public static function load()
{
$msg_ajax = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\AJAX";
$msg_app = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\APP";
$msg_file = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\FILE";
$msg_perm = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\PERMISSION_USER";
$msg_sess = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\SESSION_USER";
//Check if is Ajax request
if (empty($_SERVER['HTTP_X_REQUESTED_WITH']) && MReq::tg('_tsk') !== 'shopdf') {
exit('no way !!!');
}
if (defined('GOTO_INSTALL')) {
$app_target = MPATH_MODULES . 'install' . SLASH . 'controller/install_c.php';
require_once $app_target;
} else {
global $db;
Cookie::auto_lastexec('time');
Cookie::auto_logout('time', 600);
//Cookie::session_autoclosed();
//Start check APP
if (MReq::tg('_tsk') == '0') {
exit("3#{$msg_app}");
}
$app_id = MReq::tg('_tsk');
if (!$db->Query("SELECT * FROM task where app='" . $app_id . "' ")) {
$db->Kill($db->Error());
}
if ($db->RowCount() == 0) {
exit("3#{$msg_app}");
}
$array = $db->RowArray();
$appc_idc = $array['id'];
$needsession = $array['session'];
$app_rep = $array['rep'];
$app_file = $array['file'];
$app_target = MPATH_MODULES . $app_rep . SLASH . 'controller/' . $app_file . '_c.php';
//Check if is good appli not need session
$good_app = $db->QuerySingleValue0("select modul from task where id = {$appc_idc}");
if ($needsession == 1 && !isset($_SESSION['userid'])) {
exit("3#{$msg_sess}");
}
if ($good_app == "0") {
$sql = "SELECT * FROM permission_users where perm=1 and appid=" . $appc_idc . " and userid=" . $_SESSION['userid'];
if (!$db->Query($sql)) {
$db->Kill($db->Error());
}
if ($db->RowCount() <= 0) {
exit("3#{$msg_perm} select modul from task where id = {$appc_idc} ");
}
}
if (!file_exists($app_target)) {
exit("3#{$msg_file} {$app_target}");
}
define('ACTIV_APP', $array['dscrip']);
define('MODUL_APP', $array['modul']);
define('APP_ID', $array['id']);
require_once $app_target;
}
}
public static function load()
{
//Define Theme depend to session
define('THEME_PATH', MPATH_THEMES . Mcfg::get('theme'));
//exit(THEME_PATH);
$ajax = MReq::tg('ajax') == 1 ? 1 : 0;
if ($ajax == 1) {
//Excute app on ajax
ajax::load();
} else {
//Excute app on theme
$theme_path = THEME_PATH;
$theme = session::get('userid') == FALSE ? $theme_path . '/mainns.php' : $theme_path . '/main.php';
include $theme;
}
}
public function load()
{
//exit($this->default_app);
//Do ALL check if error = false exit log
if ($this->error == true) {
$this->Check_exist_tsk();
}
if ($this->error == true) {
$this->Check_exist_app();
}
if ($this->error == true) {
$this->Check_is_ajax_request();
}
if ($this->error == true) {
$this->Check_session_template();
}
if ($this->error == true) {
$this->Check_user_active();
}
if ($this->error == true) {
$this->Check_need_session();
}
if ($this->error == true) {
$this->Check_user_permission();
}
if ($this->error == true) {
$this->last_active();
}
if ($this->error == false) {
if ($this->is_appli == true) {
echo '<div class="space-16"></div><div class="space-16"></div><div class="alert alert-block alert-danger"><i class="ace-icon fa fa-exclamation-circle red fa-2x icon-animated-vertical"></i> <strong class="red"> STOP: </strong>' . $this->msg_ajax . $this->log . '<br><a href="./" class="btn btn-danger btn-sm"><i class="ace-icon fa fa-reply icon-only"> Accueil</i></a></div>';
} else {
exit($this->msg_ajax . $this->log);
}
} else {
//sleep(5);
if (MReq::tp('act') == 1) {
$target = MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/action' . $this->app_array['file'] . '_c.php';
} elseif (MReq::tp('lst') == 1) {
$target = MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/list' . $this->app_array['file'] . '_c.php';
} else {
$target = MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/' . $this->app_array['file'] . '_c.php';
}
if (!file_exists($target)) {
exit($this->msg_ajax . '//FILE' . $target);
} else {
define('ACTIV_APP', $this->app_array['dscrip']);
define('MODUL_APP', $this->app_array['modul']);
define('APP_TARGET', MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/');
define('APP_ID', $this->app_array['id']);
//Append tree top menu only for no appli App
if ($this->is_appli == false && MReq::tp('cor') == 1) {
$output = '<li><i class="ace-icon fa fa-home home-icon"></i><a href="#" left_menu="1" class="tip-right this_url" rel="dbd" title="Tableau de bord">Accueil</a></li>';
$output .= '<li><a href="#" left_menu="1" class="tip-right this_url" rel="' . $this->app_array['app_modul'] . '" title="' . $this->app_array['modul'] . '">' . $this->app_array['modul'] . '</a></li>';
$output .= '<li class="active">' . $this->app_array['dscrip'] . '</li>';
$output .= '#||#';
//Separator data
print $output;
}
require_once $target;
//var_dump($_SESSION);
}
}
}
}
if ($posted_data['token'] == NULL || strlen($posted_data['token']) != 32) {
$empty_list .= "<li>Le token est Invalide</li>";
$checker = 1;
}
$empty_list .= "</ul>";
if ($checker == 1) {
exit("0#{$empty_list}");
}
//End check empty element
$new_recovery = new Musers($posted_data);
$new_recovery->token = $posted_data['token'];
//execute Login returne false if error
if ($new_recovery->recovery_pass()) {
echo "1#" . $new_recovery->log;
} else {
echo "0#" . $new_recovery->log;
}
} else {
if (MReq::tg('token') != "0") {
$token = MReq::tg('token');
$check_token = new Musers();
$check_token->token = $token;
if (!$check_token->check_recovery_token()) {
exit($check_token->log);
}
} else {
exit(MInit::msgbox('error_recovery'));
}
view::load('login', 'recovery');
}
$output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i>Erreur! </strong>{$message}</div>";
exit("2# {$output}");
}
//Check user signature
if (!login_check_user_sign(MReq::tp('user'), MReq::tp('pass'))) {
$message = "Votre signature n'est pas enregistrée </br> Contactez l'administrateur";
$class = "alert-error";
$output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i>Erreur! </strong>{$message}</div>";
exit("3# {$output}");
}
//Password ok and validat login
if (!login_check_user_pass(MReq::tp('user'), MReq::tp('pass'), MReq::tp('token'))) {
global $db;
$message = "Le mot de passe est incorrect </br> Contactez l'administrateur";
$class = "alert-error";
$output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i>Erreur! </strong>{$message}</div>";
exit("4# {$output}");
//wrong Pass
} else {
$user = MReq::tp('user');
$username = $db->QuerySingleValue0("SELECT CONCAT(lnom,' ',fnom) FROM users_sys where nom='{$user}'");
$message = "Bienvenue <strong>{$username} </strong></br> Vous serez rédiriger dans qulques instants";
$class = "alert-success";
$output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i> OK ! </strong><br>{$message}</div>";
exit("5# {$output}");
//All is ok
}
} else {
//exit(MReq::tp('check').MReq::tp('user').MReq::tp('pass'));
view::load('login', 'login');
}
<?php
if (MInit::form_verif(false)) {
$add_rule = new Musers();
$add_rule->last_id = MReq::tp('userid');
$add_rule->clear_user_rules();
//Clear all rule for this user
for ($i = 0, $c = count(MReq::tp('action_id')); $i < $c; $i++) {
$the_i = MReq::tp('action_id')[$i];
$posted_data = array('action_id' => MReq::tp('action_id')[$i], 'app_name' => MReq::tp('app_name' . $the_i), 'app_id' => MReq::tp('app_id' . $the_i), 'type' => MReq::tp('type' . $the_i), 'userid' => MReq::tp('userid'));
$add_rule->app_action = $posted_data;
$add_rule->add_user_rules();
//var_dump($add_rule->_data);
}
//execute Insert returne false if error
if ($add_rule->error = true) {
echo "1#Enregistrement réussie";
//if we leave Muser->log show line for each rule
} else {
echo "0#" . $add_rule->log;
}
} else {
view::load('users', 'rules');
}
<?php
global $db;
//Home Link
$output = '<li><i class="ace-icon fa fa-home home-icon"></i><a href="./">Accueil</a></li>';
//get info from task table
if (!$db->Query("SELECT modul,dscrip FROM task\n where app='" . MReq::tp('app') . "' ")) {
$db->Kill($db->Error());
}
if ($db->RowCount() > 0) {
$array = $db->RowArray();
$output .= '<li class="active">' . $array['modul'] . '</li>';
$output .= '<li class="active">' . $array['dscrip'] . '</li>';
}
//Print Tree Application
echo $output;
<div id="login-box" class="login-box visible widget-box no-border">
<div class="widget-body">
<div class="widget-main">
<h4 class="header blue lighter bigger">
<i class="fa fa-lock green"></i>
Réinitialisation du Mot de Passe
</h4>
<div class="space-6"></div>
<form novalidate="novalidate" id="recovery" action="#" method="post" />
<fieldset>
<input name="verif" type="hidden" value="1" />
<input name="token" type="hidden" value="<?php
echo MReq::tg('token');
?>
" />
<div class="form-group">
<label class="block clearfix">
<span class="block input-icon input-icon-right">
<input type="password" id="pass" name="pass" class="form-control" placeholder="Mot de passe" />
<i class="ace-icon fa fa-lock"></i>
</span>
</label>
</div>
<div class="form-group">
<label class="block clearfix ">
<span class="block input-icon input-icon-right">
$class = "";
$output = "";
global $db;
model::load('login', 'login');
//check user exist
if (!check_email(MReq::tp('email'))) {
$message = "Cette Adresse (" . MReq::tp('email') . ") E-mail n'exist pas";
$class = "alert-error";
$output = $message;
exit("3# {$output}");
}
// Check Captcha Code
if (!check_captcha(MReq::tp('captcha'))) {
$message = "Le code anti-robots est incorrect";
$class = "alert-error";
$output = $message;
exit("2# {$output}");
}
//All is OK send email
if (!forgot(MReq::tp('email'), MReq::tp('captcha'))) {
$message = "Erreur Système";
$class = "alert-error";
$output = $message;
exit("4# {$output}");
} else {
$message = "Un message de récupération est envoyé dans votre boite";
$class = "alert-success";
$output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i> OK ! </strong><br>{$message}</div>";
exit("5# {$output}");
}
}
}
} else {
exit(MInit::msgbox('error_recovery'));
}
//End Check Valid link
//Reset Password
if (MReq::tp('check') == 1) {
//check token in post
if (!Mpswrecovery::check_token($token)) {
$message = "Vous avez tentez de changer le mot de passe utilison un token non valide !";
$class = "alert-error";
$output = "{$message}";
exit("1# {$output}");
}
//check passwords confirmed
if (MReq::tp('psw1') != MReq::tp('psw2')) {
$message = "Les mots de passe ne sont pas compatible !";
$class = "alert-error";
$output = "{$message}";
exit("1# {$output}");
}
$posted_data = array('token' => Mreq::tp('token'), 'pass' => Mreq::tp('psw1'));
$new_pass = new Mpswrecovery($posted_data);
if ($new_pass->reset_passwors()) {
exit('5#Votre mot de passe est bien changé redirection vers page de connexion.');
} else {
}
} else {
view::load('login', 'recovery');
}
//End Reset Password
$array = array('host' => MReq::tp('host'), 'pass' => MReq::tp('passwords'), 'database' => MReq::tp('db'), 'user' => MReq::tp('compte'));
$test = MCfg::setarray($array);
$db_host = MReq::tp('host');
// server name
$db_user = MReq::tp('compte');
// user name
$db_pass = MReq::tp('passwords');
// password
$db_dbname = MReq::tp('db');
$db = new MySQL(true, $db_dbname, $db_host, $db_user, $db_pass);
$values["nom"] = MySQL::SQLValue(MReq::tp('username'));
$values["mail"] = MySQL::SQLValue(MReq::tp('email'));
$values["pass"] = MySQL::SQLValue(md5(MReq::tp('password')));
$values["servic"] = MySQL::SQLValue('1');
$values["fnom"] = MySQL::SQLValue(MReq::tp('firstname'));
$values["lnom"] = MySQL::SQLValue(MReq::tp('lastname'));
$values["tel"] = MySQL::SQLValue(012222222);
$values["active"] = MySQL::SQLValue(1);
$values["defapp"] = MySQL::SQLValue(3);
$values["agence"] = MySQL::SQLValue(2);
$values["signature"] = MySQL::SQLValue("");
// Execute the insert
$result = $db->InsertRow("users_sys", $values);
if (!$result) {
$db->Kill($db->Error());
}
exit('5# dakchi daz mziane');
//model::load('user','user');
//adduser(MReq::tp('username'),MReq::tp('firstname'),MReq::tp('lastname'),MReq::tp('password'),MReq::tp('email'),' ',' ',' ',' ',' ');
//
} else {
