public function submit($problem_id) { try { $problem = new Problem($problem_id); $language = fRequest::get('language', 'integer'); if (!array_key_exists($language, static::$languages)) { throw new fValidationException('Invalid language.'); } fSession::set('last_language', $language); $code = trim(fRequest::get('code', 'string')); if (strlen($code) == 0) { throw new fValidationException('Code cannot be empty.'); } if ($problem->isSecretNow()) { if (!User::can('view-any-problem')) { throw new fAuthorizationException('Problem is secret now. You are not allowed to submit this problem.'); } } $record = new Record(); $record->setOwner(fAuthorization::getUserToken()); $record->setProblemId($problem->getId()); $record->setSubmitCode($code); $record->setCodeLanguage($language); $record->setSubmitDatetime(Util::currentTime()); $record->setJudgeStatus(JudgeStatus::PENDING); $record->setJudgeMessage('Judging... PROB=' . $problem->getId() . ' LANG=' . static::$languages[$language]); $record->setVerdict(Verdict::UNKNOWN); $record->store(); Util::redirect('/status'); } catch (fException $e) { fMessaging::create('error', $e->getMessage()); fMessaging::create('code', '/submit', fRequest::get('code', 'string')); Util::redirect("/submit?problem={$problem_id}"); } }
function login_authenticate($db, $username, $password) { if ($row = login_check_credential($db, $username, $password)) { fAuthorization::setUserToken(array('id' => $row['id'], 'name' => $username, 'email' => $row['email'], 'display_name' => $row['display_name'])); return true; } return false; }
public static function requireEmailVerified() { if (!fAuthorization::checkLoggedIn()) { return; } if (User::hasEmailVerified()) { return; } fMessaging::create('warning', 'You are required to verify your email address before doing this action.'); Util::redirect('/email/verify'); }
protected function render($name) { // before output page // if the visitor is anonymous // do NOT send Set-Cookie to enable caching of Varnish if (!fAuthorization::checkLoggedIn()) { header_remove('Set-Cookie'); } // then output page profiler_render_begin(); include __DIR__ . '/../views/' . $name . '.php'; }
public function index() { if (fAuthorization::checkLoggedIn()) { $this->cache_control('private', 2); } else { $this->cache_control('private', 5); } $top = fRequest::get('top', 'integer'); $this->owner = trim(fRequest::get('owner')); $this->problem_id = trim(fRequest::get('problem')); $this->language = trim(fRequest::get('language')); $this->verdict = trim(fRequest::get('verdict')); $this->page = fRequest::get('page', 'integer', 1); $this->records = Record::find($top, $this->owner, $this->problem_id, $this->language, $this->verdict, $this->page); $this->page_records = $this->records; $common_url = SITE_BASE . "/status?owner={$this->owner}&problem={$this->problem_id}&language={$this->language}&verdict={$this->verdict}"; $this->top_url = "{$common_url}&top="; $this->page_url = "{$common_url}&page="; $this->nav_class = 'status'; $this->render('record/index'); }
public function show($id) { if (fAuthorization::checkLoggedIn()) { $this->cache_control('private', 30); } else { $this->cache_control('private', 60); } try { $this->problem = new Problem($id); if ($this->problem->isSecretNow()) { if (!User::can('view-any-problem')) { throw new fAuthorizationException('Problem is secret now.'); } } $this->nav_class = 'problems'; $this->render('problem/show'); } catch (fExpectedException $e) { fMessaging::create('warning', $e->getMessage()); fURL::redirect(Util::getReferer()); } catch (fUnexpectedException $e) { fMessaging::create('error', $e->getMessage()); fURL::redirect(Util::getReferer()); } }
<?php include dirname(__FILE__) . '/../inc/init.php'; fAuthorization::requireLoggedIn(); header('Cache-Control: no-cache, must-revalidate'); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); $debug = fRequest::get('debug', 'boolean'); if (!$debug) { header('Content-type: application/json'); } $check_id = fRequest::get('check_id', 'integer'); $check = new Check($check_id); $url = GRAPHITE_URL . '/graphlot/rawdata?&from=-24hour&until=-0hour' . '&target=' . $check->prepareTarget() . '&target=keepLastValue(threshold(' . $check->prepareWarn() . '))'; // '&target=threshold(' . $check->prepareError() . ')'; $contents = file_get_contents($url); //$contents = file_get_contents(GRAPHITE_URL . '/graphlot/rawdata?&from=-24hour&until=-0hour&target=' . $check->prepareTarget() . '&target=' . $check->prepareWarn() . '&target=' . $check->prepareError()); print $contents;
public function allowQuestion() { return $this->isRunning() and (User::isSuper() or $this->checkRegistered(fAuthorization::getUserToken())); }
<?php $section = 'categories'; $section_id = 25; $sub = 'listGcategory'; $typeOfUser = fAuthorization::checkAuthLevel('super'); $where = ""; if (!$typeOfUser) { $where = " WHERE " . fSession::get('where_at'); } ?> <?php $limit = fRequest::encode('limit', 'integer'); $page = fRequest::encode('p', 'integer'); if ($page < 1) { exit; } $start = ($page - 1) * $limit; $categories = fRecordSet::buildFromSQL('EconomicUnitCategory', "SELECT * FROM economic_unit_categories {$where} LIMIT {$start},{$limit}", "SELECT count(*) FROM economic_unit_categories {$where}", $limit, $page); if ($categories->count() == 0) { echo '<div class="notification information" > Por el momento no hay registros en <b> Categorías de Geolocalización</b>. </div>'; } else { $p = new Pagination($categories->getPages(), $categories->getPage(), 3); $pagination = $p->getPaginationLinks(); ?> <center> <table class="contenttoc" style="width:auto; float:left"> <tr>
<?php include './resources/init.php'; fAuthorization::requireAuthLevel('admin'); $tmpl->place('header'); ?> <script type="text/javascript" src="./js/admin-supplier-view.js"></script> </head> <body> <div class = "container"> <div id="View" class = "view-frame span-23 last"> <?php if (!isset($_GET['id'])) { echo "<div class=\"ui-state-error ui-corner-all\">\n\t\t\t\t\t\t<span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 30px;\"></span>\n\t\t\t\t\t\tYou arrived to this page in error</div>"; } else { try { $supplier = new Supplier($_GET['id']); ?> <h2><span id="titleName"><?php echo $supplier->prepareName(); ?> </span></h2> <input id="key" type="hidden" value="<?php echo $supplier->prepareId(); ?> " /> <table> <tr> <td width="100"><b>Name</b></td> <td><span id="supName" class="varInput"><?php echo $supplier->prepareName();
<?php include './resources/init.php'; fAuthorization::requireAuthLevel('super'); $tmpl->place('header'); ?> <script type="text/javascript" src="./resources/library/jquery.autocomplete/jquery.autocomplete.min.js"></script> <script type="text/javascript" src="./resources/library/jquery.autocomplete/lib/jquery.bgiframe.min.js"></script> <script type="text/javascript" src="./resources/library/jquery.blockUI.js"></script> <link media="screen, projection" href="./resources/library/jquery.autocomplete/jquery.autocomplete.css" type="text/css" rel="stylesheet"/> <script type="text/javascript" src="./js/admin-stock.js"></script> <?php $tmpl->place('menu'); ?> <div id="content" class="span-24 last"> <?php $tmpl->place('menuAdmin'); ?> <div id="main" class="span-24 last"> <h2>Administration</h2><h3>Stock</h3> <br /> <form action = "admin-stock.php" method = "get"> <label for="inv_item">Choose Inventory Item: </label> <span id="inv_item"> <input id="autocompleteItem" name="item"></input> </span> <input id="submitBTN" type="submit" value="Submit" /> </form> <?php if (isset($_GET['item'])) { try {
fORM::mapClassToTable('Role', TBL_ROLE); fORM::mapClassToTable('Permission', TBL_PERMISSION); fORM::mapClassToTable('Category', TBL_CATEGORY); fORM::mapClassToTable('UserPermission', TBL_USER_PERMISSION); fORM::mapClassToTable('Log', 'log'); /* Public Directories & Files */ define('SITE', 'http:' . DS . DS . $_SERVER['HTTP_HOST'] . DS . 'adminv3' . DS); define('CSS', SITE . 'css' . DS); define('JS', SITE . 'js' . DS); define('SCRIPT', JS . 'script' . DS); define('HOME', SITE . 'home' . DS); define('BANNER', SITE . 'banner' . DS); define('GEOLOCATION', SITE . 'geolocation' . DS); define('USER', SITE . 'user' . DS); define('CATEGORIES', SITE . 'categories' . DS); define('LOGOUT', SITE . 'logout' . DS); define('LOGIN', SITE . 'login' . DS); define('IMAGES', SITE . 'images' . DS); define('ICON', IMAGES . 'icon' . DS); /* Private Directories & Files */ define('INCLUDES', ROOT . 'includes' . DS); define('LOAD', ROOT . 'load' . DS); /* Session */ define('SESSION_ID_USER', 'idUser'); define('SESSION_REGIONS', 'regions'); define('SALT', '#^&(!)()'); $db = new fDatabase('mysql', 'adminv2n', 'root', 'tortoise'); fORMDatabase::attach($db); fAuthorization::setLoginPage(SITE . 'login.php'); fAuthorization::setAuthLevels(array('super' => 100, 'admin' => 80, 'cliente' => 20, 'adminUsers' => 80, 'employee' => 50, 'guest' => 25)); $acceptedFiles = array('image/gif', 'image/bmp', 'image/jpeg', 'image/pjpeg', 'image/png', 'application/msword', 'application/pdf', 'application/vnd.ms-excel', 'application/vnd.ms-powerpoint', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', 'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'text/plain', 'text/richtext', 'text/html', 'video/mpeg', 'video/x-mpeg2', 'video/msvideo', 'video/quicktime', 'video/vivo', 'video/wavelet', 'video/x-sgi-movie', 'video/x-flv', 'video/mp4', 'audio/x-wav', 'audio/x-mp3', 'audio/midi');
<?php if (fAuthorization::checkLoggedIn() and Registration::has(fAuthorization::getUserToken(), $this->report->getId())) { ?> <button class="btn btn-mini btn-success disabled">已确认参赛</button> <?php } elseif ($this->report->isRegistrable()) { ?> <form style="display:inline;margin:0" action="<?php echo SITE_BASE; ?> /contest/<?php echo $this->report->getId(); ?> /register" method="POST"> <button type="submit" class="btn btn-mini btn-success">确认参赛</button> </form> <?php }
public function testGetLoginPage() { fAuthorization::setLoginPage('/login/'); $this->assertEquals('/login/', fAuthorization::getLoginPage()); }
<table class="zebra-striped"> <thead> <tr> <th>Username</th> <th>Email</th> <th>Action</th> </tr></thead><tbody> <?php $first = TRUE; foreach ($users as $user) { ?> <tr> <td><?php echo $user->prepareUsername() ?></td> <td><?php echo $user->prepareEmail() ?></td> <td><?php if (fSession::get('user_id') == $user->getUserId() || fAuthorization::checkAuthLevel('admin')) { echo '<a href="' . User::makeUrl('edit',$user) . '">Edit</a>'; } ?> <?php if (fAuthorization::checkAuthLevel('admin') || $user->getUserId() != 1) { ?> <a href="<?php echo User::makeUrl('delete',$user); ?>">Delete</a></td> <?php } ?> </tr> <?php } ?> </tbody></table> <? } catch (fEmptySetException $e) { ?> <p class="info">There are currently no Tattle users? <a href="<?php echo '<a href="'. User::makeUrl('add'); ?>">Add one now</a></p> <?php } ?> </div> <?php $tmpl->place('footer') ?>
<tr> <td> <label for="type"> Asentamiento: </label> </td> <td> <input type="text" size="80" name="reserve" id="reserve" /> </td> </tr> <tr> <td> <label for="type"> Teléfono: </label> </td> <td> <input type="text" size="80" name="phone" id="phone" /> </td> </tr> <?php if (fAuthorization::checkAuthLevel('super')) { ?> <tr class="regionRow"> <td><label>Región</label></td> <td> <select class="state" name="state"> <option value="0">Estado</option> <?php $r = Region::findAll(1); foreach ($r as $item) { ?> <option value="<?php echo $item->prepareIdRegion(); ?> "><?php echo $item->prepareName();
<?php fSession::open(); $idUser = fSession::get(SESSION_ID_USER); if (empty($idUser) || !fAuthorization::checkACL('banner', 'add')) { if (empty($idUser)) { header('Location: ' . SITE); exit("No se ha podido acceder a esta secci&oacite;n"); } } //echo fRequest::encode('id_zone','integer'); //echo fRequest::encode('id_section','integer'); /* * Add Article */ $banner = new Banner(); $banner->setId_zone(fRequest::encode('id_zone', 'integer')); $banner->setLink(fRequest::encode('link', 'string')); $banner->setOrder(fRequest::encode('order', 'integer')); $banner->setId_section(fRequest::encode('id_section', 'integer')); /* Limited By User Permissions */ $banner->setStatus(fRequest::get('id_state', 'integer')); try { $banner->store(); } catch (Exception $e) { exit("Ha ocurrido un error."); } $lastId = $banner->prepareIdBanner(); /* * Add Region * Limited By User Permissions
/** * Force disable all cache functions if the session is logged in as per * fAuthorization::checkLoggedIn(); */ public static function disableForAuthorized() { if (fAuthorization::checkLoggedIn()) { static::$authorized_override = true; } }
<?php require_once 'init.php'; fSession::close(); fSession::destroy(); fAuthorization::destroyUserInfo(); header('Location: ' . LOGIN);
echo Profile::fetchGrade(fAuthorization::getUserToken()); ?> "> </div> </div> <div class="control-group"> <label class="control-label" for="phone">手机 (必填)</label> <div class="controls"> <input type="text" class="input-medium" id="phone" name="phone" placeholder="手机" value="<?php echo Profile::fetchPhoneNumber(fAuthorization::getUserToken()); ?> "> </div> </div> <div class="control-group"> <label class="control-label" for="qq">QQ</label> <div class="controls"> <input type="text" class="input-medium" id="qq" name="qq" placeholder="QQ" value="<?php echo Profile::fetchQQ(fAuthorization::getUserToken()); ?> "> </div> </div> <div class="form-actions"> <button type="submit" class="btn btn-success">修改我的个人信息</button> <a class="btn" href="javascript:history.go(-1);void(0);">取消</a> </div> </fieldset> </form> <?php include __DIR__ . '/../layout/footer.php';
<?php $typeOfUser = fAuthorization::checkAuthLevel('super'); $where = " WHERE "; $canEdit = fAuthorization::checkACL('banner', 'edit'); $canDelete = fAuthorization::checkACL('banner', 'delete'); $section = 'banners'; $section_id = 1; $sub = 'list'; $query = fRequest::encode('query', 'string'); ?> <?php $limit = fRequest::encode('limit', 'integer'); $page = fRequest::encode('p', 'integer'); if ($page < 1) { exit; } $start = ($page - 1) * $limit; //echo $start; echo $page; $banners = fRecordSet::buildFromSQL('Banner', "SELECT * FROM banner {$where} (link LIKE '%{$query}%' OR id_section IN (SELECT id_section FROM section WHERE name LIKE '%{$query}%')) LIMIT {$start},{$limit}", "SELECT count(*) FROM banner {$where} (link LIKE '%{$query}%' OR id_section IN (SELECT id_section FROM section WHERE name LIKE '%{$query}%'))", $limit, $page); $p = new Pagination($banners->getPages(), $banners->getPage(), 3); $pagination = $p->getPaginationLinks(); ?> <center> <table class="contenttoc" style="width:auto; float:left"> <tr> <th> <input type="checkbox" name="check" id="check" /> </th> <th> Imagen </th> <th> Link </th> <th> Seccióln </th>
<?php fSession::open(); $idUser = fSession::get(SESSION_ID_USER); if (empty($idUser) || !fAuthorization::checkAuthLevel("employee")) { exit("No se ha podido acceder a esta secci&oacite;n"); } $id = fRequest::encode('id', 'string'); if (strstr($id, ",")) { fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})"); } else { fORMDatabase::retrieve()->query("DELETE FROM economic_unit_categories WHERE economic_unit_category_id IN ({$id})"); }
<div class="container-fluid"> <a class="brand" href="index.php">Tattle </a> <ul class="nav"> <? $current_url = fURL::getWithQueryString(); echo '<li' . ($current_url == '' ? ' class="active"' : '') . '><a href="index.php">Alerts</a></li>'. "\n"; $check_list = Check::makeURL('list'); echo '<li' . ($current_url == $check_list ? ' class="active"' : '') . '><a href="' . $check_list . '" >Checks</a></li>' . "\n"; $subscription_list = Subscription::makeURL('list'); echo '<li' . ($current_url == $subscription_list ? ' class="active"' : '') .'><a href="' . $subscription_list . '" >Subscriptions</a></li>' . "\n"; $dashboard_list = Dashboard::makeURL('list'); echo '<li' . ($current_url == $dashboard_list ? ' class="active"' : '') . '><a href="' . $dashboard_list . '">Dashboards</a></li>'; $setting_list = Setting::makeURL('list'); echo '<li' . ($current_url == $setting_list ? ' class="active"' : '') . '><a href="' . $setting_list . '" >Settings</a></li>' . "\n"; if (fAuthorization::checkAuthLevel('admin')) { $user_list = User::makeURL('list'); echo '<li><a href="' . User::makeURL('list') . '" >Users</a></li>'; } ?> </ul> <?php if (is_numeric(fSession::get('user_id'))) { ?> <p class="pull-right"> Logged in as <a href="<?php echo User::makeUrl('edit', fSession::get('user_id')); ?> "><?php echo fSession::get('user_name'); ?>
<?php $title = '微博'; $no_sidebar = true; $stylesheets = array('bootstrap.min', 'tweets'); include __DIR__ . '/../layout/header.php'; ?> <div class="timeline feed-list"> <h1>最新微博</h1> <?php if (fAuthorization::checkLoggedIn()) { ?> <center> <form class="well form-search w500" action="<?php echo SITE_BASE; ?> /tweets" method="post" onsubmit="$.blockUI();"> <input type="hidden" name="quick" value="true"/> <?php if ($tweet_success = fMessaging::retrieve('success', 'create tweet')) { ?> <div class="alert alert-success fade in"> <a class="close" data-dismiss="alert">×</a> <?php echo $tweet_success; ?> </div> <?php } ?> <?php
<?php error_reporting(E_ALL & ~E_NOTICE); include __DIR__ . '/load_flourish.php'; include __DIR__ . '/load_plugins.php'; require __DIR__ . '/config.php'; require __DIR__ . '/core.php'; fSession::setPath(SESSIONS_PATH); fSession::setLength('1 day 2 hours'); $db = new fDatabase('mysql', DB_NAME, DB_USER, DB_PASS, DB_HOST); fAuthorization::setLoginPage(LOGIN_BASE);
/** * Sets the login page to redirect users to * * @param string $url The URL of the login page * @return void */ public static function setLoginPage($url) { self::$login_page = $url; }
<?php fSession::open(); $idUser = fSession::get(SESSION_ID_USER); if (empty($idUser) || !fAuthorization::checkACL('news', 'delete')) { header('Location: ' . SITE); exit("No se ha podido acceder a esta secci&oacite;n"); } $id = fRequest::encode('id', 'string'); if (strstr($id, ",")) { fORMDatabase::retrieve()->query("DELETE FROM economic_units WHERE economic_unit_id IN ({$id})"); } else { $author = new EconomicUnit($id); $author->delete(); } fORMDatabase::retrieve()->query("DELETE FROM economic_units_has_economic_unit_categories WHERE economic_units_economic_unit_id IN ({$id})");
<th>Item Code</th><th width="300px">Description</th><th>Quantity</th><th>UOM</th><th>Unit Price</th><th>Extended Price</th></tr> </thead> <tbody> </tbody> <tfoot> <tr><td colspan="5"></td><td>Discount</td><td><input type="text" id="discountRate" value="0.00"></input></td></tr> <tr><td colspan="5" id="addRowBTN"><div class="ui-icon ui-icon-circle-plus span-1 last"></div>Add Row</td><td class="tfootCaption">Total</td><td id="purchaseTotal"></td></tr> </tfoot> </table> <div class="pdbox span-11"><label>Payment Terms</label><br /><textarea id="payment" rows="4" cols="10" style="height: 30px; margin-bottom: 20px;"></textarea></div> <div class="pdbox span-11"><label>Delivery Terms</label><br /><textarea id="delivery" rows="4" cols="10" style="height: 30px; margin-bottom: 20px;"></textarea></div> <div class="pdbox span-11"><label>Special Instructions</label><br /><textarea id="special" rows="4" cols="10" style="height: 30px; margin-bottom: 20px;"></textarea></div> <table id="approveContent"> <tbody> <tr> <td><label>Requester </label></td><td id="requester"><?php echo fAuthorization::getUserToken(); ?> </td><td><label>Date </label><input type="text" id="reqDate" class="datepicker"></input></td> </tr> <tr style="display: none;"> <td><label>Approver 1 </label></td><td></td><td><label>Date </label><input type="text" id="app1Date" class="datepicker"></input></td> </tr> </tbody> </table> <input type="button" id="submitPOBTN" value="Submit to PO" style="float: left;"> <input type="button" id="submitBTN" value="Submit" style="float: right;"/> </div> </div> <?php $tmpl->place('footer');
} ?> </select> </td> <td colspan="6"></td> </tr> <tr> <td class="privilege" colspan="8"><input type="checkbox" id="selectPermissions" /><label for="selectPermissions">Seleccionar todos los permisos</label></td> </tr> <?php $p = new Permission(); $up = new UserPermission(); $userPermissions = $up->getByIdUser($u->getIdUser()); $sections = Section::findAll(); foreach ($sections as $item) { if ($item->getIdSection() == 11 && !fAuthorization::checkAuthLevel('super')) { continue; } ?> <tr> <td class="privilege" colspan="8"><?php echo $item->prepareName(); ?> </td> </tr> <?php $i = 0; $permissions = $p->getByIdSection($item->getIdSection()); foreach ($permissions as $p) { $i++; $checked = false;
<?php include_once __DIR__ . '/inc/init.php'; fAuthorization::requireLoggedIn(); $errmsg = ''; if (fRequest::isPost()) { $old_password = fRequest::get('old-password'); $new_password = fRequest::get('new-password'); $confirm_password = fRequest::get('confirm-password'); $token = fAuthorization::getUserToken(); $username = $token['name']; $user_id = $token['id']; if (empty($old_password) or empty($new_password) or empty($confirm_password)) { $errmsg = '密码不能为空'; } else { if ($new_password != $confirm_password) { $errmsg = '两次输入的新密码不一致'; } else { if (login_check_credential($db, $username, $old_password) == false) { $errmsg = '旧密码错误'; } else { if (login_change_password($db, $user_id, $new_password)) { fURL::redirect(fSession::delete('change-password-referer', SITE_BASE)); } else { $errmsg = '修改密码失败'; } } } } } else { if (fSession::get('change-password-referer') == null) {