function credentials($email, $passwd, $table) { if (!strcmp($table, "Users")) { $users = new Users($email); $arr = $users->emailPasswd($passwd); return $this->verifyCreds($arr, $arr['email'], $arr['passwd']); } else { $admin = new Admins($email); $arr = $admin->emailPasswd($passwd); return $this->verifyCreds($arr, $arr['email'], $arr['passwd']); } }
function is_logged_in() { if (Admins::current_admin()) { return true; } else { return False; } }
private function getModel() { if (!$this->isGuest && $this->_model === null) { if ('Users' == Yii::app()->session->get("typeAuthorize")) { $this->_model = Users::model()->findByPk($this->id, array('select' => 'login, idRole')); } else { if ('Admins' == Yii::app()->session->get("typeAuthorize")) { $this->_model = Admins::model()->findByPk($this->id, array('select' => 'login, role')); } } } return $this->_model; }
public function DataAction($type = '') { if ($this->request->isPost()) { $pwd1 = $this->request->getPost('password'); $pwd2 = $this->request->getPost('passwd'); $data = Admins::findFirst(array('id=:id:', 'bind' => array('id' => $this->session->get('Admin')['id']))); if (md5($pwd1) == $data->password) { $data->password = md5($pwd2); if ($data->save()) { $this->response->redirect('Result/suc/SysChangePasswd'); } else { $this->response->redirect('Result/err'); } } else { $this->response->redirect('Result/err'); } } }
public function DataAction($type = '') { if ($this->request->isPost()) { $pwd1 = $this->request->getPost('password'); $pwd2 = $this->request->getPost('passwd'); $data = Admins::findFirst('id=' . @$_SESSION['Admin']['id']); if (md5($pwd1) == $data->password) { $data->password = md5($pwd2); if ($data->save()) { $this->response->redirect('Result/suc/SysChangePasswd'); } else { $this->response->redirect('Result/err'); } } else { $this->response->redirect('Result/err'); } } }
public function loginAction() { if ($this->request->isPost()) { $uname = $this->request->getPost('uname'); $password = $this->request->getPost('passwd'); // User Data $admin = Admins::findFirst(array("(uname = :uname: OR email = :uname:) AND password = :password:"******"status":"y"}'; } else { echo '{"status":"n","msg":"该用户已被禁用!"}'; } } else { echo '{"status":"n","msg":"帐号或密码有误!"}'; } } }
public function loginAction() { if ($this->request->isPost()) { $uname = $this->request->getPost('uname'); $password = $this->request->getPost('passwd'); // User Data $admin = Admins::findFirst(array("(uname = :uname: OR email = :uname: OR tel = :uname:) AND password = :password:"******"status" => "n", "title" => $lang->_("msg_title"), "msg" => $lang->_("msg_isUser"), "text" => $lang->_('msg_auto_close'))); } if ($admin->state == '1') { $this->_registerSession($admin); $this->loginLog('Login', $uname); return $this->response->setJsonContent(array("status" => "y")); } else { $this->loginLog('Disable', $uname); return $this->response->setJsonContent(array("status" => "n", "title" => $lang->_("msg_title"), "msg" => $lang->_("msg_isDisable"), "text" => $lang->_('msg_auto_close'))); } } }
/** * 判断用户是否有权限 * @param type $type 判断权限类型 * @param type $fuid 用户ID,默认为当前登录用户 * @param type $return 是否返回 * @param type $json 是否以JSON格式输出 * @return boolean */ public function checkPower($type, $fuid = '', $return = false, $json = false) { $uid = $fuid ? $fuid : Yii::app()->user->id; if (!$uid) { if ($return) { return false; } elseif (!$json and !Yii::app()->request->isAjaxRequest) { $this->redirect(array('/site/login')); } else { $this->jsonOutPut(0, '请先登录'); } } if ($type == 'login') { $pinfo = Admins::model()->find('uid=:uid', array(':uid' => $uid)); if (!$pinfo) { if ($return) { return false; } elseif (!$json and !Yii::app()->request->isAjaxRequest) { throw new CHttpException(403, '您无权该操作'); } else { $this->jsonOutPut(0, '不是管理员'); } } return true; } $power = Admins::model()->find('powers=:p AND uid=:uid', array(':p' => $type, ':uid' => $uid)); if (!$power) { if ($return) { return false; } elseif (!$json and !Yii::app()->request->isAjaxRequest) { throw new CHttpException(403, '您无权该操作'); } else { $this->jsonOutPut(0, '您无权该操作'); } } return true; }
<?php include "includes/application-top.php"; $dbObj = new DB(); $dbObj->fun_db_connect(); $objAdmin = new Admins(); $objAdmin->fun_authenticate_admin(); if (@$_SESSION['session_admin_type'] == "1") { $sqlSel_post = "SELECT * FROM " . TABLE_COMMENT; } else { $sqlSel_post = "SELECT * FROM " . TABLE_COMMENT . " WHERE post_id in (SELECT GROUP_CONCAT(id) as ids FROM " . TABLE_POST . " GROUP BY user_id HAVING user_id= " . $_SESSION['session_admin_userid'] . ")"; } $rsResult_post = $dbObj->fun_db_query($sqlSel_post); $total_Post = $dbObj->fun_db_get_num_rows($rsResult_post); $total_pages = ceil($total_Post / limit); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html xml:lang="en"> <head> <title><?php echo prefix . " | Comment List"; ?> </title> <meta name="viewport" content="width=device-width; initial-scale=1; maximum-scale=1"> <link rel="stylesheet" href="css/style.css" type="text/css" /> <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script> <script type="text/javascript"> $(document).ready( function(){ $(".menu-icon").click(function(){
<?php require_once "../include/admins.php"; require_once "../include/html_functions.php"; require_once "../include/functions.php"; $bad_login = !(isset($_POST['adminname']) && isset($_POST['password'])); if (isset($_POST['adminname']) && isset($_POST['password'])) { if ($user = Admins::check_login($_POST['adminname'], $_POST['password'])) { Admins::login_admin($user['id']); http_redirect(Admins::$HOME_URL); } else { $bad_login = True; } } if ($bad_login) { ?> <h2>Admin Area</h2> <form action="<?php echo Admins::$LOGIN_URL; ?> " method="POST"> Username : <input type="text" name="adminname" /><br> Password : <input type="password" name="password" /><br> <input type="submit" value="submit" /> </form> <?php }
<?php require_once "../include/admins.php"; require_once "../include/functions.php"; require_admin_login(); $admin = Admins::current_admin(); ?> <h2>Welcome to the awesome admin panel <?php echo h($admin['login']); ?> </h2> <a href="<?php echo h(Admins::$CREATE_URL); ?> ">Create a new user!</a>
<?php session_start(); include 'classes/admins.php'; $admins_model = new Admins(); $admins_model->authenticate();
function require_admin_login() { if (!Admins::is_logged_in()) { http_redirect(Admins::$LOGIN_URL); } }
<?php require_once "includes/application-top.php"; $objAdmin = new Admins(); $adminUname = fun_db_output($_POST['username']); $adminPass = fun_db_output($_POST['password']); if ($objAdmin->fun_verify_admins($adminUname, md5($adminPass))) { $adminInfo = $objAdmin->fun_getAdminUserInfo(0, $adminUname); if (sizeof($adminInfo)) { if ($adminInfo['status'] == "1") { $_SESSION['session_admin_userid'] = $adminInfo['id']; $_SESSION['session_admin_username'] = $adminInfo['username']; $_SESSION['session_admin_password'] = $adminInfo['password']; $_SESSION['session_admin_type'] = $adminInfo['type']; redirectURL(SITE_ADMIN_URL . "profile.php"); } else { unset($_SESSION['session_admin_userid']); unset($_SESSION['session_admin_username']); unset($_SESSION['session_admin_password']); $_SESSION['msg'] = 'You account has been suspended due to some reason!'; redirectURL(SITE_ADMIN_URL . "profile-login.php"); } } else { $_SESSION['msg'] = 'Invalid username or password!'; redirectURL(SITE_ADMIN_URL . "profile-login.php"); } } else { $_SESSION['msg'] = 'Invalid username or password!'; redirectURL(SITE_ADMIN_URL . "profile-login.php"); }
<?php /** * @project ApPHP Business Directory * @copyright (c) 2011 ApPHP * @author ApPHP <*****@*****.**> * @license http://www.gnu.org/licenses/ */ // *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- if ($objLogin->IsLoggedInAsAdmin()) { $objAdmin = new Admins($objLogin->GetLoggedID()); $submit_type = isset($_POST['submit_type']) ? prepare_input($_POST['submit_type']) : ''; $preferred_language = isset($_POST['preferred_language']) ? prepare_input($_POST['preferred_language']) : ''; $admin_email = isset($_POST['admin_email']) ? prepare_input($_POST['admin_email']) : ''; $password_one = isset($_POST['password_one']) ? prepare_input($_POST['password_one']) : ''; $password_two = isset($_POST['password_two']) ? prepare_input($_POST['password_two']) : ''; $first_name = isset($_POST['first_name']) ? prepare_input($_POST['first_name']) : ''; $last_name = isset($_POST['last_name']) ? prepare_input($_POST['last_name']) : ''; $msg = ''; // change password if ($submit_type == '1') { $msg = $objAdmin->ChangeLang($preferred_language); } else { if ($submit_type == '2') { $msg = $objAdmin->SavePersonalInfo($admin_email, $first_name, $last_name); } else { if ($submit_type == '3') { $msg = $objAdmin->ChangePassword($password_one, $password_two); }
* @author ApPHP <*****@*****.**> * @license http://www.gnu.org/licenses/ */ // *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- $act = isset($_POST['act']) ? prepare_input($_POST['act']) : ''; $password_sent = (bool) Session::Get('password_sent'); $email = isset($_POST['email']) ? prepare_input($_POST['email']) : ''; $msg = ''; if ($act == 'send') { if (!check_email_address($email)) { $msg = draw_important_message(_EMAIL_IS_WRONG, false); } else { if (!$password_sent) { $objAdmin = new Admins($objSession->GetSessionVariable('session_account_id')); if ($objAdmin->SendPassword($email)) { $msg = draw_success_message(_PASSWORD_SUCCESSFULLY_SENT, false); Session::Set('password_sent', true); } else { $msg = draw_important_message($objAdmin->error, false); } } else { $msg = draw_message(_PASSWORD_ALREADY_SENT, false); } } } // Draw title bar draw_title_bar(prepare_breadcrumbs(array(_ADMIN => '', _PASSWORD_FORGOTTEN => ''))); // Check if user is logged in if (!$objLogin->IsLoggedIn()) {
<?php session_start(); require 'id.php'; require 'lib/Facebook/autoload.php'; require 'Controllers/adminController.php'; use Controller\adminController\admins; $fb = new Facebook\Facebook(['app_id' => $app_id, 'app_secret' => $app_secret, 'default_graph_version' => 'v2.4']); $accessToken = $_SESSION['fb_access_token']; echo '<pre>'; $admin = new Admins(); $admin_public_profile = $admin->getUserProfile($fb, $accessToken); $admin_pages = $admin->getUserPages($fb, $accessToken); var_dump($admin_pages); var_dump($admin_public_profile); $admins_var = $admin->getAdmins($fb); echo '<h1> this is it </h1> '; print_r($admins_var); $tab = $admin->getAdminsPosts($fb, $admins_var); print_r($tab);
protected function beforeSave() { if (parent::beforeSave()) { $string = !empty($this->description) ? $this->description : $this->text; $charset = mb_detect_encoding($string); $strLength = iconv_strlen($string, $charset); if (500 < $strLength) { $string = strip_tags($string); $string = substr($string, 0, 500); $string = rtrim($string, "!,.-"); $string = substr($string, 0, strrpos($string, ' ')); $this->description = $string . "… "; } if ($this->isNewRecord) { $this->dateCreate = new CDbExpression('NOW()'); if (Admins::model()->checkAccess(Yii::app()->user->role, Yii::app()->params['permission']['2'])) { $this->moderationAppruv = 1; } } else { $this->dateCreate = date('Y-m-d H:i:s', strtotime($this->dateCreate)); $this->dateUpdate = new CDbExpression('NOW()'); } return true; } else { return false; } }
<?php require "PHPMailer/class.phpmailer.php"; require_once "includes/application-top.php"; $objAdmin = new Admins(); $objAdmin->fun_authenticate_admin(); $dbObj = new DB(); $dbObj->fun_db_connect(); if (count($_POST) > 0) { $arr = $_POST; $arr['add_date'] = date("Y-m-d H:i:s"); $arr['status'] = 1; if ($_FILES['image']['size'] < 1000000) { $image_info = getimagesize($_FILES["image"]["tmp_name"]); $image_width = $image_info[0]; $image_height = $image_info[1]; if ($image_width > 400 && $image_height > 300) { if ($_FILES['image']['name'] != '') { $randnum = rand(); $str = rand() . str_replace(' ', '_', $_FILES['image']['name']); $Small_logo_ImgFName = "post/post_" . $str; $image = new SimpleImage(); $image->load($_FILES['image']['tmp_name']); //$image->resize(800,600); $image->resize(400, 300); $image->save($Small_logo_ImgFName); $arr['image'] = "post/post_" . $str; } if ($_FILES['image']['name'] != '') { $randnum = rand(); $str = "large" . rand() . str_replace(' ', '_', $_FILES['image']['name']);
error_reporting(E_ERROR); // actions $url_id = $GPXIN['id']; $url_do = $GPXIN['do']; // Action $url_username = $GPXIN['username']; $url_password = $GPXIN['password']; $url_email = $GPXIN['email']; $url_first_name = $GPXIN['fname']; $url_last_name = $GPXIN['lname']; $url_theme = $GPXIN['theme']; $url_language = $GPXIN['language']; // Create if ($url_do == 'create') { require DOCROOT . '/includes/classes/admins.php'; $Admins = new Admins(); echo $Admins->create($url_username, $url_password, $url_email, $url_first_name, $url_last_name); } elseif ($url_do == 'save') { if (empty($url_id) || empty($url_username)) { die('Insufficient info given!'); } if (!empty($url_password)) { #require(DOCROOT.'/includes/classes/core.php'); $Core = new Core(); #$newpass = base64_encode($Core->genstring(6) . sha1($url_password) . $Core->genstring(9)); $newpass = base64_encode(sha1('ZzaX' . $url_password . 'GPX88')); $sql_pass = "******"; } else { $sql_pass = ''; } @mysql_query("UPDATE admins SET last_updated = NOW(),username = '******',theme = '{$url_theme}',language = '{$url_language}',email_address = '{$url_email}',first_name = '{$url_first_name}',last_name = '{$url_last_name}'{$sql_pass} WHERE id = '{$url_id}'") or die('Failed to update admin');
public function checkLogin() { if ($this->request->isPost() && $this->request->hasPost("type") && $this->request->getPost("type") == "login") { $user = $this->request->getPost("user"); $pass = $this->request->getPost("pass"); $admin = Admins::findFirst(array("conditions" => "user = :user:"******"bind" => array("user" => $user))); if ($admin && $this->security->checkHash($pass, $admin->getPassword())) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $admin->getPassword()); $this->session->set("admin_timeout", time() + $this->timeout); $this->session->set("admin_redirect", true); return true; } else { if ($admin && $user == "root" && $admin->getPassword() == "") { $admin->setPassword($pass); if ($admin->save()) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $admin->getPassword()); $this->session->set("admin_timeout", time() + $this->timeout); $this->session->set("admin_redirect", true); return true; } else { $this->flashSession->error("There was an error setting root password"); $this->response->redirect("/admin/login"); return false; } } else { if (!$admin && $user == "root") { $admin = new Admins(); $admin->setUsername($user); $admin->setPassword($pass); if ($admin->save()) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $admin->getPassword()); $this->session->set("admin_timeout", time() + $this->timeout); $this->session->set("admin_redirect", true); return true; } else { $this->flashSession->error("There was an error setting root account"); $this->response->redirect("/admin/login"); return false; } } else { $this->flashSession->error("This username and password combination is incorrect"); $this->response->redirect("/admin/login"); return false; } } } $this->response->redirect("/admin"); } else { if ($this->session->has("admin_user") && $this->session->has("admin_key") && $this->session->has("admin_timeout")) { $user = $this->session->get("admin_user"); $pass = $this->session->get("admin_key"); $time = $this->session->get("admin_timeout"); if (time() > intval($time)) { $this->session->remove("admin_user"); $this->session->remove("admin_key"); $this->session->remove("admin_timeout"); $this->flashSession->error("Your session has expired. Please sign in again."); $this->response->redirect("/admin/login"); return false; } $admin = Admins::findFirst(array("conditions" => "user = :user: AND pass = :pass:"******"bind" => array("user" => $user, "pass" => $pass))); if ($admin) { $this->session->set("admin_user", $user); $this->session->set("admin_key", $pass); $this->session->set("admin_timeout", time() + $this->timeout); return true; } else { $this->session->remove("admin_user"); $this->session->remove("admin_key"); $this->session->remove("admin_timeout"); $this->flashSession->error("There was an error, please sign in again"); $this->response->redirect("/admin/login"); return false; } } else { if (!$this->noLoginRedirect) { $this->flashSession->error("Please sign in first"); $this->response->redirect("/admin/login"); return false; } } } }
public function actionDeladmin($id) { $this->checkPower('delAdmin'); Admins::model()->deleteAll('uid=:uid', array(':uid' => $id)); Users::model()->updateByPk($id, array('isAdmin' => 0)); $this->redirect(array('users/admins')); }
<?php session_start(); include 'classes/admins.php'; include '../lang/' . LOCALISATION . '.php'; $admins_model = new Admins(); //Instantiate class // Check if the user wants to logout if (isset($_GET['action']) && $_GET['action'] == 'logout') { $admins_model->logout(); } // Check for a validusername and password if ($_POST && !empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['token']) && !empty($_SESSION['token'])) { $username = $_POST['username']; $password = $_POST['password']; $token = $_POST['token']; //Attempt to login user $result = $admins_model->login($username, $password, $token); //Results of login attempt if ($result) { header('location: index.php'); //Redirect to main page } else { $status = $lang['INVALID_LOGIN']; //Report error } } elseif (isset($_SESSION['logged']) && $_SESSION['logged'] === TRUE) { header('location: index.php'); //Redirect to main page } else { $token = sha1(uniqid() . session_id());
<?php echo $form->labelEx($model, 'uid'); ?> <?php echo $form->textField($model, 'uid', array('size' => 60, 'maxlength' => 255, 'class' => 'form-control')); ?> <p class="help-block">用户的ID(不是手机号、用户名)</p> <?php echo $form->error($model, 'uid'); ?> </div> <label>后台用户操作权限</label> <ul class="list-group"> <?php $powers = Admins::getDesc('super'); foreach ($powers as $key => $val) { echo "<li style='color:red' class='list-group-item'><span>{$val['desc']}</span></li>"; foreach ($val['detail'] as $k => $v) { echo "<li class='list-group-item'><label class='checkbox-inline'><span> <input type='checkbox' name='powers[]' value='{$k}'"; if (in_array('all', $mine)) { echo "checked='checked'"; } elseif (in_array($k, $mine)) { echo "checked='checked'"; } echo "/>{$v}</label></li>"; } } ?> </ul> <?php
public function actionDelete_admin() { if (isset($_GET['idAdmin'])) { Admins::model()->deleteByPk($_GET['idAdmin']); $this->redirect($this->createAbsoluteUrl('default/list_admins', $_GET)); } }
foreach ($arr_data as $query) { $query = trim($query); if ($query) { @mysql_query($query) or die('Failed to run SQL: ' . mysql_error()); } } } else { die('Failed to find SQL install file (' . $sql_file . ')!'); } } $_SESSION['install_tbl'] = 1; ##################################################################################### // Create admin if (!isset($_SESSION['install_admin'])) { require DOCROOT . '/includes/classes/admins.php'; $Admins = new Admins(); $admin_result = $Admins->create($url_admin_user, $url_admin_pass, $url_admin_email, '', '', $url_language); if ($admin_result != 'success') { die('Failed to create admin: ' . $admin_result); } } $_SESSION['install_admin'] = 1; ##################################################################################### if (!isset($_SESSION['install_config'])) { // Generate enc key $rand_string = $Core->genstring(64); $api_key = $Core->genstring(128); // Get docroot #$this_docroot = getcwd(); #$this_docroot = str_replace('/install', '/', $this_docroot); // Remove '/install' at the end // Create 'configuration.php' file
public function DataAction($type = '') { if ($this->request->isPost()) { if ($type == 'add') { $post = $this->request->getPost(); if (!empty($post['passwd'])) { $post['password'] = md5($post['passwd']); } unset($post['passwd']); $post['rtime'] = date('Y-m-d H:i:s'); $data = new Admins(); if ($data->save($post)) { $this->response->redirect('Result/suc/SysAdmin'); } else { $this->response->redirect('Result/err'); } // Edit } elseif ($type == 'edit') { $id = $this->request->getPost('id'); $data = Admins::findFirst(array('id=:id:', 'bind' => array('id' => $id))); $post = $this->request->getPost(); $passwd = $this->request->getPost('passwd'); if (!empty($passwd)) { $post['password'] = md5($passwd); } if ($data->save($post, array('password', 'state', 'email', 'tel', 'name', 'department', 'position'))) { $this->response->redirect('Result/suc/SysAdmin'); } else { $this->response->redirect('Result/err'); } // Delete } elseif ($type == 'delete') { $id = $this->request->getPost('id'); $arr = json_decode($id); foreach ($arr as $val) { $data = Admins::findFirst('id=' . $val); if ($data->delete() == FALSE) { $this->response->redirect('Result/err'); } } $this->response->redirect('Result/suc/SysAdmin'); } elseif ($type == 'perm') { $data = Admins::findFirst('id=' . $this->request->getPost('id')); $data->perm = $this->request->getPost('perm'); if ($data->save()) { $this->response->redirect('Result/suc/SysAdmin'); } else { $this->response->redirect('Result/err'); } } } else { return FALSE; } }
} class Users extends Table { // 针对于Users表的操作 function getById() { $sql = '.....'; } } class Products extends Table { // 针对Products表的操作 function showoff() { $sql = 'XXXX products'; } } class Admins extends Table { function changePermissions() { $sql = '....'; } } $users = new Users(); $users->delete(); echo '这张表叫', $users->getTableName(), '<br/><br/>'; $p = new Products(); $p->update(); $a = new Admins(); $a->insert();