public function postProcess()
{
parent::postProcess();
// Déconnexion
if (Tools::getIsset('logout')) {
Auth::disconnect();
Flash::add('Vous êtes bien déconnécté');
Tools::redirect($this->context->link->getPageLink('auth'));
} elseif (Tools::isSubmit('submitLogin')) {
$user = (new User())->getByEmail(Tools::getValue('username'), Tools::getValue('password'));
if (!Validate::isLoadedObject($user)) {
$this->errors[] = 'Identifiant ou mot de passe incorrect';
} else {
Auth::setUser($user);
Tools::redirect($this->context->link->getPageLink('comments'));
}
} elseif (Tools::isSubmit('submitSubscribe')) {
/**
* - Vérification des champs
* - Verification non-existant
* - Inscription
* - Login
*/
if (!Validate::isEmail($email = Tools::getValue('username'))) {
return $this->errors[] = 'Veuillez saisir une adresse e-mail correcte';
}
if (!Validate::isPasswd($password = Tools::getValue('password'))) {
/// @todo être plus spécifique sur les règles de mot de passes valides
return $this->errors[] = 'Veuillez saisir un mot de passe correct';
}
$user = new User();
if (Validate::isLoadedObject($user->getByEmail($email))) {
$this->errors[] = 'Un compte avec cet identifiant existe déjà';
} else {
$user->login = $email;
$user->password = Tools::encrypt($password);
if (!$user->save()) {
$this->errors[] = 'Impossible de vous enregistrer, veuillez réessayer ultérieurement (' . Db::getInstance()->getMsgError() . ')';
} else {
Auth::setUser($user);
Flash::success('Bienvenue! Votre compte a bien été créé');
Tools::redirect($this->context->link->getPageLink('comments'));
}
}
} elseif (Auth::getUser()) {
Tools::redirect($this->context->link->getPageLink('comments'));
}
}
public function auth_or_redirect($code, $redirect, $message = false, $referrer = true)
{
if (!$this->auth($code)) {
if ($message === true) {
Flash::add('error', 'You are not authorized to view that page.');
} elseif ($message !== false) {
Flash::add('error', $message);
}
if ($referrer) {
$_SESSION['referrer'] = $_SERVER['SCRIPT_NAME'];
}
header("Location: {$redirect}");
exit;
}
}
public function forgot_password($email)
{
$user = new User();
$user = $user->find(array("`email` = '{$email}'"));
if (empty($user)) {
Flash::add('error', 'Could not find a user with that email');
return 'nouser';
break;
}
$user = $user[0];
$new_password = $this->pass_gen();
$array['password'] = md5($new_password);
$user->update($array);
mail($email, 'Your New Password', 'Your new password is: ' . $new_password, 'From: donotreply@donotreply.com');
Flash::add('success', 'A new password has been sent to your email');
return 'success';
}
$user_info = $_POST['user'];
if ($_POST['user']['password'] != $_POST['user']['confirm']) {
Flash::add('error', 'The password must match the confirmation');
$URL = './edit.php?id=' . $id;
break;
}
if (empty($user_info['password'])) {
unset($user_info['password']);
} else {
$user_info['password'] = md5($user_info['password']);
}
$user = new User();
$user = $user->find($id);
unset($user->auth);
$user->update($user_info);
Flash::add('notice', 'User successfully updated');
$URL = './index.php';
break;
case 'delete':
parse_str(parse_url($_SERVER['REQUEST_URI'], PHP_URL_QUERY));
$user = new User();
$user = $user->find($id);
$user->delete();
$URL = './index.php';
break;
case 'auth':
parse_str(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_QUERY));
$user = new User();
$user = $user->find($id);
if (empty($_POST['role'])) {
$user->auth = implode(';', (array) $_POST['auth']);
$mailer->headers($headers);
$mailer->send();
foreach ($_POST['contact'] as $key => $value) {
if (is_array($value)) {
$value = implode(';', $value);
}
$data[$key] = addslashes($value);
}
$data['created_at'] = date('Y-m-d H:i:s');
$data['updated_at'] = date('Y-m-d H:i:s');
$postQuery = 'INSERT INTO `contact` (`';
$postQuery .= implode('`, `', array_keys($data));
$postQuery .= '`) VALUES (\'';
$postQuery .= implode('\', \'', array_values($data));
$postQuery .= '\');';
$success = mysql_query($postQuery);
Flash::add('success', 'Thanks for your submission. We\'ll contact you shortly.');
$URL = '/contact.php';
break;
case 'quote':
$quote = new Quote();
$quote->create($_POST['quote']);
Flash::add('success', 'Thanks for your submission. We\'ll contact you shortly.');
$URL = '../quote.php';
break;
default:
exit;
break;
}
header("Location: {$URL}");
include './closedb.php';
<?php
require '../../inc/admin/config.php';
$session->auth_or_redirect('admin', '/login.php');
@session_start();
$x = 0;
if ($session->auth('admin')) {
$timestamp = time();
$errors = array();
$tools = array('admin_creator', 'form_builder', 'project_starter');
foreach ($tools as $tool) {
$dir = ROOT . '/tools/_shared/tmp/';
$files = scandir($dir);
list($prefix) = explode('_', $tool);
foreach ($files as $file) {
$filename = split('-', basename($file, '.zip'));
if ($filename[0] == $prefix && $filename[1] < $timestamp) {
if (unlink($dir . $file)) {
++$x;
} else {
$errors[] = 'Could not delete: ' . $dir . $file;
}
}
}
}
}
Flash::add('success', 'Cleared ' . Inflect::pluralize_if($x, 'file'));
if (!empty($errors)) {
Flash::add('error', implode('<br />', $errors));
}
header("Location: ../");
<?php
include '../inc/config.php';
$action = $_GET['f'];
switch ($action) {
case 'login':
if ($session->create($_POST['username'], $_POST['password'])) {
if (isset($_SESSION['referrer'])) {
$URL = $_SESSION['referrer'];
unset($_SESSION['referrer']);
} else {
$URL = '/index.php';
}
} else {
$URL = '/login.php';
}
break;
case 'logout':
$session->destroy();
$URL = '/login.php';
Flash::add('success', 'Successfully logged out');
break;
default:
$URL = '../';
break;
}
header("Location: {$URL}");
<?php
require '../include/init.inc.php';
if (isset($_GET['add'])) {
if (!isset($_POST['name'])) {
Template::display('flash/add.tpl');
} else {
$name = strip_tags($_POST['name']);
$title = strip_tags($_POST['title']);
$url = strip_tags($_POST['url']);
$status = intval($_POST['status']);
$sort = intval($_POST['sort']);
$status > 1 && ($status = 0);
Flash::add(array('name' => $name, 'title' => $title, 'url' => $url, 'status' => $status, 'sort' => $sort));
Common::jumpUrl("flash/manage.php");
}
} else {
if (isset($_GET['edit'])) {
$id = intval($_GET['id']);
if ($id < 1) {
Common::jumpUrl("flash/manage.php");
}
if (isset($_POST['name'])) {
$name = strip_tags($_POST['name']);
$title = strip_tags($_POST['title']);
$url = strip_tags($_POST['url']);
$status = intval($_POST['status']);
$status > 1 && ($status = 0);
$sort = intval($_POST['sort']);
Flash::update($id, array('name' => $name, 'title' => $title, 'url' => $url, 'status' => $status, 'sort' => $sort));
Common::jumpUrl("flash/manage.php");