public function submit($problem_id)
{
try {
$problem = new Problem($problem_id);
$language = fRequest::get('language', 'integer');
if (!array_key_exists($language, static::$languages)) {
throw new fValidationException('Invalid language.');
}
fSession::set('last_language', $language);
$code = trim(fRequest::get('code', 'string'));
if (strlen($code) == 0) {
throw new fValidationException('Code cannot be empty.');
}
if ($problem->isSecretNow()) {
if (!User::can('view-any-problem')) {
throw new fAuthorizationException('Problem is secret now. You are not allowed to submit this problem.');
}
}
$record = new Record();
$record->setOwner(fAuthorization::getUserToken());
$record->setProblemId($problem->getId());
$record->setSubmitCode($code);
$record->setCodeLanguage($language);
$record->setSubmitDatetime(Util::currentTime());
$record->setJudgeStatus(JudgeStatus::PENDING);
$record->setJudgeMessage('Judging... PROB=' . $problem->getId() . ' LANG=' . static::$languages[$language]);
$record->setVerdict(Verdict::UNKNOWN);
$record->store();
Util::redirect('/status');
} catch (fException $e) {
fMessaging::create('error', $e->getMessage());
fMessaging::create('code', '/submit', fRequest::get('code', 'string'));
Util::redirect("/submit?problem={$problem_id}");
}
}
function login_authenticate($db, $username, $password)
{
if ($row = login_check_credential($db, $username, $password)) {
fAuthorization::setUserToken(array('id' => $row['id'], 'name' => $username, 'email' => $row['email'], 'display_name' => $row['display_name']));
return true;
}
return false;
}
public static function requireEmailVerified()
{
if (!fAuthorization::checkLoggedIn()) {
return;
}
if (User::hasEmailVerified()) {
return;
}
fMessaging::create('warning', 'You are required to verify your email address before doing this action.');
Util::redirect('/email/verify');
}
protected function render($name)
{
// before output page
// if the visitor is anonymous
// do NOT send Set-Cookie to enable caching of Varnish
if (!fAuthorization::checkLoggedIn()) {
header_remove('Set-Cookie');
}
// then output page
profiler_render_begin();
include __DIR__ . '/../views/' . $name . '.php';
}
public function index()
{
if (fAuthorization::checkLoggedIn()) {
$this->cache_control('private', 2);
} else {
$this->cache_control('private', 5);
}
$top = fRequest::get('top', 'integer');
$this->owner = trim(fRequest::get('owner'));
$this->problem_id = trim(fRequest::get('problem'));
$this->language = trim(fRequest::get('language'));
$this->verdict = trim(fRequest::get('verdict'));
$this->page = fRequest::get('page', 'integer', 1);
$this->records = Record::find($top, $this->owner, $this->problem_id, $this->language, $this->verdict, $this->page);
$this->page_records = $this->records;
$common_url = SITE_BASE . "/status?owner={$this->owner}&problem={$this->problem_id}&language={$this->language}&verdict={$this->verdict}";
$this->top_url = "{$common_url}&top=";
$this->page_url = "{$common_url}&page=";
$this->nav_class = 'status';
$this->render('record/index');
}
public function show($id)
{
if (fAuthorization::checkLoggedIn()) {
$this->cache_control('private', 30);
} else {
$this->cache_control('private', 60);
}
try {
$this->problem = new Problem($id);
if ($this->problem->isSecretNow()) {
if (!User::can('view-any-problem')) {
throw new fAuthorizationException('Problem is secret now.');
}
}
$this->nav_class = 'problems';
$this->render('problem/show');
} catch (fExpectedException $e) {
fMessaging::create('warning', $e->getMessage());
fURL::redirect(Util::getReferer());
} catch (fUnexpectedException $e) {
fMessaging::create('error', $e->getMessage());
fURL::redirect(Util::getReferer());
}
}
<?php
include dirname(__FILE__) . '/../inc/init.php';
fAuthorization::requireLoggedIn();
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
$debug = fRequest::get('debug', 'boolean');
if (!$debug) {
header('Content-type: application/json');
}
$check_id = fRequest::get('check_id', 'integer');
$check = new Check($check_id);
$url = GRAPHITE_URL . '/graphlot/rawdata?&from=-24hour&until=-0hour' . '&target=' . $check->prepareTarget() . '&target=keepLastValue(threshold(' . $check->prepareWarn() . '))';
// '&target=threshold(' . $check->prepareError() . ')';
$contents = file_get_contents($url);
//$contents = file_get_contents(GRAPHITE_URL . '/graphlot/rawdata?&from=-24hour&until=-0hour&target=' . $check->prepareTarget() . '&target=' . $check->prepareWarn() . '&target=' . $check->prepareError());
print $contents;
public function allowQuestion()
{
return $this->isRunning() and (User::isSuper() or $this->checkRegistered(fAuthorization::getUserToken()));
}
<?php
$section = 'categories';
$section_id = 25;
$sub = 'listGcategory';
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = "";
if (!$typeOfUser) {
$where = " WHERE " . fSession::get('where_at');
}
?>
<?php
$limit = fRequest::encode('limit', 'integer');
$page = fRequest::encode('p', 'integer');
if ($page < 1) {
exit;
}
$start = ($page - 1) * $limit;
$categories = fRecordSet::buildFromSQL('EconomicUnitCategory', "SELECT * FROM economic_unit_categories {$where} LIMIT {$start},{$limit}", "SELECT count(*) FROM economic_unit_categories {$where}", $limit, $page);
if ($categories->count() == 0) {
echo '<div class="notification information" >
Por el momento no hay registros en <b> Categorías de Geolocalización</b>.
</div>';
} else {
$p = new Pagination($categories->getPages(), $categories->getPage(), 3);
$pagination = $p->getPaginationLinks();
?>
<center>
<table class="contenttoc" style="width:auto; float:left">
<tr>
<?php
include './resources/init.php';
fAuthorization::requireAuthLevel('admin');
$tmpl->place('header');
?>
<script type="text/javascript" src="./js/admin-supplier-view.js"></script>
</head>
<body>
<div class = "container">
<div id="View" class = "view-frame span-23 last">
<?php
if (!isset($_GET['id'])) {
echo "<div class=\"ui-state-error ui-corner-all\">\n\t\t\t\t\t\t<span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 30px;\"></span>\n\t\t\t\t\t\tYou arrived to this page in error</div>";
} else {
try {
$supplier = new Supplier($_GET['id']);
?>
<h2><span id="titleName"><?php
echo $supplier->prepareName();
?>
</span></h2>
<input id="key" type="hidden" value="<?php
echo $supplier->prepareId();
?>
" />
<table>
<tr>
<td width="100"><b>Name</b></td>
<td><span id="supName" class="varInput"><?php
echo $supplier->prepareName();
<?php
include './resources/init.php';
fAuthorization::requireAuthLevel('super');
$tmpl->place('header');
?>
<script type="text/javascript" src="./resources/library/jquery.autocomplete/jquery.autocomplete.min.js"></script>
<script type="text/javascript" src="./resources/library/jquery.autocomplete/lib/jquery.bgiframe.min.js"></script>
<script type="text/javascript" src="./resources/library/jquery.blockUI.js"></script>
<link media="screen, projection" href="./resources/library/jquery.autocomplete/jquery.autocomplete.css" type="text/css" rel="stylesheet"/>
<script type="text/javascript" src="./js/admin-stock.js"></script>
<?php
$tmpl->place('menu');
?>
<div id="content" class="span-24 last">
<?php
$tmpl->place('menuAdmin');
?>
<div id="main" class="span-24 last">
<h2>Administration</h2><h3>Stock</h3>
<br />
<form action = "admin-stock.php" method = "get">
<label for="inv_item">Choose Inventory Item: </label>
<span id="inv_item">
<input id="autocompleteItem" name="item"></input>
</span>
<input id="submitBTN" type="submit" value="Submit" />
</form>
<?php
if (isset($_GET['item'])) {
try {
fORM::mapClassToTable('Role', TBL_ROLE);
fORM::mapClassToTable('Permission', TBL_PERMISSION);
fORM::mapClassToTable('Category', TBL_CATEGORY);
fORM::mapClassToTable('UserPermission', TBL_USER_PERMISSION);
fORM::mapClassToTable('Log', 'log');
/* Public Directories & Files */
define('SITE', 'http:' . DS . DS . $_SERVER['HTTP_HOST'] . DS . 'adminv3' . DS);
define('CSS', SITE . 'css' . DS);
define('JS', SITE . 'js' . DS);
define('SCRIPT', JS . 'script' . DS);
define('HOME', SITE . 'home' . DS);
define('BANNER', SITE . 'banner' . DS);
define('GEOLOCATION', SITE . 'geolocation' . DS);
define('USER', SITE . 'user' . DS);
define('CATEGORIES', SITE . 'categories' . DS);
define('LOGOUT', SITE . 'logout' . DS);
define('LOGIN', SITE . 'login' . DS);
define('IMAGES', SITE . 'images' . DS);
define('ICON', IMAGES . 'icon' . DS);
/* Private Directories & Files */
define('INCLUDES', ROOT . 'includes' . DS);
define('LOAD', ROOT . 'load' . DS);
/* Session */
define('SESSION_ID_USER', 'idUser');
define('SESSION_REGIONS', 'regions');
define('SALT', '#^&(!)()');
$db = new fDatabase('mysql', 'adminv2n', 'root', 'tortoise');
fORMDatabase::attach($db);
fAuthorization::setLoginPage(SITE . 'login.php');
fAuthorization::setAuthLevels(array('super' => 100, 'admin' => 80, 'cliente' => 20, 'adminUsers' => 80, 'employee' => 50, 'guest' => 25));
$acceptedFiles = array('image/gif', 'image/bmp', 'image/jpeg', 'image/pjpeg', 'image/png', 'application/msword', 'application/pdf', 'application/vnd.ms-excel', 'application/vnd.ms-powerpoint', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'text/plain', 'text/richtext', 'text/html', 'video/mpeg', 'video/x-mpeg2', 'video/msvideo', 'video/quicktime', 'video/vivo', 'video/wavelet', 'video/x-sgi-movie', 'video/x-flv', 'video/mp4', 'audio/x-wav', 'audio/x-mp3', 'audio/midi');
<?php
if (fAuthorization::checkLoggedIn() and Registration::has(fAuthorization::getUserToken(), $this->report->getId())) {
?>
<button class="btn btn-mini btn-success disabled">已确认参赛</button>
<?php
} elseif ($this->report->isRegistrable()) {
?>
<form style="display:inline;margin:0" action="<?php
echo SITE_BASE;
?>
/contest/<?php
echo $this->report->getId();
?>
/register" method="POST">
<button type="submit" class="btn btn-mini btn-success">确认参赛</button>
</form>
<?php
}
public function testGetLoginPage()
{
fAuthorization::setLoginPage('/login/');
$this->assertEquals('/login/', fAuthorization::getLoginPage());
}
<table class="zebra-striped">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
<th>Action</th>
</tr></thead><tbody>
<?php
$first = TRUE;
foreach ($users as $user) {
?>
<tr>
<td><?php echo $user->prepareUsername() ?></td>
<td><?php echo $user->prepareEmail() ?></td>
<td><?php if (fSession::get('user_id') == $user->getUserId() || fAuthorization::checkAuthLevel('admin')) { echo '<a href="' . User::makeUrl('edit',$user) . '">Edit</a>'; } ?>
<?php if (fAuthorization::checkAuthLevel('admin') || $user->getUserId() != 1) {
?> <a href="<?php echo User::makeUrl('delete',$user); ?>">Delete</a></td>
<?php } ?>
</tr>
<?php } ?>
</tbody></table>
<?
} catch (fEmptySetException $e) {
?>
<p class="info">There are currently no Tattle users? <a href="<?php echo '<a href="'. User::makeUrl('add'); ?>">Add one now</a></p>
<?php
}
?>
</div>
<?php $tmpl->place('footer') ?>
<tr>
<td> <label for="type"> Asentamiento: </label> </td>
<td> <input type="text" size="80" name="reserve" id="reserve" /> </td>
</tr>
<tr>
<td> <label for="type"> Teléfono: </label> </td>
<td> <input type="text" size="80" name="phone" id="phone" /> </td>
</tr>
<?php
if (fAuthorization::checkAuthLevel('super')) {
?>
<tr class="regionRow">
<td><label>Región</label></td>
<td>
<select class="state" name="state">
<option value="0">Estado</option>
<?php
$r = Region::findAll(1);
foreach ($r as $item) {
?>
<option value="<?php
echo $item->prepareIdRegion();
?>
"><?php
echo $item->prepareName();
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('banner', 'add')) {
if (empty($idUser)) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
}
//echo fRequest::encode('id_zone','integer');
//echo fRequest::encode('id_section','integer');
/*
* Add Article
*/
$banner = new Banner();
$banner->setId_zone(fRequest::encode('id_zone', 'integer'));
$banner->setLink(fRequest::encode('link', 'string'));
$banner->setOrder(fRequest::encode('order', 'integer'));
$banner->setId_section(fRequest::encode('id_section', 'integer'));
/* Limited By User Permissions */
$banner->setStatus(fRequest::get('id_state', 'integer'));
try {
$banner->store();
} catch (Exception $e) {
exit("Ha ocurrido un error.");
}
$lastId = $banner->prepareIdBanner();
/*
* Add Region
* Limited By User Permissions
/**
* Force disable all cache functions if the session is logged in as per
* fAuthorization::checkLoggedIn();
*/
public static function disableForAuthorized()
{
if (fAuthorization::checkLoggedIn()) {
static::$authorized_override = true;
}
}
<?php
require_once 'init.php';
fSession::close();
fSession::destroy();
fAuthorization::destroyUserInfo();
header('Location: ' . LOGIN);
echo Profile::fetchGrade(fAuthorization::getUserToken());
?>
">
</div>
</div>
<div class="control-group">
<label class="control-label" for="phone">手机 (必填)</label>
<div class="controls">
<input type="text" class="input-medium" id="phone" name="phone" placeholder="手机" value="<?php
echo Profile::fetchPhoneNumber(fAuthorization::getUserToken());
?>
">
</div>
</div>
<div class="control-group">
<label class="control-label" for="qq">QQ</label>
<div class="controls">
<input type="text" class="input-medium" id="qq" name="qq" placeholder="QQ" value="<?php
echo Profile::fetchQQ(fAuthorization::getUserToken());
?>
">
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-success">修改我的个人信息</button>
<a class="btn" href="javascript:history.go(-1);void(0);">取消</a>
</div>
</fieldset>
</form>
<?php
include __DIR__ . '/../layout/footer.php';
<?php
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = " WHERE ";
$canEdit = fAuthorization::checkACL('banner', 'edit');
$canDelete = fAuthorization::checkACL('banner', 'delete');
$section = 'banners';
$section_id = 1;
$sub = 'list';
$query = fRequest::encode('query', 'string');
?>
<?php
$limit = fRequest::encode('limit', 'integer');
$page = fRequest::encode('p', 'integer');
if ($page < 1) {
exit;
}
$start = ($page - 1) * $limit;
//echo $start; echo $page;
$banners = fRecordSet::buildFromSQL('Banner', "SELECT * FROM banner {$where} (link LIKE '%{$query}%' OR id_section IN (SELECT id_section FROM section WHERE name LIKE '%{$query}%')) LIMIT {$start},{$limit}", "SELECT count(*) FROM banner {$where} (link LIKE '%{$query}%' OR id_section IN (SELECT id_section FROM section WHERE name LIKE '%{$query}%'))", $limit, $page);
$p = new Pagination($banners->getPages(), $banners->getPage(), 3);
$pagination = $p->getPaginationLinks();
?>
<center>
<table class="contenttoc" style="width:auto; float:left">
<tr>
<th> <input type="checkbox" name="check" id="check" /> </th>
<th> Imagen </th>
<th> Link </th>
<th> Seccióln </th>
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkAuthLevel("employee")) {
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'string');
if (strstr($id, ",")) {
fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})");
} else {
fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})");
}
<div class="container-fluid">
<a class="brand" href="index.php">Tattle </a>
<ul class="nav">
<?
$current_url = fURL::getWithQueryString();
echo '<li' . ($current_url == '' ? ' class="active"' : '') . '><a href="index.php">Alerts</a></li>'. "\n";
$check_list = Check::makeURL('list');
echo '<li' . ($current_url == $check_list ? ' class="active"' : '') . '><a href="' . $check_list . '" >Checks</a></li>' . "\n";
$subscription_list = Subscription::makeURL('list');
echo '<li' . ($current_url == $subscription_list ? ' class="active"' : '') .'><a href="' . $subscription_list . '" >Subscriptions</a></li>' . "\n";
$dashboard_list = Dashboard::makeURL('list');
echo '<li' . ($current_url == $dashboard_list ? ' class="active"' : '') . '><a href="' . $dashboard_list . '">Dashboards</a></li>';
$setting_list = Setting::makeURL('list');
echo '<li' . ($current_url == $setting_list ? ' class="active"' : '') . '><a href="' . $setting_list . '" >Settings</a></li>' . "\n";
if (fAuthorization::checkAuthLevel('admin')) {
$user_list = User::makeURL('list');
echo '<li><a href="' . User::makeURL('list') . '" >Users</a></li>';
}
?>
</ul>
<?php
if (is_numeric(fSession::get('user_id'))) {
?>
<p class="pull-right">
Logged in as <a href="<?php
echo User::makeUrl('edit', fSession::get('user_id'));
?>
"><?php
echo fSession::get('user_name');
?>
<?php
$title = '微博';
$no_sidebar = true;
$stylesheets = array('bootstrap.min', 'tweets');
include __DIR__ . '/../layout/header.php';
?>
<div class="timeline feed-list">
<h1>最新微博</h1>
<?php
if (fAuthorization::checkLoggedIn()) {
?>
<center>
<form class="well form-search w500" action="<?php
echo SITE_BASE;
?>
/tweets" method="post" onsubmit="$.blockUI();">
<input type="hidden" name="quick" value="true"/>
<?php
if ($tweet_success = fMessaging::retrieve('success', 'create tweet')) {
?>
<div class="alert alert-success fade in">
<a class="close" data-dismiss="alert">×</a>
<?php
echo $tweet_success;
?>
</div>
<?php
}
?>
<?php
<?php
error_reporting(E_ALL & ~E_NOTICE);
include __DIR__ . '/load_flourish.php';
include __DIR__ . '/load_plugins.php';
require __DIR__ . '/config.php';
require __DIR__ . '/core.php';
fSession::setPath(SESSIONS_PATH);
fSession::setLength('1 day 2 hours');
$db = new fDatabase('mysql', DB_NAME, DB_USER, DB_PASS, DB_HOST);
fAuthorization::setLoginPage(LOGIN_BASE);
/**
* Sets the login page to redirect users to
*
* @param string $url The URL of the login page
* @return void
*/
public static function setLoginPage($url)
{
self::$login_page = $url;
}
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('news', 'delete')) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'string');
if (strstr($id, ",")) {
fORMDatabase::retrieve()->query("DELETE FROM economic_units WHERE economic_unit_id IN ({$id})");
} else {
$author = new EconomicUnit($id);
$author->delete();
}
fORMDatabase::retrieve()->query("DELETE FROM economic_units_has_economic_unit_categories WHERE economic_units_economic_unit_id IN ({$id})");
<th>Item Code</th><th width="300px">Description</th><th>Quantity</th><th>UOM</th><th>Unit Price</th><th>Extended Price</th></tr>
</thead>
<tbody>
</tbody>
<tfoot>
<tr><td colspan="5"></td><td>Discount</td><td><input type="text" id="discountRate" value="0.00"></input></td></tr>
<tr><td colspan="5" id="addRowBTN"><div class="ui-icon ui-icon-circle-plus span-1 last"></div>Add Row</td><td class="tfootCaption">Total</td><td id="purchaseTotal"></td></tr>
</tfoot>
</table>
<div class="pdbox span-11"><label>Payment Terms</label><br /><textarea id="payment" rows="4" cols="10" style="height: 30px; margin-bottom: 20px;"></textarea></div>
<div class="pdbox span-11"><label>Delivery Terms</label><br /><textarea id="delivery" rows="4" cols="10" style="height: 30px; margin-bottom: 20px;"></textarea></div>
<div class="pdbox span-11"><label>Special Instructions</label><br /><textarea id="special" rows="4" cols="10" style="height: 30px; margin-bottom: 20px;"></textarea></div>
<table id="approveContent">
<tbody>
<tr>
<td><label>Requester </label></td><td id="requester"><?php
echo fAuthorization::getUserToken();
?>
</td><td><label>Date </label><input type="text" id="reqDate" class="datepicker"></input></td>
</tr>
<tr style="display: none;">
<td><label>Approver 1 </label></td><td></td><td><label>Date </label><input type="text" id="app1Date" class="datepicker"></input></td>
</tr>
</tbody>
</table>
<input type="button" id="submitPOBTN" value="Submit to PO" style="float: left;">
<input type="button" id="submitBTN" value="Submit" style="float: right;"/>
</div>
</div>
<?php
$tmpl->place('footer');
}
?>
</select>
</td>
<td colspan="6"></td>
</tr>
<tr>
<td class="privilege" colspan="8"><input type="checkbox" id="selectPermissions" /><label for="selectPermissions">Seleccionar todos los permisos</label></td>
</tr>
<?php
$p = new Permission();
$up = new UserPermission();
$userPermissions = $up->getByIdUser($u->getIdUser());
$sections = Section::findAll();
foreach ($sections as $item) {
if ($item->getIdSection() == 11 && !fAuthorization::checkAuthLevel('super')) {
continue;
}
?>
<tr>
<td class="privilege" colspan="8"><?php
echo $item->prepareName();
?>
</td>
</tr>
<?php
$i = 0;
$permissions = $p->getByIdSection($item->getIdSection());
foreach ($permissions as $p) {
$i++;
$checked = false;
<?php
include_once __DIR__ . '/inc/init.php';
fAuthorization::requireLoggedIn();
$errmsg = '';
if (fRequest::isPost()) {
$old_password = fRequest::get('old-password');
$new_password = fRequest::get('new-password');
$confirm_password = fRequest::get('confirm-password');
$token = fAuthorization::getUserToken();
$username = $token['name'];
$user_id = $token['id'];
if (empty($old_password) or empty($new_password) or empty($confirm_password)) {
$errmsg = '密码不能为空';
} else {
if ($new_password != $confirm_password) {
$errmsg = '两次输入的新密码不一致';
} else {
if (login_check_credential($db, $username, $old_password) == false) {
$errmsg = '旧密码错误';
} else {
if (login_change_password($db, $user_id, $new_password)) {
fURL::redirect(fSession::delete('change-password-referer', SITE_BASE));
} else {
$errmsg = '修改密码失败';
}
}
}
}
} else {
if (fSession::get('change-password-referer') == null) {
