/**
* Returns all checks on the system
*
* @param string $sort_column The column to sort by
* @param string $sort_dir The direction to sort the column
* @return fRecordSet An object containing all meetups
*/
static function findAll($sort_column = 'name', $sort_dir = 'desc')
{
return fRecordSet::build(
__CLASS__,
array('enabled=' => true,'user_id=|visibility=' => array(fSession::get('user_id'),0)),
array($sort_column => $sort_dir)
);
}
static function findActive($check_id = NULL)
{
if (!is_null($check_id) && is_numeric($check_id)) {
$filter = ' AND check_id=' . $check_id;
} else {
$filter = '';
}
return fRecordSet::buildFromSQL(__CLASS__, array('SELECT subscriptions.* FROM subscriptions WHERE user_id = ' . fSession::get('user_id') . $filter));
}
public function index()
{
$this->cache_control('private', 300);
$this->current_language = fSession::get('last_language', 0);
if (fMessaging::check('code', '/submit')) {
$this->code = fMessaging::retrieve('code', '/submit');
} else {
$this->code = '';
}
$this->nav_class = 'submit';
$this->render('submit/index');
}
static public function findUsersResults()
{
return fRecordSet::buildFromSQL(
__CLASS__,
array('SELECT check_results.* FROM check_results JOIN subscriptions ON check_results.check_id = subscriptions.check_id and subscriptions.user_id = ' . fSession::get('user_id')));
}
<input id="dashboard-background_color" class="span3" type="text" size="30" name="background_color" value="<?=$dashboard->encodeBackgroundColor(); ?>" />
</div>
</div><!-- /clearfix -->
<div class="clearfix">
<label for="dashboard-refresh_rate">Refresh Rate<em>*</em> (in seconds)</label>
<div class="input">
<input id="dashboard-refresh_rate" class="span3" type="text" size="30" name="refresh_rate" value="<?=$dashboard->getRefreshRate(); ?>" />
</div>
</div>
<div class="actions span4">
<input class="btn primary" type="submit" value="Save" />
<input class="btn" type="submit" name="action::delete" value="Delete" />
<a href="<?=Dashboard::makeUrl('view',$dashboard); ?>" class="btn">View</a>
<div class="required"><em>*</em> Required field</div>
<input type="hidden" name="token" value="<?=fRequest::generateCSRFToken(); ?>" />
<input type="hidden" name="user_id" value="<?=fSession::get('user_id'); ?>" />
</div>
</fieldset>
</div>
</form>
</div>
<div class="span10">
<? if ($action == 'edit') { ?>
<p class="info"><a href="<?=Graph::makeURL('add',$dashboard); ?>">Add Graph</a></p>
<?php
try {
$graphs->tossIfEmpty();
$affected = fMessaging::retrieve('affected', fURL::get());
?>
<div>
<table class="zebra-striped">
<?php
$section = 'categories';
$section_id = 25;
$sub = 'listGcategory';
$typeOfUser = fAuthorization::checkAuthLevel('super');
$where = "";
if (!$typeOfUser) {
$where = " WHERE " . fSession::get('where_at');
}
?>
<?php
$limit = fRequest::encode('limit', 'integer');
$page = fRequest::encode('p', 'integer');
if ($page < 1) {
exit;
}
$start = ($page - 1) * $limit;
$categories = fRecordSet::buildFromSQL('EconomicUnitCategory', "SELECT * FROM economic_unit_categories {$where} LIMIT {$start},{$limit}", "SELECT count(*) FROM economic_unit_categories {$where}", $limit, $page);
if ($categories->count() == 0) {
echo '<div class="notification information" >
Por el momento no hay registros en <b> Categorías de Geolocalización</b>.
</div>';
} else {
$p = new Pagination($categories->getPages(), $categories->getPage(), 3);
$pagination = $p->getPaginationLinks();
?>
<center>
<table class="contenttoc" style="width:auto; float:left">
<tr>
// --------------------------------- //
} elseif ('add' == $action) {
$subscription = new Subscription();
//Load details of the check we are going to subscribe to
$check = new Check($check_id);
if (fRequest::isPost()) {
try {
$subscription->populate();
fRequest::validateCSRFToken(fRequest::get('token'));
$subscription->store();
fMessaging::create('affected',$manage_url , $check->getName());
fMessaging::create('success', $manage_url,
'The subscription to ' . $check->getName() . ' was successfully created');
fURL::redirect($manage_url);
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
}
include VIEW_PATH . '/add_edit_subscription.php';
} else {
$user = new User(fSession::get('user_id'));
$subscriptions = $user->buildSubscriptions();
include VIEW_PATH . '/list_subscriptions.php';
}
echo '<li' . ($current_url == $setting_list ? ' class="active"' : '') . '><a href="' . $setting_list . '" >Settings</a></li>' . "\n";
if (fAuthorization::checkAuthLevel('admin')) {
$user_list = User::makeURL('list');
echo '<li><a href="' . User::makeURL('list') . '" >Users</a></li>';
}
?>
</ul>
<?php
if (is_numeric(fSession::get('user_id'))) {
?>
<p class="pull-right">
Logged in as <a href="<?php
echo User::makeUrl('edit', fSession::get('user_id'));
?>
"><?php
echo fSession::get('user_name');
?>
</a>
</p>
<?php
}
?>
</div>
</div>
</div>
<?php
}
?>
<div class="container-fluid">
<?php
public function testGetNoValueDefault()
{
fSession::open();
$this->assertEquals('default', fSession::get('key', 'default'));
}
try {
$user->populate();
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e - getMessage());
}
}
include VIEW_PATH . '/add_edit_user_settings.php';
} elseif ('delete' == $action) {
try {
$user = new User($user_id);
if (fRequest::isPost()) {
fRequest::validateCSRFToken(fRequest::get('token'));
$user->delete();
fMessaging::create('success', User::makeUrl('edit', $user), 'The user ' . $user->getName() . ' was successfully deleted');
fURL::redirect(User::makeUrl('edit', $user));
}
} catch (fNotFoundException $e) {
fMessaging::create('error', User::makeUrl('edit', $user), 'The line requested could not be found');
fURL::redirect(User::makeUrl('edit', $user));
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
include VIEW_PATH . '/delete.php';
} else {
if (!fAuthorization::checkAuthLevel('admin')) {
fURL::redirect(User::makeURL('edit', fSession::get('user_id')));
} else {
$users = User::findAll();
include VIEW_PATH . '/list_users.php';
}
}
<?php require_once '../init.php'; $id_section = 10; $section = 'user'; $sub = ''; require_once INCLUDES . 'header.php'; ?> <!-- MAIN CONTAINER --> <div id="ja-container" class="wrap ja-r2"> <div class="main clearfix"> <?php $regions = fSession::get(SESSION_REGIONS); print_r($regions); ?> </div> </div> <?php require_once INCLUDES . 'footer.php';
?>
<table class="zebra-striped">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
<th>Action</th>
</tr></thead><tbody>
<?php
$first = TRUE;
foreach ($users as $user) {
?>
<tr>
<td><?php echo $user->prepareUsername() ?></td>
<td><?php echo $user->prepareEmail() ?></td>
<td><?php if (fSession::get('user_id') == $user->getUserId() || fAuthorization::checkAuthLevel('admin')) { echo '<a href="' . User::makeUrl('edit',$user) . '">Edit</a>'; } ?>
<?php if (fAuthorization::checkAuthLevel('admin') || $user->getUserId() != 1) {
?> <a href="<?php echo User::makeUrl('delete',$user); ?>">Delete</a></td>
<?php } ?>
</tr>
<?php } ?>
</tbody></table>
<?
} catch (fEmptySetException $e) {
?>
<p class="info">There are currently no Tattle users? <a href="<?php echo '<a href="'. User::makeUrl('add'); ?>">Add one now</a></p>
<?php
}
?>
</div>
<?php $tmpl->place('footer') ?>
<h1>London<br/>Hackspace</h1>
</div>
</div><!-- end of hd -->
<?php
}
?>
<!-- end of Header section -->
<!-- Start of Main Body section -->
<div id="bd">
<?php
if (!isset($hide_menu)) {
?>
<?php
require 'menu.php';
?>
<div id="non-menu-content" class="grid_10">
<?php
if ($user && !fSession::get('suppress_profile_notification') && !$user->getHasProfile() && $page != 'edit') {
?>
<div class="profile-alert alert alert-info alert-dismissable">
<button type="button" class="close" data-dismiss="alert" data-persist="suppress_profile_notification"
aria-hidden="true">×</button>
You haven't filled in your member profile details yet.
<a href="/members/profile_edit.php" class="alert-link">Complete your profile</a> to let other members know more about you.
</div>
<?php
}
?>
<?php
}
?>
<table class="zebra-striped">
<thead>
<tr>
<th>Username</th>
<th>Email</th>
<th>Action</th>
</tr></thead><tbody>
<?php
$first = TRUE;
foreach ($users as $user) {
?>
<tr>
<td><?=$user->prepareUsername(); ?></td>
<td><?=$user->prepareEmail(); ?></td>
<td><?php if (fSession::get('user_id') == $user->getUserId() || fAuthorization::checkAuthLevel('admin')) {
echo '<a href="' . User::makeUrl('edit',$user) . '">Edit</a> | ';
echo '<a href="' . Setting::makeURL('list','user',NULL,$user->getUserId()) . '">Settings</a>';
} ?>
<?php if (fAuthorization::checkAuthLevel('admin') && $user->getUserId() != 1) {
?> <a href="<?=User::makeUrl('delete',$user); ?>">Delete</a></td>
<?php } ?>
</tr>
<?php } ?>
</tbody></table>
<?
} catch (fEmptySetException $e) {
?>
<p class="info">There are currently no Tattle users? <a href="<?=User::makeUrl('add'); ?>">Add one now</a></p>
<?php
}
<?php
include 'inc/init.php';
fAuthorization::requireLoggedIn();
$breadcrumbs[] = array('name' => 'Alerts', 'url' => 'index.php', 'active' => false);
$page_num = fRequest::get('page', 'int', 1);
$offset = ($page_num - 1) * $GLOBALS['PAGE_SIZE'];
$results = NULL;
$latest_alerts = 'SELECT c.check_id,name,r.status,count(c.check_id) as count, r.timestamp ' . 'FROM subscriptions s ' . 'JOIN checks c ON s.check_id = c.check_id ' . 'JOIN check_results r ON s.check_id = r.check_id ' . 'WHERE r.timestamp >= DATE_SUB(CURDATE(),INTERVAL 1 DAY) ' . 'AND r.status IS NOT NULL ' . 'AND acknowledged = 0 ' . 'AND s.user_id = ' . fSession::get('user_id') . ' ' . 'GROUP BY c.check_id ' . 'LIMIT ' . $GLOBALS['PAGE_SIZE'] . ' ' . 'OFFSET ' . $offset . ';';
$results = $db->query($latest_alerts);
$alert_count = $results->countReturnedRows();
include 'inc/views/index.php';
fMessaging::create('error', $manage_url, 'The subscription requested ' . fHTML::encode($check_id) . ' could not be found');
fURL::redirect($manage_url);
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
include VIEW_PATH . '/add_edit_subscription.php';
// --------------------------------- //
} elseif ('add' == $action) {
$subscription = new Subscription();
//Load details of the check we are going to subscribe to
$check = new Check($check_id);
if (fRequest::isPost()) {
try {
$subscription->populate();
fRequest::validateCSRFToken(fRequest::get('token'));
$subscription->store();
fMessaging::create('affected', $manage_url, $check->getName());
fMessaging::create('success', $manage_url, 'The subscription to ' . $check->getName() . ' was successfully created');
fURL::redirect($manage_url);
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
}
include VIEW_PATH . '/add_edit_subscription.php';
} else {
$user = new User(fSession::get('user_id'));
$page_num = fRequest::get('page', 'int', 1);
$subscriptions = Subscription::findAll(NULL, fSession::get('user_id'), $GLOBALS['PAGE_SIZE'], $page_num);
// $subscriptions = $user->buildSubscriptions();
include VIEW_PATH . '/list_subscriptions.php';
}
<?php
ob_start();
require_once 'config.php';
require_once 'user.php';
require_once 'transaction.php';
require_once 'card.php';
$db = new fDatabase('sqlite', dirname(__FILE__) . '/../var/database.db');
fORMDatabase::attach($db);
fSession::setLength('30 minutes', '1 week');
fSession::setPath(dirname(__FILE__) . '/../var/session');
if ($uid = fSession::get('user')) {
$user = new User($uid);
} else {
$user = null;
}
/**
* Retrieves and removes a message from the session
*
* @param string $name The name of the message to retrieve
* @param string $recipient The intended recipient
* @return string The message contents
*/
public static function retrieve($name, $recipient = NULL)
{
if ($recipient === NULL) {
$recipient = '{default}';
}
$key = __CLASS__ . '::' . $recipient . '::' . $name;
$message = fSession::get($key, NULL);
fSession::delete($key);
return $message;
}
?>
</td>
<td><?php
echo $check->prepareBaseline();
?>
</td>
<td><?php
echo $over_under_array[$check->getOver_Under()];
?>
</td>
<td><?php
echo $visibility_array[$check->getVisibility()];
?>
</td>
<td><?php
if (fSession::get('user_id') == $check->getUserId()) {
echo '<a href="' . Check::makeURL('edit', $check_type, $check) . '">Edit</a> |';
}
?>
<a href="<?php
echo Subscription::makeURL('add', $check);
?>
">Subscribe</a></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<?php
<?php
include 'inc/init.php';
fAuthorization::requireLoggedIn();
fRequest::overrideAction();
$action = fRequest::getValid('action', array('list', 'add', 'edit', 'delete', 'view'));
$setting_name = fRequest::get('setting_name', 'string');
$setting_type = fRequest::getValid('setting_type', array('system', 'user'));
$user_id = fRequest::get('user_id', 'integer');
if ($setting_type == 'user') {
if ($user_id > 0) {
$owner_id = $user_id;
} else {
$owner_id = fSession::get('user_id');
}
} else {
$owner_id = 0;
}
if ('delete' == $action) {
$class_name = 'Setting';
try {
$obj = new Setting(array('name' => $setting_name, 'owner_id' => $owner_id));
$delete_text = 'Are you sure you want to delete this setting : <strong>' . $obj->getFriendlyName() . '</strong>?';
if (fRequest::isPost()) {
fRequest::validateCSRFToken(fRequest::get('token'));
$obj->delete();
fMessaging::create('success', fURL::get(), 'The setting ' . $obj->getFriendlyName() . ' was successfully deleted');
fURL::redirect(Setting::makeUrl('list', $setting_type, NULL, $owner_id));
}
} catch (fNotFoundException $e) {
fMessaging::create('error', fURL::get(), 'The setting requested could not be found');
<?
include dirname(__FILE__) . '/inc/init.php';
fAuthorization::requireLoggedIn();
$breadcrumbs[] = array('name' => 'Alerts', 'url' => '#','active' => false);
$latest_alerts = 'SELECT c.check_id,name,r.status,count(c.check_id) as count, r.timestamp '.
'FROM subscriptions s '.
'JOIN checks c ON s.check_id = c.check_id '.
'JOIN check_results r ON s.check_id = r.check_id '.
'WHERE r.timestamp >= DATE_SUB(CURDATE(),INTERVAL 1 DAY) '.
'AND r.status IS NOT NULL '.
'AND acknowledged = 0 '.
'AND s.user_id = ' . fSession::get('user_id') . ' ' .
'Group by c.check_id;';
$results = $mysql_db->query($latest_alerts);
include dirname(__FILE__) . '/inc/views/index.php';
<?php
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
if (empty($idUser) || !fAuthorization::checkACL('geolocation', 'edit')) {
exit("No se ha podido acceder a esta secci&oacite;n");
}
$id = fRequest::encode('id', 'integer');
if (empty($id)) {
exit("Ha ocurrido un error");
}
if (!fAuthorization::checkAuthLevel('super')) {
$isOwner = fRecordSet::build('EconomicUnit', array('economic_unit_id =' => $id, 'economic_unit_region=' => fSession::get('regs')));
$count = $isxOwner->count() > 0;
if (!$count) {
header('Location: ' . SITE);
}
}
try {
$av = new EconomicUnit($id);
} catch (Exception $e) {
header("Location: " . SITE);
}
$av->setEconomicUnitName(fRequest::encode('title', 'string'));
//$av->setCreatedAt(date('Y-m-d H:m:s'));
$av->setEconomicUnitStreetType(fRequest::encode('type', 'string'));
$av->setEconomicUnitLatitude(fRequest::encode('latitude', 'string'));
$av->setEconomicUnitLongitude(fRequest::encode('longitude', 'string'));
$av->setEconomicUnitDescription(fRequest::encode('description', 'string'));
$av->setEconomicUnitStreetName(fRequest::encode('street', 'string'));
$av->setEconomicUnitLocationNumber(fRequest::encode('number', 'string'));
/**
* Validates a request token generated by ::generateCSRFToken()
*
* This method takes a request token and ensures it is valid, otherwise
* it will throw an fValidationException.
*
* @throws fValidationException When the CSRF token specified is invalid
*
* @param string $token The request token to validate
* @param string $url The URL to validate the token for, default to the current page
* @return void
*/
public static function validateCSRFToken($token, $url = NULL)
{
if ($url === NULL) {
$url = fURL::get();
}
$key = __CLASS__ . '::' . $url . '::csrf_tokens';
$tokens = fSession::get($key, array());
if (!in_array($token, $tokens)) {
throw new fValidationException('The form submitted could not be validated as authentic, please try submitting it again');
}
$tokens = array_diff($tokens, array($token));
fSession::set($key, $tokens);
}
/**
* Returns all checks on the system that matches the group id
*
* @param string $type The type of check to return 'threshold', 'predictive'
* @param string $sort_column The column to sort by
* @param string $sort_dir The direction to sort the column
* @param int $limit The max number of records to show
* @param int $page The offset
* @return fRecordSet An object containing all meetups
*/
static function findAllByGroupId($type, $group_id, $sort_column = 'name', $sort_dir = 'desc', $limit = NULL, $page = NULL)
{
return fRecordSet::build(__CLASS__, array('type=' => $type, 'group_id=' => $group_id, 'enabled=' => true, 'user_id=|visibility=' => array(fSession::get('user_id'), 0)), array($sort_column => $sort_dir), $limit, $page);
}
fMessaging::create('error', fURL::get(), $e->getMessage());
}
include VIEW_PATH . '/ackAll_results.php';
} else {
if ($action == 'notifyAll') {
try {
$check = new Check($check_id);
$subject_mail = fRequest::get('subject_mail');
$content_mail = fRequest::get('content_mail');
if (fRequest::isPost()) {
if (empty($subject_mail) || empty($content_mail)) {
fMessaging::create('error', fURL::get(), "You have to fill the subject and the content to send this mail");
} else {
fRequest::validateCSRFToken(fRequest::get('token'));
$recipients = array();
$id_user_session = fSession::get('user_id');
$user_session = new User($id_user_session);
$recipients[] = array("mail" => $user_session->getEmail(), "name" => $user_session->getUsername());
$alt_ids = array();
$subscription_alt = Subscription::findAll($check_id, NULL, NULL, NULL, TRUE);
foreach ($subscription_alt as $alt) {
$user = new User($alt->getUserId());
$recipients[] = array("mail" => usr_var('alt_email', $user->getUserId()), "name" => $user->getUsername());
$alt_ids[] = $alt->getUserId();
}
$subscriptions = $db->query("SELECT DISTINCT user_id,check_id FROM subscriptions WHERE check_id=" . $check_id . ";");
foreach ($subscriptions as $sub) {
$user_id = $sub['user_id'];
if (!in_array($user_id, $alt_ids) && $user_id != $id_user_session) {
$user = new User($sub['user_id']);
$recipients[] = array("mail" => $user->getEmail(), "name" => $user->getUsername());
echo Subscription::makeURL('add', $check);
?>
" class="btn btn-default">Subscribe</a>
<?php
}
?>
<div class="required"><em>*</em> Required field</div>
<input type="hidden" name="token" value="<?php
echo fRequest::generateCSRFToken();
?>
" />
<?php
if ($action == 'add') {
?>
<input type="hidden" name="user_id" value="<?php
echo fSession::get('user_id');
?>
" />
<input type="hidden" name="type" value="<?php
echo $check_type;
?>
" />
<?php
}
?>
</div>
</div>
</fieldset>
</form>
</div>
<div id="check_graph" class="col-md-9">
/**
* Return the previous sort direction, if one exists
*
* @return string The previous sort direction
*/
private static function getPreviousSortDirection()
{
return fSession::get(__CLASS__ . '::' . fURL::get() . '::previous_sort_direction', NULL);
}
/**
* Gets the value that was set as the user token, `NULL` if no token has been set
*
* @return mixed The user token that had been set, `NULL` if none
*/
public static function getUserToken()
{
return fSession::get(__CLASS__ . '::user_token', NULL);
}
<?php
require_once '../init.php';
$id_section = 2;
$section = 'user';
$sub = 'edit';
$idUser = fRequest::encode('id', 'integer');
if (empty($idUser) || !is_numeric($idUser)) {
exit;
}
$u = new User($idUser);
if (empty($u)) {
header('Location: ' . USER . 'list');
}
fSession::open();
$idUser = fSession::get(SESSION_ID_USER);
//if(empty($idUser) || !fAuthorization::checkACL($section, $sub)) {
if (empty($idUser)) {
header('Location: ' . SITE);
exit("No se ha podido acceder a esta secci&oacite;n");
}
//if($u->prepareIdRole() == 1 && !fAuthorization::checkAuthLevel('super')) header('Location: '.SITE);
require_once INCLUDES . 'header.php';
?>
<!-- MAIN CONTAINER -->
<link rel="stylesheet" href="<?php
echo CSS;
?>
ui-lightness/jquery-ui-1.8.16.custom.css">
<script type="text/javascript" src="<?php
echo SCRIPT;
$errmsg = '';
if (fRequest::isPost()) {
$old_password = fRequest::get('old-password');
$new_password = fRequest::get('new-password');
$confirm_password = fRequest::get('confirm-password');
$token = fAuthorization::getUserToken();
$username = $token['name'];
$user_id = $token['id'];
if (empty($old_password) or empty($new_password) or empty($confirm_password)) {
$errmsg = '密码不能为空';
} else {
if ($new_password != $confirm_password) {
$errmsg = '两次输入的新密码不一致';
} else {
if (login_check_credential($db, $username, $old_password) == false) {
$errmsg = '旧密码错误';
} else {
if (login_change_password($db, $user_id, $new_password)) {
fURL::redirect(fSession::delete('change-password-referer', SITE_BASE));
} else {
$errmsg = '修改密码失败';
}
}
}
}
} else {
if (fSession::get('change-password-referer') == null) {
fSession::set('change-password-referer', login_get_referer(SITE_BASE));
}
}
include __DIR__ . '/tpl/change-password.php';