback']) && $_SESSION['feedback'] != "") { #show message, clear flash if (defined('THEME_PHYSICAL') && file_exists(THEME_PHYSICAL . 'feedback.css')) { //check to see if feedback.css exists - if it does use that $myReturn .= '<link href="' . THEME_PATH . 'feedback.css" rel="stylesheet" type="text/css" />' . PHP_EOL; } else { //create css for feedback $myReturn .= ' <style type="text/css"> .feedback { /* default style for div */ border: 1px solid #000; margin:auto; width:100%; text-align:center; font-weight: bold; } .error { color: #000; background-color: #ee5f5b; /* error color */ } .warning { color: #000; background-color: #f89406; /* warning color */ } .notice { color: #000; background-color: #5bc0de; /* notice color */ } .success { color: #000; background-color: #62c462; /* notice color */ } </style> '; } if (isset($_SESSION['feedback-level'])) { $level = $_SESSION['feedback-level']; } else { $level = 'warning'; } $myReturn .= '<div class="feedback ' . $level . '">' . $_SESSION['feedback'] . '</div>'; $_SESSION['feedback'] = ""; #cleared $_SESSION['feedback-level'] = ""; return $myReturn; //data passed back for printing } }
function securePage() { global $conf; // If the sessionID is not present start the session (reading the // users cookie and loading their settings from disk) if (ONA_SESSION_ID != "") { startSession(); } // Make sure their session is still active if (!isset($_SESSION['ona']['auth']['user']['username'])) { //header("Location: {$https}{$baseURL}/login.php?expired=1"); exit; } return 0; }
include 'includes/header.php'; ?> <h1><?php echo $pageID; ?> </h1> <?php //customer_view.php - shows details of a single customer if ($Feedback == '') { //data exists, show it echo '<p>'; echo 'FirstName: <b>' . $FirstName . '</b> '; echo 'LastName: <b>' . $LastName . '</b> '; echo 'Email: <b>' . $Email . '</b> '; echo '<img src="uploads/customer' . $id . '.jpg" />'; if (startSession() && isset($_SESSION["AdminID"])) { # only admins can see 'peek a boo' link: echo '<p align="center"><a href="' . VIRTUAL_PATH . 'upload_form.php?' . $_SERVER['QUERY_STRING'] . '">UPLOAD IMAGE</a></p>'; /* # if you wish to overwrite any of these options on the view page, # you may uncomment this area, and provide different parameters: echo '<div align="center"><a href="' . VIRTUAL_PATH . 'upload_form.php?' . $_SERVER['QUERY_STRING']; echo '&imagePrefix=customer'; echo '&uploadFolder=upload/'; echo '&extension=.jpg'; echo '&createThumb=TRUE'; echo '&thumbWidth=50'; echo '&thumbSuffix=_thumb'; echo '&sizeBytes=100000'; echo '">UPLOAD IMAGE</a></div>'; */
<?php /** * Created by PhpStorm. * User: Zerzolar * Date: 12.3.2016 г. * Time: 23:09 */ require_once 'dbClass.php'; require_once "Sessions.php"; $user = $_POST; foreach ($user as $key => $val) { $user[$key] = trim($user[$key]); $user[$key] = mysqli_real_escape_string($db->link, $user[$key]); } $query = "SELECT * FROM `users` WHERE `users`.`username` = '" . $user['username'] . "'"; $result = $db->fetchArray($query); if (count($result) > 0) { if ($result[0]['password'] == md5($user['password'])) { startSession($result[0]['id'], $result[0]['username'], $result[0]['email'], $result[0]['firstname'], $result[0]['lastname'], $result[0]['gender'], $result[0]['birthdate'], $result[0]['joindate'], $result[0]['profilePicId']); echo $result[0]['profilePicId']; exit; } } echo "error";
function viewRegister() { $errors = array(); if (!empty($_POST)) { //vorm esitati if (empty($_POST["name"])) { $errors[] = "Nimi puudub."; } //nimi olemas $u = validateInput($_POST["name"]); $p1 = ''; $p2 = ''; $userMatch = false; $sql = "SELECT username FROM rsaarmae_users"; $result = mysqli_query($_SESSION['connection'], $sql); while ($row = mysqli_fetch_assoc($result)) { if ($row['username'] == $u) { $userMatch = true; $errors[] = "Sellise nimega kasutaja on juba registreeritud, proovige teist nime"; } } if (empty($_POST["name"])) { } if (empty($_POST["password"])) { $errors[] = "Salasõna puudub."; } else { $p1 = validateInput($_POST["password"]); } if (empty($_POST["password_check"])) { $errors[] = "Salasõna kontroll puudub."; } else { $p2 = validateInput($_POST["password_check"]); } if ($p1 != $p2) { $errors[] = "Salasõnad ei ühti."; } if (!$userMatch && empty($errors)) { $salt = sha1($p1 . $u . $p1); //salasõna räsi tekitamine ja soolamine $query = "INSERT INTO rsaarmae_users (username, pass) VALUES ('{$u}', '{$salt}');"; mysqli_query($_SESSION['connection'], $query); startSession(); startSession(); $_SESSION["teade"] = "Registreeritud kasutaja nimega '" . $u . "'."; header("Location: controller.php?mode=index"); exit(0); } } require_once 'register.php'; }
function registerUser() { $userName = $_POST['userName']; # Verify that the user doesn't exist in the database $result = verifyUser($userName); if ($result['status'] == 'COMPLETE') { $email = $_POST['email']; $userFirstName = $_POST['userFirstName']; $userLastName = $_POST['userLastName']; $userPassword = encryptPassword(); # Make the insertion of the new user to the Database $result = registerNewUser($userFirstName, $userLastName, $userName, $email, $userPassword); # Verify that the insertion was successful if ($result['status'] == 'COMPLETE') { # Starting the session startSession($userFirstName, $userLastName, $userName); echo json_encode($result); } else { # Something went wrong while inserting the new user die(json_encode($result)); } } else { # Username already exists die(json_encode($result)); } }
function check_anonymous_session($SESSNAME) { global $dbh; global $check_messages; // par défaut : pas de session ouverte $checkempr_type_erreur = CHECK_EMPR_NO_SESSION; // récupère les infos de session dans les cookies $PHPSESSID = $_COOKIE["{$SESSNAME}-SESSID"]; $PHPSESSLOGIN = $_COOKIE["{$SESSNAME}-LOGIN"]; $PHPSESSNAME = $_COOKIE["{$SESSNAME}-SESSNAME"]; // on récupère l'IP du client $ip = $_SERVER['REMOTE_ADDR']; // recherche de la session ouverte dans la table $query = "SELECT SESSID, login, IP, SESSstart, LastOn, SESSNAME FROM sessions WHERE "; $query .= "SESSID='{$PHPSESSID}'"; $result = pmb_mysql_query($query, $dbh); $numlignes = pmb_mysql_num_rows($result); if (!$numlignes) { startSession($SESSNAME, ""); } else { // On remet LAstOn à jour $t = time(); // on avait bien stocké le sessid, on va pouvoir remettre à jour le laston, avec sessid dans la clause where au lieu de id en outre. $query = "UPDATE sessions SET LastOn='{$t}' WHERE sessid='{$PHPSESSID}' "; $result = pmb_mysql_query($query, $dbh); } }
function connexion_empr() { global $dbh, $msg, $opac_duration_session_auth; global $time_expired, $erreur_session, $login, $password, $encrypted_password; global $auth_ok, $lang, $code, $emprlogin; global $password_key; global $first_log; global $erreur_connexion; global $opac_opac_view_activate, $pmb_opac_view_class, $opac_view_class; global $opac_default_style; //a positionner si authentification exterieure global $ext_auth, $empty_pwd; global $base_path, $class_path; global $cms_build_activate; //a positionner si les vues OPAC sont activées global $include_path; $erreur_connexion = 0; $log_ok = 0; if (!$_SESSION["user_code"]) { if (!get_magic_quotes_gpc()) { $p_login = addslashes($_POST['login']); } else { $p_login = $_POST['login']; } if ($time_expired == 0) { // début if ($time_expired==0) 1 //Si pas de session en cours, vérification du login $verif_query = "SELECT id_empr, empr_cb, empr_nom, empr_prenom, empr_password, empr_lang, empr_date_expiration<sysdate() as isexp, empr_login, empr_ldap,empr_location, allow_opac \n\t\t\t\t\tFROM empr\n\t\t\t\t\tJOIN empr_statut ON empr_statut=idstatut\n\t\t\t\t\tWHERE empr_login='******'"; $verif_result = pmb_mysql_query($verif_query); // récupération des valeurs MySQL du lecteur et injection dans les variables while ($verif_line = pmb_mysql_fetch_array($verif_result)) { $verif_empr_cb = $verif_line['empr_cb']; $verif_empr_login = $verif_line['empr_login']; $verif_empr_ldap = $verif_line['empr_ldap']; $verif_empr_password = $verif_line['empr_password']; $verif_lang = $verif_line['empr_lang'] ? $verif_line['empr_lang'] : "fr_FR"; $verif_id_empr = $verif_line['id_empr']; $verif_isexp = $verif_line['isexp']; $verif_opac = $verif_line['allow_opac']; $empr_location = $verif_line['empr_location']; } $auth_ok = 0; if ($verif_opac) { if (!$encrypted_password) { $encrypted_password = password::gen_hash($password, $verif_id_empr); } if ($ext_auth) { $auth_ok = $ext_auth; } elseif ($code) { $auth_ok = connexion_auto(); } elseif ($password_key) { $auth_ok = connexion_unique(); } elseif ($verif_empr_ldap) { $auth_ok = auth_ldap($p_login, $password); } else { $auth_ok = ($empty_pwd || !$empty_pwd && $verif_empr_password) && $verif_empr_password == stripslashes($encrypted_password) && $verif_empr_login != ""; } //auth standard } if ($auth_ok) { // début if ($auth_ok) 1 //Si mot de passe correct, enregistrement dans la session de l'utilisateur startSession("PmbOpac", $verif_empr_login); $log_ok = 1; if ($_SESSION["cms_build_activate"]) { $cms_build_activate = 1; } if ($_SESSION["build_id_version"]) { $build_id_version = $_SESSION["build_id_version"]; } //Récupération de l'environnement précédent $requete = "select session from opac_sessions where empr_id=" . $verif_id_empr; $res_session = pmb_mysql_query($requete); if (@pmb_mysql_num_rows($res_session)) { $temp_session = unserialize(pmb_mysql_result($res_session, 0, 0)); $_SESSION = $temp_session; } else { $_SESSION = array(); } $_SESSION["cms_build_activate"] = $cms_build_activate; $_SESSION["build_id_version"] = $build_id_version; if (!$code) { $_SESSION["connexion_empr_auto"] = 0; } $_SESSION["user_code"] = $verif_empr_login; $_SESSION["id_empr_session"] = $verif_id_empr; $_SESSION["connect_time"] = time(); $_SESSION["lang"] = $verif_lang; $_SESSION["empr_location"] = $empr_location; $req = "select location_libelle from docs_location where idlocation='" . $_SESSION["empr_location"] . "'"; $_SESSION["empr_location_libelle"] = pmb_mysql_result(pmb_mysql_query($req, $dbh), 0, 0); // change language and charset after login $lang = $_SESSION["lang"]; set_language($lang); if (!$verif_isexp) { recupere_pref_droits($_SESSION["user_code"]); $_SESSION["user_expired"] = $verif_isexp; } else { recupere_pref_droits($_SESSION["user_code"], 1); $_SESSION["user_expired"] = $verif_isexp; echo "<script>alert(\"" . $msg["empr_expire"] . "\");</script>"; $erreur_connexion = 1; } if ($opac_opac_view_activate) { $_SESSION["opac_view"] = 0; $_SESSION['opac_view_query'] = 0; if (!$pmb_opac_view_class) { $pmb_opac_view_class = "opac_view"; } require_once $base_path . "/classes/" . $pmb_opac_view_class . ".class.php"; $opac_view_class = new $pmb_opac_view_class($_SESSION["opac_view"], $_SESSION["id_empr_session"]); if ($opac_view_class->id) { $opac_view_class->set_parameters(); $opac_view_filter_class = $opac_view_class->opac_filters; $_SESSION["opac_view"] = $opac_view_class->id; if (!$opac_view_class->opac_view_wo_query) { $_SESSION['opac_view_query'] = 1; } } else { $_SESSION["opac_view"] = 0; } $css = $_SESSION["css"] = $opac_default_style; } $first_log = true; } else { //Sinon, on détruit la session créée if ($_SESSION["cms_build_activate"]) { $cms_build_activate = 1; } if ($_SESSION["build_id_version"]) { $build_id_version = $_SESSION["build_id_version"]; } @session_destroy(); if ($cms_build_activate) { session_start(); $_SESSION["cms_build_activate"] = $cms_build_activate; $_SESSION["build_id_version"] = $build_id_version; } if (!$encrypted_password) { $encrypted_password = password::gen_hash($password, $verif_id_empr); } if ($verif_empr_password != stripslashes($encrypted_password) || $verif_empr_login == "" || $verif_empr_ldap || $code) { // la saisie du mot de passe ou du login est incorrect ou erreur de connexion avec le ldap $erreur_session = $empr_erreur_header; $erreur_session .= $msg["empr_type_card_number"] . "<br />"; $erreur_session .= $empr_erreur_footer; $erreur_connexion = 3; } elseif ($verif_isexp) { //Si l'abonnement est expiré echo "<script>alert(\"" . $msg["empr_expire"] . "\");</script>"; $erreur_connexion = 1; } elseif (!$verif_opac) { //Si la connexion à l'opac est interdite echo "<script>alert(\"" . $msg["empr_connexion_interdite"] . "\");</script>"; $erreur_connexion = 2; } else { // Autre cas au cas où... $erreur_session = $empr_erreur_header; $erreur_session .= $msg["empr_type_card_number"] . "<br />"; $erreur_session .= $empr_erreur_footer; $erreur_connexion = 3; } $log_ok = 0; $time_expired = 0; } // fin if ($auth_ok) 1 } else { // la session a expiré, on va le lui dire echo "<script>alert(\"" . sprintf($msg["session_expired"], round($opac_duration_session_auth / 60)) . "\");</script>"; } } else { //Si session en cours, pas de problème... $log_ok = 1; $login = $_SESSION["user_code"]; if ($_SESSION["user_expired"]) { recupere_pref_droits($login, 1); } else { recupere_pref_droits($login); } if (!$code) { $_SESSION["connexion_empr_auto"] = 0; } } // pour visualiser une notice issue de DSI avec une connexion auto if ($_SESSION["connexion_empr_auto"] && $log_ok) { global $connexion_empr_auto, $tab, $lvl; $connexion_empr_auto = 1; if (!$code) { if (!$tab) { $tab = "dsi"; } if (!$lvl) { $lvl = "bannette"; } } } return $log_ok; }
if ($SessionToolsResult === false) { die; } startSession($charId, $domainId, $SessionId); if ($SessionToolsResult === false) { die; } $sessionId = $SessionId; } else { $row = mysqli_fetch_assoc($result); $sessionId = $row['session_id']; $state = $row['state']; echo "Found your session: {$sessionId} ({$state})<br>"; if ($state == "ss_planned") { // First, start the session startSession($charId, $domainId, $sessionId); global $SessionId, $SessionToolsResult; if ($SessionToolsResult === false) { die("Failed to start the session"); } $sessionId = $SessionId; echo "edit_session.php : the session have been started<br>"; } } // check that we character have a participation in the session and invite him if needed $query = "SELECT count(*) FROM session_participant WHERE session_id = {$sessionId} AND char_id = {$charId}"; $result = mysqli_query($link, $query) or die("Can't execute the query: " . $query); $num = mysqli_num_rows($result); if ($num != 1) { die("Invalid result whil checking participation for char {$charId} in session {$sessionId}<br>"); }
break; default: $title = THIS_PAGE; $pageID = "Retro Diner"; } //end switch //Here are our navigation pages: $nav1['index.php'] = 'Home'; $nav1['template.php'] = 'Template'; $nav1['daily.php'] = 'Daily'; $nav1['customers.php'] = 'Customers'; $nav1['contact.php'] = 'Contact'; /* * adminWidget allows clients to get to admin page from anywhere * code will show/hide based on logged in status */ if (startSession() && isset($_SESSION['AdminID'])) { #add admin logged in info to sidebar or nav $adminWidget = '<li><a href="' . ADMIN_PATH . 'admin_dashboard.php">ADMIN</a></li>'; $adminWidget .= '<li><a href="' . ADMIN_PATH . 'admin_logout.php">LOGOUT</a></li>'; } else { //show login (YOU MAY WANT TO SET TO EMPTY STRING FOR SECURITY) $adminWidget = '<li><a href="' . ADMIN_PATH . 'admin_login.php">LOGIN</a></li>'; } /* * These variables, when added to the header.php and footer.php files, * allow custom JS or CSS scripts to be loaded into <head> element and * just before the closing body tag, respectively */ $loadhead = ''; $loadfoot = '';
<?php define('BANK_APP', TRUE); if ($_SERVER["HTTPS"] != "on") { header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); exit; } require_once "../app/user.php"; require_once "../app/transaction.php"; startSession(true); getDBCredentials(getAuthUser()->usertype); clearCSRFToken(); //generatePDF(8); $showDownload = ""; // if the logged in user is not an employee if (getAuthUser()->usertype === 'C') { $accountId = getAccountByUserId(getAuthUser()->userid)->ID; $transactions = getTransactionsByAccountId($accountId); $showDownload = "?download=1"; } else { //4.8.1 if (isset($_GET['id']) && is_numeric((int) $_GET['id']) && (int) $_GET['id'] > 0) { $accountId = getAccountByUserId((int) $_GET['id'])->ID; $transactions = getTransactionsByAccountId($accountId); $showDownload = "?id=" . $_GET['id'] . "&download=1"; } else { $transactions = getTransactions(); } } if (isset($_GET['download'])) { $download = $_GET['download'];
function updVSTRule() { // this is used for making throwing an invalid argument exception easier. function updVSTRule_get_named_param($name, $haystack, &$last_used_name) { $last_used_name = $name; return isset($haystack[$name]) ? $haystack[$name] : NULL; } global $port_role_options, $sic; $taglist = genericAssertion('taglist', 'array0'); assertUIntArg('mutex_rev', TRUE); $data = genericAssertion('template_json', 'json'); $rule_no = 0; try { $last_field = ''; foreach ($data as $rule) { $rule_no++; if (!isInteger(updVSTRule_get_named_param('rule_no', $rule, $last_field)) or !isPCRE(updVSTRule_get_named_param('port_pcre', $rule, $last_field)) or NULL === updVSTRule_get_named_param('port_role', $rule, $last_field) or !array_key_exists(updVSTRule_get_named_param('port_role', $rule, $last_field), $port_role_options) or NULL === updVSTRule_get_named_param('wrt_vlans', $rule, $last_field) or !preg_match('/^[ 0-9\\-,]*$/', updVSTRule_get_named_param('wrt_vlans', $rule, $last_field)) or NULL === updVSTRule_get_named_param('description', $rule, $last_field)) { throw new InvalidRequestArgException($last_field, $rule[$last_field], "rule #{$rule_no}"); } } commitUpdateVSTRules($_REQUEST['vst_id'], $_REQUEST['mutex_rev'], $data); } catch (Exception $e) { // Every case that is soft-processed in process.php, will have the working copy available for a retry. if ($e instanceof InvalidRequestArgException or $e instanceof RTDatabaseError) { startSession(); $_SESSION['vst_edited'] = $data; session_commit(); } throw $e; } rebuildTagChainForEntity('vst', $_REQUEST['vst_id'], buildTagChainFromIds($taglist), TRUE); showFuncMessage(__FUNCTION__, 'OK'); }
<?php include_once 'core.php'; include 'skins/' . Config::$theme . '/setup.php'; include_once 'integration/integration.php'; //Pull through user ID $frontend = new FrontEnd(); setCurrentUser($frontend->getUserId()); startSession(getCurrentUID(), $frontend->getName(getCurrentUID())); //Check user is in db and run checks. $frontend->pullUserInfo(getCurrentUID()); $frontend->checkGroups(getCurrentUID(), getCurrentLID()); $frontend->disconnect(); $page = new Lan_pages(); $page->name = GETSafe('page'); $page->find(); if ($page->fetch()) { $file = 'modules/' . $page->module . '/' . $page->file . '.php'; if (file_exists($file)) { include $file; $master->RenderPage($page->module . '.' . $page->file . '.htm'); } else { $master->AddError("The file for this page does not exist!"); } } else { $master->AddError("Unknown page!"); } if ($master->HasFatalError()) { $master->RenderPage('error.htm'); } $master->RenderSite('master.integration.htm');
<?php require_once dirname(__FILE__) . "/includes/global_deploy_config.php"; require_once dirname(__FILE__) . "/includes/common.inc.php"; require_once dirname(__FILE__) . "/database/users.php"; startSession(); // log session end $users = new users(); $users->recordLogout($_SESSION['user_id']); $users->close(); // end PHP session endSession(); // kill Shibboleth session header("Location: {$logoutURL}"); exit;
*/ define("SESSION_USERNAME", 'userName'); define("SESSION_USER_ID", 'userID'); $life_time = 5 * 60; // 5 minutes //session_name("MicroBlog"); //session_set_cookie_params($lifetime); //session_save_path(ROOT . '/tmp/session'); //setcookie(session_name(), session_id(), time() + $life_time); //ini_set('session.cookie_lifetime', $life_time); //ini_set('session.gc_maxlifetime', $life_time); //ini_set('session.gc_probability', 1); //ini_set('session.gc_divisor', 100); //ini_set('session.cookie_secure', false); //ini_set('session.use_only_cookies', true); //session_start(); startSession($life_time); if (isset($_SESSION[SESSION_USER_ID])) { $g_userID = $_SESSION[SESSION_USER_ID]; } function startSession($time = 3600, $ses = TITLE) { session_set_cookie_params($time); session_name($ses); session_save_path(createPath(ROOT . '/tmp/session')); session_start(); // Reset the expiration time upon page load if (isset($_COOKIE[$ses])) { setcookie(session_name(), session_id(), time() + $time, "/"); } }
function setDefaultSettings() { startSession(); # Start session. setTimeZone(); # Load Settings getFirePHPObject()->info("FirePHP Object created"); # Fire PHP - Blue badge will come with this info. }
public function flashes($type = null) { startSession(); if (!isset($_SESSION['__flashes'])) { return array(); } if (null === $type) { $flashes = $_SESSION['__flashes']; unset($_SESSION['__flashes']); } elseif (null !== $type) { $flashes = array(); if (isset($_SESSION['__flashes'][$type])) { $flashes = $_SESSION['__flashes'][$type]; unset($_SESSION['__flashes'][$type]); } } return $flashes; }
function renderVSTRulesEditor($vst_id) { $vst = spotEntity('vst', $vst_id); amplifyCell($vst); if ($vst['rulec']) { $source_options = array(); } else { $source_options = array(); foreach (listCells('vst') as $vst_id => $vst_info) { if ($vst_info['rulec']) { $source_options[$vst_id] = stringForLabel('(' . $vst_info['rulec'] . ') ' . $vst_info['description']); } } } addJS('js/vst_editor.js'); echo '<center><h1>' . stringForLabel($vst['description']) . '</h1></center>'; if (count($source_options)) { startPortlet('clone another template'); printOpFormIntro('clone'); echo '<input type=hidden name="mutex_rev" value="' . $vst['mutex_rev'] . '">'; echo '<table cellspacing=0 cellpadding=5 align=center class=widetable>'; echo '<tr><td>' . getSelect($source_options, array('name' => 'from_id')) . '</td>'; echo '<td>' . getImageHREF('COPY', 'copy from selected', TRUE) . '</td></tr></table></form>'; finishPortlet(); startPortlet('add rules one by one'); } printOpFormIntro('upd'); echo '<table cellspacing=0 cellpadding=5 align=center class="widetable template-rules">'; echo "<tr><th class=tdright>Tags:</th><td class=tdleft style='border-top: none;'>"; printTagsPicker(); echo "</td></tr>"; echo '<tr><th></th><th>sequence</th><th>regexp</th><th>role</th>'; echo '<th>VLAN IDs</th><th>comment</th><th><a href="#" class="vst-add-rule initial">' . getImageHREF('add', 'Add rule') . '</a></th></tr>'; global $port_role_options; $row_html = '<td><a href="#" class="vst-del-rule">' . getImageHREF('destroy', 'delete rule') . '</a></td>'; $row_html .= '<td><input type=text name=rule_no value="%s" size=3></td>'; $row_html .= '<td><input type=text name=port_pcre value="%s"></td>'; $row_html .= '<td>%s</td>'; $row_html .= '<td><input type=text name=wrt_vlans value="%s"></td>'; $row_html .= '<td><input type=text name=description value="%s"></td>'; $row_html .= '<td><a href="#" class="vst-add-rule">' . getImageHREF('add', 'Duplicate rule') . '</a></td>'; addJS("var new_vst_row = '" . addslashes(sprintf($row_html, '', '', getSelect($port_role_options, array('name' => 'port_role'), 'anymode'), '', '')) . "';", TRUE); startSession(); foreach (isset($_SESSION['vst_edited']) ? $_SESSION['vst_edited'] : $vst['rules'] as $item) { printf('<tr>' . $row_html . '</tr>', $item['rule_no'], htmlspecialchars($item['port_pcre'], ENT_QUOTES), getSelect($port_role_options, array('name' => 'port_role'), $item['port_role']), $item['wrt_vlans'], $item['description']); } echo '</table>'; echo '<input type=hidden name="template_json">'; echo '<input type=hidden name="mutex_rev" value="' . $vst['mutex_rev'] . '">'; echo '<center>' . getImageHref('SAVE', 'Save template', TRUE) . '</center>'; echo '</form>'; if (isset($_SESSION['vst_edited'])) { // draw current template renderVSTRules($vst['rules'], 'currently saved tamplate'); unset($_SESSION['vst_edited']); } session_commit(); if (count($source_options)) { finishPortlet(); } }
* @author Bill Newman <*****@*****.**> * @version 2.014 2015/11/30 * @link http://www.newmanix.com/ * @license http://www.apache.org/licenses/LICENSE-2.0 * @see admin_validate.php * @see admin_dashboard.php * @see admin_logout.php * @see admin_only_inc.php * @todo none */ require 'includes/config.php'; #provides configuration, pathing, error handling, db credentials $title = 'Admin Login'; #Fills <title> tag //END CONFIG AREA ---------------------------------------------------------- if (startSession() && isset($_SESSION['red']) && $_SESSION['red'] != 'admin_logout.php') { //store redirect to get directly back to originating page $red = $_SESSION['red']; } else { //don't redirect to logout page! $red = ''; } #required for redirect back to previous page include INCLUDE_PATH . 'header.php'; #header must appear before any HTML is printed by PHP echo ' <h1>Admin Login</h1> <table align="center"> <form action="' . ADMIN_PATH . 'admin_validate.php" method="post"> <tr> <td align="right">Email:</td>
<?php require_once '../tools/validate_cookie.php'; include_once '../login/config.php'; include_once '../tools/domain_info.php'; include_once 'ring_session_manager_itf.php'; include_once 'session_tools.php'; $step = 0; $domainId = -1; if (!validateCookie($userId, $domainId, $charId)) { echo "Invalid cookie !"; die; } else { echo "Welcome user {$userId}<BR>"; startSession($charId, $domainId, $_POST["sessionId"]); // inviteOwnerInSession($charId, $domainId, $_POST["sessionId"]); die; } ?> <p><a href="web_start.php">Return to main</a> </p>