public function submit($problem_id)
{
try {
$problem = new Problem($problem_id);
$language = fRequest::get('language', 'integer');
if (!array_key_exists($language, static::$languages)) {
throw new fValidationException('Invalid language.');
}
fSession::set('last_language', $language);
$code = trim(fRequest::get('code', 'string'));
if (strlen($code) == 0) {
throw new fValidationException('Code cannot be empty.');
}
if ($problem->isSecretNow()) {
if (!User::can('view-any-problem')) {
throw new fAuthorizationException('Problem is secret now. You are not allowed to submit this problem.');
}
}
$record = new Record();
$record->setOwner(fAuthorization::getUserToken());
$record->setProblemId($problem->getId());
$record->setSubmitCode($code);
$record->setCodeLanguage($language);
$record->setSubmitDatetime(Util::currentTime());
$record->setJudgeStatus(JudgeStatus::PENDING);
$record->setJudgeMessage('Judging... PROB=' . $problem->getId() . ' LANG=' . static::$languages[$language]);
$record->setVerdict(Verdict::UNKNOWN);
$record->store();
Util::redirect('/status');
} catch (fException $e) {
fMessaging::create('error', $e->getMessage());
fMessaging::create('code', '/submit', fRequest::get('code', 'string'));
Util::redirect("/submit?problem={$problem_id}");
}
}
/**
* Returns all checks on the system
*
* @param string $sort_column The column to sort by
* @param string $sort_dir The direction to sort the column
* @return fRecordSet An object containing all meetups
*/
static function findAll($sort_column = 'name', $sort_dir = 'desc')
{
return fRecordSet::build(
__CLASS__,
array('enabled=' => true,'user_id=|visibility=' => array(fSession::get('user_id'),0)),
array($sort_column => $sort_dir)
);
}
static function findActive($check_id = NULL)
{
if (!is_null($check_id) && is_numeric($check_id)) {
$filter = ' AND check_id=' . $check_id;
} else {
$filter = '';
}
return fRecordSet::buildFromSQL(__CLASS__, array('SELECT subscriptions.* FROM subscriptions WHERE user_id = ' . fSession::get('user_id') . $filter));
}
/**
* Sets the minimum length of a session - PHP might not clean up the session data right away once this timespan has elapsed
*
* Please be sure to set a custom session path via ::setPath() to ensure
* another site on the server does not garbage collect the session files
* from this site!
*
* Both of the timespan can accept either a integer timespan in seconds,
* or an english description of a timespan (e.g. `'30 minutes'`, `'1 hour'`,
* `'1 day 2 hours'`).
*
* @param string|integer $normal_timespan The normal, session-based cookie, length for the session
* @param string|integer $persistent_timespan The persistent, timed-based cookie, length for the session - this is enabled by calling ::enabledPersistence() during login
* @return void
*/
public static function setLength($normal_timespan, $persistent_timespan = NULL)
{
if (self::$open || isset($_SESSION)) {
throw new fProgrammerException('%1$s must be called before any of %2$s, %3$s, %4$s, %5$s, %6$s, %7$s or %8$s', __CLASS__ . '::setLength()', __CLASS__ . '::add()', __CLASS__ . '::clear()', __CLASS__ . '::enablePersistence()', __CLASS__ . '::get()', __CLASS__ . '::open()', __CLASS__ . '::set()', 'session_start()');
}
$seconds = !is_numeric($normal_timespan) ? strtotime($normal_timespan) - time() : $normal_timespan;
self::$normal_timespan = $seconds;
if ($persistent_timespan) {
$seconds = !is_numeric($persistent_timespan) ? strtotime($persistent_timespan) - time() : $persistent_timespan;
self::$persistent_timespan = $seconds;
}
ini_set('session.gc_maxlifetime', $seconds);
}
/**
* Opens the session for writing, is automatically called by ::clear(), ::get() and ::set()
*
* A `Cannot send session cache limiter` warning will be triggered if this,
* ::clear(), ::get() or ::set() is called after output has been sent to the
* browser. To prevent such a warning, explicitly call this method before
* generating any output.
*
* @param boolean $cookie_only_session_id If the session id should only be allowed via cookie - this is a security issue and should only be set to `FALSE` when absolutely necessary
* @return void
*/
public static function open($cookie_only_session_id = TRUE)
{
if (self::$open) {
return;
}
self::$open = TRUE;
// If the session is already open, we just piggy-back without setting options
if (isset($_SESSION)) {
return;
}
if ($cookie_only_session_id) {
ini_set('session.use_cookies', 1);
ini_set('session.use_only_cookies', 1);
}
session_start();
}
/**
* Set the sort direction to be used on returning pages
*
* @param string $sort_direction The sort direction to save
* @return void
*/
private static function setPreviousSortDirection($sort_direction)
{
fSession::set(__CLASS__ . '::' . fURL::get() . '::previous_sort_direction', $sort_direction);
}
fMessaging::create('error', fURL::get(), $e->getMessage());
}
include VIEW_PATH . '/ackAll_results.php';
} else {
if ($action == 'notifyAll') {
try {
$check = new Check($check_id);
$subject_mail = fRequest::get('subject_mail');
$content_mail = fRequest::get('content_mail');
if (fRequest::isPost()) {
if (empty($subject_mail) || empty($content_mail)) {
fMessaging::create('error', fURL::get(), "You have to fill the subject and the content to send this mail");
} else {
fRequest::validateCSRFToken(fRequest::get('token'));
$recipients = array();
$id_user_session = fSession::get('user_id');
$user_session = new User($id_user_session);
$recipients[] = array("mail" => $user_session->getEmail(), "name" => $user_session->getUsername());
$alt_ids = array();
$subscription_alt = Subscription::findAll($check_id, NULL, NULL, NULL, TRUE);
foreach ($subscription_alt as $alt) {
$user = new User($alt->getUserId());
$recipients[] = array("mail" => usr_var('alt_email', $user->getUserId()), "name" => $user->getUsername());
$alt_ids[] = $alt->getUserId();
}
$subscriptions = $db->query("SELECT DISTINCT user_id,check_id FROM subscriptions WHERE check_id=" . $check_id . ";");
foreach ($subscriptions as $sub) {
$user_id = $sub['user_id'];
if (!in_array($user_id, $alt_ids) && $user_id != $id_user_session) {
$user = new User($sub['user_id']);
$recipients[] = array("mail" => $user->getEmail(), "name" => $user->getUsername());
/**
* Validates a request token generated by ::generateCSRFToken()
*
* This method takes a request token and ensures it is valid, otherwise
* it will throw an fValidationException.
*
* @throws fValidationException When the CSRF token specified is invalid
*
* @param string $token The request token to validate
* @param string $url The URL to validate the token for, default to the current page
* @return void
*/
public static function validateCSRFToken($token, $url = NULL)
{
if ($url === NULL) {
$url = fURL::get();
}
$key = __CLASS__ . '::' . $url . '::csrf_tokens';
$tokens = fSession::get($key, array());
if (!in_array($token, $tokens)) {
throw new fValidationException('The form submitted could not be validated as authentic, please try submitting it again');
}
$tokens = array_diff($tokens, array($token));
fSession::set($key, $tokens);
}
$validator = new fValidation();
$validator->addRequiredFields('password', 'email');
$validator->addEmailFields('email');
$validator->validate();
$users = fRecordSet::build('User', array('email=' => strtolower($_POST['email'])));
if ($users->count() == 0) {
throw new fValidationException('Invalid username or password.');
}
$rec = $users->getRecords();
$user = $rec[0];
if (!fCryptography::checkPasswordHash($_POST['password'], $user->getPassword())) {
throw new fValidationException('Invalid username or password.');
}
fSession::set('user', $user->getId());
if (fRequest::get('persistent_login', 'boolean')) {
fSession::enablePersistence();
}
if (isset($_POST['forward'])) {
fURL::redirect('http://' . $_SERVER['SERVER_NAME'] . $_POST['forward']);
} else {
fURL::redirect('/members');
}
exit;
} catch (fValidationException $e) {
echo "<p>" . $e->printMessage() . "</p>";
} catch (fSQLException $e) {
echo "<p>An unexpected error occurred, please try again later</p>";
trigger_error($e);
}
}
?>
/**
* Sets some piece of information to use to identify the current user
*
* @param mixed $token The user's token. This could be a user id, an email address, a user object, etc.
* @return void
*/
public static function setUserToken($token)
{
fSession::set(__CLASS__ . '::user_token', $token);
fSession::regenerateID();
}
echo Subscription::makeURL('add', $check);
?>
" class="btn btn-default">Subscribe</a>
<?php
}
?>
<div class="required"><em>*</em> Required field</div>
<input type="hidden" name="token" value="<?php
echo fRequest::generateCSRFToken();
?>
" />
<?php
if ($action == 'add') {
?>
<input type="hidden" name="user_id" value="<?php
echo fSession::get('user_id');
?>
" />
<input type="hidden" name="type" value="<?php
echo $check_type;
?>
" />
<?php
}
?>
</div>
</div>
</fieldset>
</form>
</div>
<div id="check_graph" class="col-md-9">
/**
* Returns all checks on the system that matches the group id
*
* @param string $type The type of check to return 'threshold', 'predictive'
* @param string $sort_column The column to sort by
* @param string $sort_dir The direction to sort the column
* @param int $limit The max number of records to show
* @param int $page The offset
* @return fRecordSet An object containing all meetups
*/
static function findAllByGroupId($type, $group_id, $sort_column = 'name', $sort_dir = 'desc', $limit = NULL, $page = NULL)
{
return fRecordSet::build(__CLASS__, array('type=' => $type, 'group_id=' => $group_id, 'enabled=' => true, 'user_id=|visibility=' => array(fSession::get('user_id'), 0)), array($sort_column => $sort_dir), $limit, $page);
}
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('geolocation', 'edit')) {
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'integer');
if (empty($id)) {
exit("Ha ocurrido un error");
}
if (!fAuthorization::checkAuthLevel('super')) {
$isOwner = fRecordSet::build('EconomicUnit', array('economic_unit_id =' => $id, 'economic_unit_region=' => fSession::get('regs')));
$count = $isxOwner->count() > 0;
if (!$count) {
header('Location: ' . SITE);
}
}
try {
$av = new EconomicUnit($id);
} catch (Exception $e) {
header("Location: " . SITE);
}
$av->setEconomicUnitName(fRequest::encode('title', 'string'));
//$av->setCreatedAt(date('Y-m-d H:m:s'));
$av->setEconomicUnitStreetType(fRequest::encode('type', 'string'));
$av->setEconomicUnitLatitude(fRequest::encode('latitude', 'string'));
$av->setEconomicUnitLongitude(fRequest::encode('longitude', 'string'));
$av->setEconomicUnitDescription(fRequest::encode('description', 'string'));
$av->setEconomicUnitStreetName(fRequest::encode('street', 'string'));
$av->setEconomicUnitLocationNumber(fRequest::encode('number', 'string'));
$validator->addRequiredFields('fullname', 'password', 'email', 'address');
$validator->addEmailFields('email');
$validator->validate();
if ($_POST['password'] != $_POST['passwordconfirm']) {
throw new fValidationException('Passwords do not match');
}
$user = new User();
$user->setEmail(strtolower($_POST['email']));
$user->setFullName($_POST['fullname']);
$user->setAddress($_POST['address']);
$user->setPassword(fCryptography::hashPassword($_POST['password']));
if (isset($_POST['hackney'])) {
$user->setHackney(true);
}
$user->store();
fSession::set('user', $user->getId());
fURL::redirect('/members');
exit;
} catch (fValidationException $e) {
echo "<p>" . $e->printMessage() . "</p>";
} catch (fSQLException $e) {
echo "<p>An unexpected error occurred, please try again later</p>";
trigger_error($e);
}
}
?>
<h2>Membership</h2>
<p>The London Hackspace is a members-owned non-profit association. Members have a hand in the running of the
organisation as well as 24/7 access to the space.</p>
<p>Membership is paid monthly by standing order. We ask that you pay what you think the space is worth to you. Running an
public function tearDown()
{
if (defined('SKIPPING')) {
return;
}
fSession::reset();
}
try {
$user->populate();
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e - getMessage());
}
}
include VIEW_PATH . '/add_edit_user_settings.php';
} elseif ('delete' == $action) {
try {
$user = new User($user_id);
if (fRequest::isPost()) {
fRequest::validateCSRFToken(fRequest::get('token'));
$user->delete();
fMessaging::create('success', User::makeUrl('edit', $user), 'The user ' . $user->getName() . ' was successfully deleted');
fURL::redirect(User::makeUrl('edit', $user));
}
} catch (fNotFoundException $e) {
fMessaging::create('error', User::makeUrl('edit', $user), 'The line requested could not be found');
fURL::redirect(User::makeUrl('edit', $user));
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
include VIEW_PATH . '/delete.php';
} else {
if (!fAuthorization::checkAuthLevel('admin')) {
fURL::redirect(User::makeURL('edit', fSession::get('user_id')));
} else {
$users = User::findAll();
include VIEW_PATH . '/list_users.php';
}
}
<?
include dirname(__FILE__) . '/inc/init.php';
fAuthorization::requireLoggedIn();
$breadcrumbs[] = array('name' => 'Alerts', 'url' => '#','active' => false);
$latest_alerts = 'SELECT c.check_id,name,r.status,count(c.check_id) as count, r.timestamp '.
'FROM subscriptions s '.
'JOIN checks c ON s.check_id = c.check_id '.
'JOIN check_results r ON s.check_id = r.check_id '.
'WHERE r.timestamp >= DATE_SUB(CURDATE(),INTERVAL 1 DAY) '.
'AND r.status IS NOT NULL '.
'AND acknowledged = 0 '.
'AND s.user_id = ' . fSession::get('user_id') . ' ' .
'Group by c.check_id;';
$results = $mysql_db->query($latest_alerts);
include dirname(__FILE__) . '/inc/views/index.php';
$errmsg = '';
if (fRequest::isPost()) {
$old_password = fRequest::get('old-password');
$new_password = fRequest::get('new-password');
$confirm_password = fRequest::get('confirm-password');
$token = fAuthorization::getUserToken();
$username = $token['name'];
$user_id = $token['id'];
if (empty($old_password) or empty($new_password) or empty($confirm_password)) {
$errmsg = '密码不能为空';
} else {
if ($new_password != $confirm_password) {
$errmsg = '两次输入的新密码不一致';
} else {
if (login_check_credential($db, $username, $old_password) == false) {
$errmsg = '旧密码错误';
} else {
if (login_change_password($db, $user_id, $new_password)) {
fURL::redirect(fSession::delete('change-password-referer', SITE_BASE));
} else {
$errmsg = '修改密码失败';
}
}
}
}
} else {
if (fSession::get('change-password-referer') == null) {
fSession::set('change-password-referer', login_get_referer(SITE_BASE));
}
}
include __DIR__ . '/tpl/change-password.php';
/**
* Retrieves a message, removes it from the session and prints it - will not print if no content
*
* The message will be printed in a `p` tag if it does not contain
* any block level HTML, otherwise it will be printed in a `div` tag.
*
* @param mixed $name The name or array of names of the message(s) to show, or `'*'` to show all
* @param string $recipient The intended recipient
* @param string $css_class Overrides using the `$name` as the CSS class when displaying the message - only used if a single `$name` is specified
* @return boolean If one or more messages was shown
*/
public static function show($name, $recipient = NULL, $css_class = NULL)
{
if ($recipient === NULL) {
$recipient = '{default}';
}
// Find all messages if * is specified
if (is_string($name) && $name == '*') {
fSession::open();
$prefix = __CLASS__ . '::' . $recipient . '::';
$keys = array_keys($_SESSION);
$name = array();
foreach ($keys as $key) {
if (strpos($key, $prefix) === 0) {
$name[] = substr($key, strlen($prefix));
}
}
}
// Handle showing multiple messages
if (is_array($name)) {
$shown = FALSE;
$names = $name;
foreach ($names as $name) {
$class = trim(self::$class . ' ' . $name);
$class = $css_class === NULL ? $class : $css_class;
$shown = fHTML::show(self::retrieve($name, $recipient), $class, TRUE) || $shown;
}
return $shown;
}
$class = self::$class . ' ' . $name;
$class = $css_class === NULL ? $class : $css_class;
// Handle a single message
return fHTML::show(self::retrieve($name, $recipient), $class, TRUE);
}
//Set the Template root, and set the header and footer
$tmpl = new fTemplating($root_path . '/views/');
$tmpl->enableMinification('development', dirname(__FILE__) . '/../js_cache/',dirname(__FILE__) . '/..');
$tmpl->add('css','/bootstrap/bootstrap.min.css');
$tmpl->add('css','/assets/css/jquery-ui.css');
$tmpl->add('js','/assets/js/jquery.min.js');
$tmpl->add('js','/assets/js/jquery-ui.min.js');
$tmpl->add('js','/assets/js/jquery.collapsible.js');
$tmpl->add('js','/assets/js/jquery.graphite.js');
$tmpl->add('js','/bootstrap/js/bootstrap-modal.js');
$tmpl->add('js','/bootstrap/js/bootstrap-twipsy.js');
$tmpl->add('js','/bootstrap/js/bootstrap-popover.js');
$tmpl->set('header', 'header.php');
$tmpl->set('footer', 'footer.php');
//Set DB connection (using flourish it isn't actually connected to until the first use)
$mysql_db = new fDatabase('mysql', $database_name, $database_user, $database_password);
//Connect the db to the ORM functions
fORMDatabase::attach($mysql_db);
//Start the Flourish Session
fSession::open();
echo '<li' . ($current_url == $setting_list ? ' class="active"' : '') . '><a href="' . $setting_list . '" >Settings</a></li>' . "\n";
if (fAuthorization::checkAuthLevel('admin')) {
$user_list = User::makeURL('list');
echo '<li><a href="' . User::makeURL('list') . '" >Users</a></li>';
}
?>
</ul>
<?php
if (is_numeric(fSession::get('user_id'))) {
?>
<p class="pull-right">
Logged in as <a href="<?php
echo User::makeUrl('edit', fSession::get('user_id'));
?>
"><?php
echo fSession::get('user_name');
?>
</a>
</p>
<?php
}
?>
</div>
</div>
</div>
<?php
}
?>
<div class="container-fluid">
<?php
static public function findUsersResults()
{
return fRecordSet::buildFromSQL(
__CLASS__,
array('SELECT check_results.* FROM check_results JOIN subscriptions ON check_results.check_id = subscriptions.check_id and subscriptions.user_id = ' . fSession::get('user_id')));
}
public function tearDown()
{
fSession::reset();
}
<input id="dashboard-background_color" class="span3" type="text" size="30" name="background_color" value="<?=$dashboard->encodeBackgroundColor(); ?>" />
</div>
</div><!-- /clearfix -->
<div class="clearfix">
<label for="dashboard-refresh_rate">Refresh Rate<em>*</em> (in seconds)</label>
<div class="input">
<input id="dashboard-refresh_rate" class="span3" type="text" size="30" name="refresh_rate" value="<?=$dashboard->getRefreshRate(); ?>" />
</div>
</div>
<div class="actions span4">
<input class="btn primary" type="submit" value="Save" />
<input class="btn" type="submit" name="action::delete" value="Delete" />
<a href="<?=Dashboard::makeUrl('view',$dashboard); ?>" class="btn">View</a>
<div class="required"><em>*</em> Required field</div>
<input type="hidden" name="token" value="<?=fRequest::generateCSRFToken(); ?>" />
<input type="hidden" name="user_id" value="<?=fSession::get('user_id'); ?>" />
</div>
</fieldset>
</div>
</form>
</div>
<div class="span10">
<? if ($action == 'edit') { ?>
<p class="info"><a href="<?=Graph::makeURL('add',$dashboard); ?>">Add Graph</a></p>
<?php
try {
$graphs->tossIfEmpty();
$affected = fMessaging::retrieve('affected', fURL::get());
?>
<div>
<table class="zebra-striped">
<?php
$section = 'categories';
$section_id = 25;
$sub = 'listGcategory';
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = "";
if (!$typeOfUser) {
$where = " WHERE " . fSession::get('where_at');
}
?>
<?php
$limit = fRequest::encode('limit', 'integer');
$page = fRequest::encode('p', 'integer');
if ($page < 1) {
exit;
}
$start = ($page - 1) * $limit;
$categories = fRecordSet::buildFromSQL('EconomicUnitCategory', "SELECT * FROM economic_unit_categories {$where} LIMIT {$start},{$limit}", "SELECT count(*) FROM economic_unit_categories {$where}", $limit, $page);
if ($categories->count() == 0) {
echo '<div class="notification information" >
Por el momento no hay registros en <b> Categorías de Geolocalización</b>.
</div>';
} else {
$p = new Pagination($categories->getPages(), $categories->getPage(), 3);
$pagination = $p->getPaginationLinks();
?>
<center>
<table class="contenttoc" style="width:auto; float:left">
<tr>
<?php
ob_start();
require_once 'config.php';
require_once 'user.php';
require_once 'transaction.php';
require_once 'card.php';
$db = new fDatabase('sqlite', dirname(__FILE__) . '/../var/database.db');
fORMDatabase::attach($db);
fSession::setLength('30 minutes', '1 week');
fSession::setPath(dirname(__FILE__) . '/../var/session');
if ($uid = fSession::get('user')) {
$user = new User($uid);
} else {
$user = null;
}
<?php
error_reporting(E_ALL & ~E_NOTICE);
include __DIR__ . '/load_flourish.php';
include __DIR__ . '/load_plugins.php';
require __DIR__ . '/config.php';
require __DIR__ . '/core.php';
fSession::setPath(SESSIONS_PATH);
fSession::setLength('1 day 2 hours');
$db = new fDatabase('mysql', DB_NAME, DB_USER, DB_PASS, DB_HOST);
fAuthorization::setLoginPage(LOGIN_BASE);
<?php
require_once 'init.php';
fSession::close();
fSession::destroy();
fAuthorization::destroyUserInfo();
header('Location: ' . LOGIN);
<?php
require_once '../init.php';
$id_section = 2;
$section = 'user';
$sub = 'edit';
$idUser = fRequest::encode('id', 'integer');
if (empty($idUser) || !is_numeric($idUser)) {
exit;
}
$u = new User($idUser);
if (empty($u)) {
header('Location: ' . USER . 'list');
}
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
//if(empty($idUser) || !fAuthorization::checkACL($section, $sub)) {
if (empty($idUser)) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
//if($u->prepareIdRole() == 1 && !fAuthorization::checkAuthLevel('super')) header('Location: '.SITE);
require_once INCLUDES . 'header.php';
?>
<!-- MAIN CONTAINER -->
<link rel="stylesheet" href="<?php
echo CSS;
?>
ui-lightness/jquery-ui-1.8.16.custom.css">
<script type="text/javascript" src="<?php
echo SCRIPT;
?>
</td>
<td><?php
echo $check->prepareBaseline();
?>
</td>
<td><?php
echo $over_under_array[$check->getOver_Under()];
?>
</td>
<td><?php
echo $visibility_array[$check->getVisibility()];
?>
</td>
<td><?php
if (fSession::get('user_id') == $check->getUserId()) {
echo '<a href="' . Check::makeURL('edit', $check_type, $check) . '">Edit</a> |';
}
?>
<a href="<?php
echo Subscription::makeURL('add', $check);
?>
">Subscribe</a></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php