public function access()
{
if ($_POST) {
$user = $_POST['user'];
$pass = $_POST['pass'];
$login = new Login_Model();
$data_user = $login->systemLogin($user, $pass);
$data_company = $login->dataCompany($data_user[0]['id_usuario']);
$redirector = new RedirectorHelper();
if ($data_user) {
if ($data_company[0][2] == 1) {
if ($data_user[0]['nivel'] != 0) {
$session = new SessionHelper();
$session->createSession("userData", $data_user[0]);
$session->setDataCompany($data_company);
$redirector->goToController("");
} else {
$this->setMsg('erro', 'Usuário sem acesso.<br /> Entre em contato com o suporte para maiores informações!');
$redirector->goToController("");
}
} else {
$this->setMsg('erro', 'Acesso negado. Entre em contato com o suporte para maiores informações!');
$redirector->goToController("");
}
} else {
$this->setMsg('erro', 'Usuário ou Senha errados!');
$redirector->goToController("");
}
} else {
$redirector->goToController("");
}
}
public function init()
{
$session = new SessionHelper();
$login = $session->checkSession('userData');
if ($login == false) {
$this->view('login');
exit;
}
}
function aclLink($title, $url = null, $htmlAttributes = array(), $confirmMessage = false, $escapeTitle = true)
{
App::import('Helper', 'Session');
$session = new SessionHelper();
App::import('Component', 'Myacl');
$this->MyAcl = new MyAclComponent();
$AclUrl = implode('/', $url);
if ($this->MyAcl->hasAccess($session->read('Auth.User.id'), $AclUrl)) {
return $this->link($title, $url, $htmlAttributes, $confirmMessage, $escapeTitle);
} else {
return null;
}
}
public static function configurePage(Template $t, $title, $bodyContent = null, $jsExtra = null)
{
$t->insertSlot("TITLE", $title);
$currentPage = DocumentHelper::getCurrentPageName();
if ($bodyContent !== null) {
$t->insertSlot("BODY_CONTENT", $bodyContent);
}
if ($jsExtra !== null) {
$t->insertBlock("JS_EXTRA", $jsExtra);
}
if (SessionHelper::isAdmin()) {
// logged in as admin
$t->insertSlot("LOGIN_TEXT", "LOG OUT " . SessionHelper::getName());
$t->insertSlot("LOGIN_LINK", "logout.php");
} else {
$t->insertBlock("LOGIN", "");
}
// menu - highlight current page
$t->insertSlot("CLASS_ABOUT", $currentPage == "about.php" ? "current" : "");
$t->insertSlot("CLASS_BOOKINGS", $currentPage == "bookings.php" ? "current" : "");
$t->insertSlot("CLASS_VALET_PARKING", $currentPage == "valet_parking.php" ? "current" : "");
$t->insertSlot("CLASS_VEHICLE_STORAGE", $currentPage == "vehicle_storage.php" ? "current" : "");
$t->insertSlot("CLASS_POOL_CAR", $currentPage == "pool_car.php" ? "current" : "");
$t->insertSlot("CLASS_RATES", $currentPage == "rates.php" ? "current" : "");
$t->insertSlot("CLASS_VIDEO", $currentPage == "video.php" ? "current" : "");
}
/**
* Flash
*
* @param $key string
* @param $attrs array
* @return string
*/
public function flash($key = 'flash', $attrs = array())
{
if (empty($attrs['params']['class'])) {
$attrs['params']['class'] = 'alert';
}
return parent::flash($key, $attrs);
}
function flash($key = 'flash')
{
$out = false;
if ($this->__active === true && $this->__start()) {
if (parent::check('Message.' . $key)) {
$flash = parent::read('Message.' . $key);
if ($flash['element'] == 'default') {
if (!empty($flash['params']['class'])) {
$class = $flash['params']['class'];
} else {
$class = 'message';
}
$out = '<script type="text/javascript">$(function(){notify(\'noTitle\', { text:\'' . $flash['message'] . '\'});});</script>';
} elseif ($flash['element'] == '' || $flash['element'] == null) {
$out = $flash['message'];
} else {
$underscore = strpos($flash['element'], '_');
if ($underscore) {
$element = substr($flash['element'], ++$underscore);
} else {
$element = $flash['element'];
}
$out = '<script type="text/javascript">$(function(){notify("' . $element . '", { title:\'' . ucfirst($element) . '\', text:\'' . $flash['message'] . '\'});});</script>';
}
parent::delete('Message.' . $key);
}
}
return $out;
}
function flash()
{
// init
$output = '';
// get the flash msg array from the session
$data = parent::read('flash');
// data looks like this
// $data = array('flash message', 'success');
// delete the session variable
parent::del('flash');
// if the flash message is not empty
if (!empty($data[0])) {
// switch depending on flash type
switch ($data[1]) {
case 'success':
// print out a div with a success class
$output .= '<div class="flash_success">';
break;
case 'failure':
// print out a div with a failure class
$output .= '<div class="flash_failure">';
break;
default:
// print out a default flash class
$output .= '<div class="flash">';
break;
}
// save the flash message with the closing div
$output .= $data[0] . '</div>';
}
return $output;
}
public static function checkLogin()
{
if (SessionHelper::checkSession("valid") && SessionHelper::selectSession('valid')) {
return true;
} else {
return false;
}
}
public function checkAnonAuth(array $content, $modelName, $session)
{
if ($session->check('Auth.User')) {
if ($content['user_id'] == SessionHelper::read('Auth.User.id')) {
return true;
}
} else {
if ($session->check("AnonAuth.{$modelName}.{$content['id']}")) {
return true;
}
}
return false;
}
// disposition / encoding on response body
header("Content-Disposition: attachment;filename={$filename}");
header("Content-Transfer-Encoding: binary");
}
// ****************************************************************
// access check
include "includes/startloggedinadmin.inc.php";
require_once "classes/constants.class.php";
//require_once "classes/template.class.php";
//require_once "classes/templatehelper.class.php";
require_once "classes/db.class.php";
require_once "classes/sessionhelper.class.php";
//require_once "classes/jswriter.class.php";
//require_once "classes/validationhelper.class.php";
require_once "classes/bookingshelper.class.php";
if (!SessionHelper::isMaster()) {
die("You don't belong here!");
}
$db = new Db();
$q = "\nSELECT \n\tb.first_name AS first_name,\n\tb.last_name AS last_name,\n\tb.email AS email\nFROM\n\tbookings b\nGROUP BY \n\temail\nORDER BY \n\temail\n";
//pr($q); // exit();
$rows = $db->getRowsByQuery($q);
$rows2 = array();
foreach ($rows as $row) {
$rows2[] = array("name" => $row["first_name"], "surname" => $row["last_name"], "email" => $row["email"]);
}
unset($rows);
//pr($rows2); exit;
// ********************* export it now *****************9
download_send_headers("aps_emails_export_" . date("Y-m-d") . ".csv");
echo array2csv($rows2);
private function _authenticate()
{
$session = new SessionHelper();
$formval = new FormHelper();
// Captcha
include_once BASE_URI . 'app/vendor/securimage/securimage.php';
$securimage = new Securimage();
if ($securimage->check($formval->testInput($_POST['captcha_code'])) == false) {
$session->setMessage('Verification code was incorrect, please try again', 3);
return false;
}
$username = $formval->testInput($_POST['username']);
$password = $formval->testInput($_POST['password']);
$usermodel = new UserModel();
if ($usermodel->authenticateUser($username, $password)) {
return true;
} else {
$session->setMessage('Username / password incorrect or acount inactive', 3);
return false;
}
}
session_destroy();
session_start();
// $sessionid = session_id();
SessionHelper::setSession($row);
CookieHelper::setLoginUser($_POST["email"]);
CookieHelper::setLoginPass(md5($_POST["password"]));
}
}
//
if ($success) {
// they logged in using the form, send redirect headers
// echo "SUCCESS " . print_r($_POST); exit;
if ($from) {
header("Location: " . $from);
} else {
if (SessionHelper::isAdmin()) {
header("Location: report_time.php");
} else {
header("Location: .");
}
}
exit;
}
}
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Date in the past
require_once "classes/template.class.php";
require_once "classes/templatehelper.class.php";
require_once "classes/formwriter.class.php";
<?php
session_start();
$pageName = basename($_SERVER["PHP_SELF"]);
require_once "classes/sessionhelper.class.php";
if (!SessionHelper::isLoggedIn() && $pageName != "login.php") {
require_once "classes/documenthelper.class.php";
// echo "NOT LOGGED IN ";
// exit;
header("Location: login.php?from=" . $pageName . DocumentHelper::getQueryString(true, true));
exit;
}
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Date in the past
<?php
namespace Home;
require __DIR__ . '../../../../core/initialize.php';
$session = \SessionHelper::getSession();
$etaitAdmin = $session->get("estAdmin");
\SessionHelper::destroySession();
?>
<script type="text/javascript">
<?php
if ($etaitAdmin !== null) {
?>
$("#overlayMt2").html('<div style="position: relative;top: 45%;width: 431px; margin: 0 auto 0 auto;"><h2>Sortie de l\'administration...</h2></div>');
$("#overlayMt2").css('display', "inline");
location.reload(false);
<?php
} else {
?>
Ajax('pages/_LegacyPages/News.php');
$("#Menu_Inscription_MonCompte").css("display", "none");
$("#Menu_Inscription_MonCompte2").css("display", "inline");
$("#Menu_Telechargement_ItemShop").css("display", "none");
$("#Menu_Telechargement_ItemShop2").css("display", "inline");
$("#Menu_Support").css("display", "none");
$("#Menu_Support2").css("display", "inline");
/**
* トークン取得
* @param SessionHelper $session
* @param string $dataAlias
* @return string
*/
public static function getToken(SessionHelper $session, $dataAlias = self::DEFAULT_KEY)
{
$sessionKey = self::SESSION_KEY_BASE . $dataAlias;
return $session->read($sessionKey);
}
public function deleteCategory()
{
$session = new SessionHelper();
$categoryid = htmlspecialchars($_GET['id']);
$user = new User();
$category = new Category($categoryid);
$categorymodel = new CategoryModel();
// Only an admin or moderator of this category may delete a category
if ($user->role == 1 || $user->id == $category->moderator_id) {
if ($categorymodel->deleteCategory($categoryid)) {
$session->setMessage('Category (and all posts) removed', 4);
redirectTo('index.php?c=user&a=viewallcategories');
} else {
$session->setMessage('Category not removed', 3);
redirectTo('index.php?c=user&a=viewallcategories');
}
} else {
$session->setMessage('You are not an admin or the moderator of this category.', 3);
redirectTo('index.php?c=user&a=viewallcategories');
}
}
/**
* トークン送信フォーム用Input
* @param FormHelper $form
* @param SessionHelper $session
* @param string $dataAlias
* @param string $tokenKey
* @return string
*/
public static function getTokenInput(FormHelper $form, SessionHelper $session, $dataAlias, $tokenField = self::TOKEN_FIELD)
{
$sessionKey = self::SESSION_KEY_BASE . $dataAlias;
$options = array('type' => 'hidden', 'value' => $session->read($sessionKey), 'refer' => false);
return $form->input($dataAlias . '.' . $tokenField, $options);
}
public function disableUser($userid)
{
$session = new SessionHelper();
$db = DbModel::getInstance();
$sql_disable = 'UPDATE users SET disabled = :disable WHERE id = :id';
$sql_setinactive = 'UPDATE users SET is_active = :is_active WHERE id = :id';
$db->beginTransaction();
$db->query($sql_disable);
$db->bind(':disable', 1);
$db->bind(':id', $userid);
$db->execute();
if (!$db->rowCount()) {
$db->cancelTransaction();
$session->setMessage("Can't disable user", 3);
return false;
} else {
$db->query($sql_setinactive);
$db->bind(':is_active', 0);
$db->bind(':id', $userid);
$db->execute();
if (!$db->rowCount()) {
$db->cancelTransaction();
$session->setMessage('User is inactive, please set active first.', 2);
return false;
} else {
$db->endTransaction();
$session->setMessage("User is disabled and can't login anymore.", 4);
return true;
}
}
}
/**
* Loads the requested URL
*
* @access public
* @author Renie Siqueira da Silva
* @since 1.0
* @return void
*/
public function run()
{
$controller_path = CONTROLLERS . $this->_controller . "Controller.php";
if (!file_exists($controller_path)) {
$this->dispatch404();
}
require_once $controller_path;
$controller = $this->_controller . "Controller";
$app = new $controller();
if (!method_exists($app, $this->_action)) {
$this->dispatch404();
}
$action = $this->_action;
if (defined('AUTHENABLE') && AUTHENABLE) {
$refM = new ReflectionMethod($controller, $action);
$refC = new ReflectionClass($controller);
$authMNeeded = array();
preg_match("/@OdinAuth /", $refM->getDocComment(), $authMNeeded);
$authCNeeded = array();
preg_match("/@OdinAuth /", $refC->getDocComment(), $authCNeeded);
$authLogin = array();
preg_match("/@OdinAuthLogin /", $refM->getDocComment(), $authLogin);
if (isset($authMNeeded[0]) || isset($authCNeeded[0])) {
if (!AuthHelper::checkLogin()) {
if (defined('AUTHCONTROLLERERROR') && AUTHCONTROLLERERROR != "") {
SessionHelper::setSystemSession('requiredController', $this->_controller);
SessionHelper::setSystemSession('requiredAction', $this->_action);
SessionHelper::setSystemSession('requiredURL', true);
if (defined('AUTHCONTROLLERACTION') && AUTHCONTROLLERACTION != "") {
RedirectHelper::goToControllerAction(AUTHCONTROLLERERROR, AUTHACTIONERROR);
} else {
RedirectHelper::goToController(AUTHCONTROLLERERROR);
}
} else {
RedirectHelper::goToIndex();
}
}
} elseif (isset($authLogin[0])) {
if (AuthHelper::checkLogin()) {
if (defined('AUTHCONTROLLERHOME') && AUTHCONTROLLERHOME != "") {
if (defined('AUTHACTIONHOME') && AUTHACTIONHOME != "" && (AUTHCONTROLLERHOME != AUTHCONTROLLERERROR && AUTHACTIONHOME != AUTHACTIONERROR || AUTHACTIONHOME != AUTHACTIONERROR || AUTHCONTROLLERHOME != AUTHCONTROLLERERROR)) {
RedirectHelper::goToControllerAction(AUTHCONTROLLERHOME, AUTHACTIONHOME);
exit;
} else {
RedirectHelper::goToUrl("odinphp.com/Fury");
exit;
}
} else {
RedirectHelper::goToUrl("odinphp.com/Fury");
exit;
}
}
}
}
try {
$app->{$action}();
} catch (Exception $e) {
echo $e;
}
}
/**
*@OdinAuth
*/
public function gtfo()
{
AuthHelper::logout();
SessionHelper::setSystemSession('msg', 'You are not logged anymore.');
RedirectHelper::goToController("TestAuthentication");
}
/**
* Loads the requested URL
*
* @access public
* @author Renie Siqueira da Silva
* @since 1.0
* @return void
*/
public function run()
{
$controller_path = CONTROLLERS . $this->_controller . CONTROLLERSUFIX . ".php";
if (!file_exists($controller_path)) {
$this->dispatch404();
}
require_once $controller_path;
$controller = $this->_controller . CONTROLLERSUFIX;
$app = new $controller();
$action = $this->_action;
if (defined('RESTFULENABLE') && RESTFULENABLE) {
if ($action == DEFAULTACTION || $action == null) {
$found = false;
$controllerMethods = get_class_methods($controller);
foreach ($controllerMethods as $key => $value) {
$refM = new ReflectionMethod($controller, $value);
$methodArr = array();
preg_match("/(@REQUEST_METHOD )(.*)/", $refM->getDocComment(), $methodArr);
if (isset($methodArr[0])) {
if (trim(strtolower($methodArr[2])) == trim(strtolower(SYSTEM::$SERVER['REQUEST_METHOD']))) {
$action = $value;
}
}
}
} else {
if (!method_exists($app, $action)) {
$this->dispatch404(true);
die;
}
$refM = new ReflectionMethod($controller, $action);
$methodArr = array();
preg_match("/(@REQUEST_METHOD )(.*)/", $refM->getDocComment(), $methodArr);
if (isset($methodArr[0])) {
if (trim(strtolower($methodArr[2])) != trim(strtolower(SYSTEM::$SERVER['REQUEST_METHOD']))) {
$action = null;
}
}
}
if ($action == null) {
header(':', true, 405);
die;
}
}
$this->_action = $action;
if (!method_exists($app, $this->_action)) {
$this->dispatch404();
die;
}
if (defined('AUTHENABLE') && AUTHENABLE) {
$refC = new ReflectionClass($controller);
$authMNeeded = array();
preg_match("/@OdinAuth /", $refM->getDocComment(), $authMNeeded);
$authCNeeded = array();
preg_match("/@OdinAuth /", $refC->getDocComment(), $authCNeeded);
$authLogin = array();
preg_match("/@OdinAuthLogin /", $refM->getDocComment(), $authLogin);
if (isset($authMNeeded[0]) || isset($authCNeeded[0])) {
if (!AuthHelper::checkLogin()) {
if (defined('AUTHCONTROLLERERROR') && AUTHCONTROLLERERROR != "") {
SessionHelper::setSystemSession('requiredController', $this->_controller);
SessionHelper::setSystemSession('requiredAction', $this->_action);
SessionHelper::setSystemSession('requiredURL', true);
if (defined('AUTHCONTROLLERACTION') && AUTHCONTROLLERACTION != "") {
RedirectHelper::goToControllerAction(AUTHCONTROLLERERROR, AUTHACTIONERROR);
} else {
RedirectHelper::goToController(AUTHCONTROLLERERROR);
}
} else {
RedirectHelper::goToIndex();
}
}
} elseif (isset($authLogin[0])) {
if (AuthHelper::checkLogin()) {
if (defined('AUTHCONTROLLERHOME') && AUTHCONTROLLERHOME != "") {
if (defined('AUTHACTIONHOME') && AUTHACTIONHOME != "" && (AUTHCONTROLLERHOME != AUTHCONTROLLERERROR && AUTHACTIONHOME != AUTHACTIONERROR || AUTHACTIONHOME != AUTHACTIONERROR || AUTHCONTROLLERHOME != AUTHCONTROLLERERROR)) {
RedirectHelper::goToControllerAction(AUTHCONTROLLERHOME, AUTHACTIONHOME);
exit;
} else {
echo "FURY OF ODIN!!!!!";
exit;
}
} else {
echo "FURY OF ODIN!!!!!";
exit;
}
}
}
}
try {
$app->{$action}();
} catch (Exception $e) {
echo $e;
}
}
<?php
session_start();
$pageName = basename($_SERVER["PHP_SELF"]);
require_once "classes/sessionhelper.class.php";
if (!(SessionHelper::isLoggedIn() && SessionHelper::isAdmin()) && $pageName != "login.php") {
require_once "classes/documenthelper.class.php";
// echo "NOT LOGGED IN ";
// exit;
header("Location: login.php?from=" . $pageName . DocumentHelper::getQueryString(true, true));
exit;
}
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// Date in the past
public function deleteTopPost()
{
$postid = htmlspecialchars($_GET['id']);
$session = new SessionHelper();
$user = new User();
$post = new Post($postid);
$postmodel = new PostModel();
$categorymodel = new CategoryModel();
$category = new Category($post->category_id);
// Only an admin or the moderator of this category may delete a toppost
if ($user->role == 1 || $user->id == $category->moderator_id) {
// This method will remove child posts (replies) as well
if ($postmodel->deleteTopPost($postid)) {
$session->setMessage('Post removed', 4);
redirectTo('index.php?c=user&a=viewdashboard');
} else {
$session->setMessage('Post not removed', 3);
redirectTo('index.php?c=user&a=viewdashboard');
}
} else {
$session->setMessage('You are not an admin or you are not the moderator of this category', 2);
redirectTo('index.php?c=user&a=viewdashboard');
}
}
$values = array();
$values[] = Utils::truncate(Utils::insertStrip($_POST["firstname"]), 255);
$values[] = Utils::truncate(Utils::insertStrip($_POST["lastname"]), 255);
$types = "ss";
// will not get here if any password field is filled and all are not filled
if ($enteredAllPass && $isOldPassCorrect && $matchOldPass && $matchNewPass) {
$keys[] = "passhash";
$values[] = md5(trim($_POST["newpass1"]));
$types .= "s";
}
$updateResult = $db->update("users_id", $users_id, "i", "users", $keys, $values, $types);
$submitSuccess = $updateResult;
if ($updateResult === false) {
$error = "Could not update your details";
} else {
SessionHelper::updateName($values[0], $values[1]);
}
$message = "Your details have been updated";
}
}
}
}
}
}
}
// common
$firstnameValue = $submitted && $submitSuccess ? $_POST["firstname"] : $userData["first_name"];
$lastnameValue = $submitted && $submitSuccess ? $_POST["lastname"] : $userData["last_name"];
$message = $error ? "<span class=\"feedback_negative\">{$error}</span>" : "<span class=\"feedback_positive\">{$message}</span>";
$jsExtra = "<script src='js/settings.js' type='text/javascript'></script>";
$t = new Template("templates/admin_page.tpl.html");
<?php
session_start();
require_once "classes/sessionhelper.class.php";
require_once "classes/cookiehelper.class.php";
CookieHelper::clearLogin();
if (SessionHelper::isLoggedIn()) {
session_unset();
session_destroy();
session_start();
}
header("Location: login.php");
