public function testFlashMessage() { $h = new App($this->container); $s = new Session(); $this->assertEmpty($h->flashMessage()); $s->flash('test & test'); $this->assertEquals('<div class="alert alert-success alert-fade-out">test & test</div>', $h->flashMessage()); $this->assertEmpty($h->flashMessage()); $this->assertEmpty($h->flashMessage()); $s->flashError('test & test'); $this->assertEquals('<div class="alert alert-error">test & test</div>', $h->flashMessage()); $this->assertEmpty($h->flashMessage()); }
/** * Send the email notifications * * @access public * @param string $template Template name * @param array $users List of users * @param array $data Template data */ public function sendEmails($template, array $users, array $data) { try { $author = ''; if (Session::isOpen() && $this->userSession->isLogged()) { $author = e('%s via Kanboard', $this->user->getFullname($this->session['user'])); } $mailer = Swift_Mailer::newInstance($this->container['mailer']); foreach ($users as $user) { $this->container['logger']->debug('Send email notification to ' . $user['username'] . ' lang=' . $user['language']); $start_time = microtime(true); // Use the user language otherwise use the application language (do not use the session language) if (!empty($user['language'])) { Translator::load($user['language']); } else { Translator::load($this->config->get('application_language', 'en_US')); } // Send the message $message = Swift_Message::newInstance()->setSubject($this->getMailSubject($template, $data))->setFrom(array(MAIL_FROM => $author ?: 'Kanboard'))->setBody($this->getMailContent($template, $data), 'text/html')->setTo(array($user['email'] => $user['name'] ?: $user['username'])); $mailer->send($message); $this->container['logger']->debug('Email sent in ' . round(microtime(true) - $start_time, 6) . ' seconds'); } } catch (Swift_TransportException $e) { $this->container['logger']->error($e->getMessage()); } // Restore locales $this->config->setupTranslations(); }
function logout($module, $interface, $date, $start_time, $offset, $count) { $response = \Core\Response::getInstance()->response(); $session = \Core\Session::getInstance($response); $session->delete(); include ST_ROOT . '/Views/login.tpl.php'; }
/** * 退出登录 */ public function out() { $admin = \Model\Authorize\Admin::login_admin(); \Db\Log::message('退出', '退出系统', $admin->admin_name); \Core\Session::destory(); redirect(\Core\URI::a2p(array('main' => 'index'))); }
public function __construct() { //turn on output buffering ob_start(); //site address define('DIR', 'http://localhost/private/seanmin/'); //set default controller and method for legacy calls define('DEFAULT_CONTROLLER', 'welcome'); define('DEFAULT_METHOD', 'index'); //set the default template define('TEMPLATE', 'default'); //set a default language define('LANGUAGE_CODE', 'en'); //database details ONLY NEEDED IF USING A DATABASE define('DB_TYPE', 'mysql'); define('DB_HOST', 'seanmincom.ipagemysql.com'); define('DB_NAME', 'seanmin'); define('DB_USER', 'sean'); define('DB_PASS', '*86868686*'); define('PREFIX', ''); //set prefix for sessions define('SESSION_PREFIX', 'smvc_'); //optionall create a constant for the name of the site define('SITETITLE', 'SEANMIN'); //optionall set a site email address //define('SITEEMAIL', ''); //turn on custom error handling set_exception_handler('Core\\Logger::ExceptionHandler'); set_error_handler('Core\\Logger::ErrorHandler'); //set timezone date_default_timezone_set('America/Toronto'); //start sessions Session::init(); }
/** * 检查是否登录 */ function check_auth() { // 如果配置中管理员用户名密码为空则说明不用验证 if (Config\Config::$adminName == '' && Config\Config::$adminPassword == '') { return true; } // 进入验证流程 $response = \Core\Response::getInstance()->response(); $session = \Core\Session::getInstance($response); $session->start(); if (!isset($_SESSION['admin'])) { if (!isset($_POST['admin_name']) || !isset($_POST['admin_password'])) { include ST_ROOT . '/Views/login.tpl.php'; return _exit(); } else { $admin_name = $_POST['admin_name']; $admin_password = $_POST['admin_password']; if ($admin_name != Config\Config::$adminName || $admin_password != Config\Config::$adminPassword) { $msg = "用户名或者密码不正确"; include ST_ROOT . '/Views/login.tpl.php'; return _exit(); } $_SESSION['admin'] = $admin_name; $_GET['fn'] = 'main'; } } $session->save(); return true; }
/** * @test * 已经登陆的Seesion状态 */ public function user_has_login() { $request = new Simple('Get', 'Index', 'Login', 'Status'); \Core\Session::getInstance()->login = 1; $this->getApplication()->getDispatcher()->dispatch($request); $this->assertEquals(1, $this->getView()->login); }
public static function login() { if (\Core\Session::authenticated()) { header('Location: ' . \Config::$base) || exit; } $vars = array('js' => array('https://login.persona.org/include.js', 'public/js/auth/' . __FUNCTION__ . '.js')); \Core\View::show('auth/' . __FUNCTION__, $vars); }
/** * Gets the CSRF token of the current session * * @return string Returns the token */ public static function getSessionToken() : string { try { $token = Session::get(self::CSRF_TOKEN_LABEL); } catch (\Exception $e) { $token = false; } return $token; }
/** * Main controller interceptor for all multi upload methods with this utility. */ public function index() { $request = $this->getPageRequest(); $view = $this->getView(); // This page is ALWAYS json. $view->contenttype = View::CTYPE_JSON; $view->mode = View::MODE_AJAX; if (!is_array(\Core\Session::Get('multifileinputobjects'))) { return View::ERROR_BADREQUEST; } // Whatever the method, it should have a matching key that identifies which form it came from, // (since that form element has the metadata attached to it) // This can either be in the POST (for full uploads), or in the headers. $key = false; if (isset($_POST['key'])) { $key = $_POST['key']; } if (isset($_SERVER['HTTP_X_KEY'])) { $key = $_SERVER['HTTP_X_KEY']; } if (!$key) { return View::ERROR_BADREQUEST; } // The key also must exist! if (!isset(\Core\Session::Get('multifileinputobjects')[$key])) { return View::ERROR_BADREQUEST; } $this->_formelement = unserialize(\Core\Session::Get('multifileinputobjects')[$key]['obj']); if ($request->method == View::METHOD_POST) { //var_dump($_SERVER);die(); // Damn browsers that don't support DELETE... if (isset($_REQUEST['_method']) && $_REQUEST['_method'] === 'DELETE') { $view->jsondata = $this->_doDelete(); } elseif (sizeof($_FILES)) { $view->jsondata = $this->_doPost(); } elseif (isset($_SERVER['HTTP_CONTENT_DISPOSITION'])) { $view->jsondata = $this->_doStream(); } else { // NO COOKIE FOR YOU! return View::ERROR_BADREQUEST; } /*fix for IE not handling XMLHTTPRequest file uploads correctly */ header('Vary: Accept'); if (isset($_SERVER['HTTP_ACCEPT']) && strpos($_SERVER['HTTP_ACCEPT'], 'application/json') !== false) { $view->contenttype = "application/json"; } else { //$view->contenttype = "text/plain"; $view->mode = View::MODE_NOOUTPUT; echo json_decode($view->jsondata); } /*end IE fix*/ } else { // What, it's not a post even? return View::ERROR_BADREQUEST; } }
/** * Common method to get a project * * @access protected * @param integer $project_id Default project id * @return array */ protected function getProject($project_id = 0) { $project_id = $this->request->getIntegerParam('project_id', $project_id); $project = $this->project->getById($project_id); if (!$project) { $this->session->flashError(t('Project not found.')); $this->response->redirect('?controller=project'); } $this->checkProjectPermissions($project['id']); return $project; }
public static function login_admin() { static $admin = NULL; if (empty($admin)) { $admin_id = \Core\Session::get('admin_id'); if (!empty($admin_id)) { $admin = \DB\Authorize\Admin::row(array('admin_id' => $admin_id)); } } return $admin; }
public function __construct() { require_once 'config.php'; try { /** @var mixed $db2 Data Base settings from config.php */ $this->connection = new PDO("mysql:host=" . $db2['host'] . ";dbname=" . $db2['name'], $db2['user'], $db2['password']); $this->connection->exec("SET NAMES utf8"); } catch (PDOException $e) { echo $e->getMessage(); } $this->cashier = Session::get('cashier'); }
/** * Save user session and render the final layout template */ public function send() { \Core\Session::save(); headers_sent() or header('Content-Type: text/html; charset=utf-8'); $layout = new \Core\View($this->template); $layout->set((array) $this); print $layout; $layout = NULL; if (config()->debug_mode) { print new \Core\View('System/Debug'); } }
public function setValue($value) { if (!$value) { $this->_error = $this->get('title') . ' is required.'; return false; } if ($value != \Core\Session::Get('captcha')) { $this->_error = $this->get('title') . ' does not match image.'; return false; } parent::setValue(''); }
public static function login_user($user_id = null) { static $user = NULL; if (empty($user)) { if (is_null($user_id)) { $user_id = \Core\Session::get('user_id'); } if (!empty($user_id)) { $user = \DB\Account\User::row(array('user_id' => $user_id)); } } return $user; }
/** * Get a config variable from the session or the database * * @access public * @param string $name Parameter name * @param string $default_value Default value of the parameter * @return string */ public function get($name, $default_value = '') { if (!Session::isOpen()) { $value = $this->db->table(self::TABLE)->eq('option', $name)->findOneColumn('value'); return $value ?: $default_value; } if (!isset($_SESSION['config'][$name])) { $_SESSION['config'] = $this->getAll(); } if (!empty($_SESSION['config'][$name])) { return $_SESSION['config'][$name]; } return $default_value; }
public function render() { if (!$this->get('basedir')) { throw new Exception('MultiFileInput cannot be rendered without a basedir attribute!'); } // Make sure it ends with a trailing slash. if (substr($this->get('basedir'), -1) != '/') { $this->_attributes['basedir'] .= '/'; } //var_dump($_SESSION['multifileinputobjects'], serialize($this->_attributes)); die(); // This is a slightly different element than the traditional form system, as it must be able to be called without // the rest of the form system on submit. // This is because this system will do an ajax submit to do the actual upload. if (!is_array(\Core\Session::Get('multifileinputobjects'))) { \Core\Session::Set('multifileinputobjects', []); } // I don't need this key to be cryptographically secure, just generally unique. $key = md5(serialize($this->_attributes)); foreach (\Core\Session::Get('multifileinputobjects') as $obj) { if (!isset($obj['key'])) { continue; } if ($obj['key'] == $key) { $this->set('id', $obj['id']); } } if (!isset($this->_attributes['id'])) { // This system requires a valid id. $this->set('id', 'multifileinput-' . Core::RandomHex('2')); } $this->set('key', $key); $this->set('uploadkey', $key); // Convert the string representation of a filesize to the raw bytes. $size = strtoupper(str_replace(' ', '', ini_get('upload_max_filesize'))); if (strpos($size, 'G') !== false) { $size = preg_replace('/[^0-9]/', '', $size); $size = $size * (1024 * 1024 * 1024); } elseif (strpos($size, 'M') !== false) { $size = preg_replace('/[^0-9]/', '', $size); $size = $size * (1024 * 1024); } elseif (strpos($size, 'K') !== false) { $size = preg_replace('/[^0-9]/', '', $size); $size = $size * 1024; } $this->set('maxsize', $size); // Now that the session variable has been initialized, the traditional session variable is reliable. $_SESSION['multifileinputobjects'][$key] = array('obj' => serialize($this), 'key' => $key, 'id' => $this->_attributes['id']); return parent::render(); }
/** * 初始化 * @return void */ public static function boot() { // 目录定义 self::structure(); // 初始化环境 self::environment(); // 加载配置 Config::configure(CONFIG); // 数据检查 Validate::validity(); // session初始化 Session::start(); // 调度程序 Dispatcher::dispatch(); }
/** * * Cria um link * * @param string $label * @param string $url * @param array $options * @return string */ public function linkPermissao($label, $url, $options = []) { if (!is_array($url)) { return $this->link($label, $url, $options); } $defautl = ['action' => $this->request->action, 'controller' => $this->request->controller, 'path' => $this->request->path]; $url = array_merge($defautl, $url); $_url = $this->request->prepareUrl($url); $Menu = new \App\Model\Table\MenusTable(); $find = $Menu->where('path', $_url['path'])->where('controller', $_url['controller'])->where('action', $_url['action'])->where(\Core\Session::read('Auth.User.tipo') == 1 ? 'administrador' : 'tosador', 1)->find(); if (!empty($find)) { return $this->link($label, $url, $options); } return null; }
public function testGetWithSession() { $this->container['session'] = new Session(); $c = new Config($this->container); session_id('test'); $this->assertTrue(Session::isOpen()); $this->assertEquals('', $c->get('board_columns')); $this->assertEquals('test', $c->get('board_columns', 'test')); $this->container['session']['config'] = array('board_columns' => 'foo', 'empty_value' => 0); $this->assertEquals('foo', $c->get('board_columns')); $this->assertEquals('foo', $c->get('board_columns', 'test')); $this->assertEquals('test', $c->get('empty_value', 'test')); session_id(''); unset($this->container['session']); }
public function __construct(Request $request, &$session = null) { // Attempt to load a Person object from the session cookie if ($accessToken = $request->cookie(self::COOKIE)) { $person = new Model\Person(); if ($person->loadByAccess_Token($accessToken)) { // Cache the logged in user object $this->user = $person; } } parent::__construct($request, $session); // Set backto from querystring if ($backto = $this->request->get('backto')) { $this->set('backto', $backto); } }
/** * Get the list of users to send the notification for a given project * * @access public * @param integer $project_id Project id * @param array $exlude_users List of user_id to exclude * @return array */ public function getUsersList($project_id, array $exclude_users = array()) { // Exclude the connected user if (Session::isOpen()) { $exclude_users[] = $this->acl->getUserId(); } $users = $this->getUsersWithNotification($project_id, $exclude_users); foreach ($users as $index => $user) { $projects = $this->db->table(self::TABLE)->eq('user_id', $user['id'])->findAllByColumn('project_id'); // The user have selected only some projects if (!empty($projects)) { // If the user didn't select this project we remove that guy from the list if (!in_array($project_id, $projects)) { unset($users[$index]); } } } return $users; }
public static function start() { try { $url_path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); $uri_parts = explode('/', trim($url_path, ' /')); $module = array_shift($uri_parts); empty($uri_parts[0]) ? $controllerName = 'Main' : ($controllerName = $uri_parts[0]); empty($uri_parts[1]) ? $action = 'index' : ($action = $uri_parts[1]); if (count($uri_parts) % 2) { throw new Exception('Неверное количество параметров запроса'); } $params = null; for ($i = 2; $i < count($uri_parts); $i++) { $params[$uri_parts[$i]] = $uri_parts[++$i]; } if ($params !== null) { $_REQUEST = array_merge($_REQUEST, $params); } Session::start(); if (!array_key_exists('isAuthorize', $_SESSION)) { Session::set('isAuthorize', false); } if (!Session::get('isAuthorize')) { $controllerName = 'Login'; $action = 'login'; $_SERVER['REQUEST_URI'] = '/kassa/login'; } $controllerName = 'controllers\\' . $controllerName . 'Controller'; $action = $action . '_action'; if (!class_exists($controllerName)) { throw new Exception('Запрашеваемой страницы не существует: ' . $controllerName); } $controller = new $controllerName(); if (!method_exists($controller, $action)) { throw new Exception('Указаного действия не существует:' . $action); } $controller->{$action}(); } catch (Exception $e) { echo $e->getMessage(); } }
public function changepw() { $password = \Core\URI::kv('password'); $new_password = \Core\URI::kv('new_password'); $repeat_password = \Core\URI::kv('repeat_password'); $v = new \Core\Validation(); $v->required($password)->message('密码'); $v->required($new_password)->message('新密码不能为空'); $v->filter_var($new_password == $repeat_password)->message('重复新密码不正确'); if (!$v->has_error()) { $authorize_id = \Core\Session::get('authorize_id'); $row = \DB\Authorize::row(array('authorize_id' => $authorize_id)); $gen_password = \DB\Authorize::gen_password($password); if ($gen_password == $row->authorize_password) { $row->authorize_password = \DB\Authorize::gen_password($new_password); $row->save(); $v->required(false)->message('密码修改成功,退出当前登录生效'); } else { $v->required(false)->message('原始密码不正确'); } } echo json_encode($v->get_error()); exit; }
public function wuchao() { $user_id = \Core\URI::kv('user_id', 5); \Core\Session::set('user_id', $user_id); echo "设置测试帐号:{$user_id}"; }
/** * Modify a new user * * @access public * @param array $values Form values * @return array */ public function update(array $values) { $this->prepare($values); $result = $this->db->table(self::TABLE)->eq('id', $values['id'])->update($values); // If the user is connected refresh his session if (Session::isOpen() && $this->userSession->getId() == $values['id']) { $this->userSession->refresh(); } return $result; }
/** * Redirection when there is no project in the database * * @access protected */ protected function redirectNoProject() { $this->session->flash(t('There is no active project, the first step is to create a new project.')); $this->response->redirect('?controller=project&action=create'); }
public static function get() { return static::findById(Session::get('id')); }
/** * Internal function to parse and handle the configs in the theme.xml file. * This is used for installations and upgrades. * * Returns false if nothing changed, else will return the configuration options changed. * * @param boolean $install Set to false to force uninstall/disable mode. * @param int $verbosity (default 0) 0: standard output, 1: real-time, 2: real-time verbose output. * * @return false | array * * @throws \InstallerException */ public function _parseConfigs($install = true, $verbosity = 0) { // Keep track of if this changed anything. $changes = array(); $action = $install ? 'Installing' : 'Uninstalling'; $set = $install ? 'Set' : 'Unset'; \Core\Utilities\Logger\write_debug($action . ' configs for ' . $this->getName()); // I need to get the schema definitions first. $node = $this->_xmlloader->getElement('configs'); //$prefix = $node->getAttribute('prefix'); // Now, get every table under this node. foreach ($node->getElementsByTagName('config') as $confignode) { /** @var \DOMElement $confignode */ $key = $confignode->getAttribute('key'); $options = $confignode->getAttribute('options'); $type = $confignode->getAttribute('type'); $default = $confignode->getAttribute('default'); $title = $confignode->getAttribute('title'); $description = $confignode->getAttribute('description'); $mapto = $confignode->getAttribute('mapto'); $encrypted = $confignode->getAttribute('encrypted'); $formAtts = $confignode->getAttribute('form-attributes'); if ($encrypted === null || $encrypted === '') { $encrypted = '0'; } if ($verbosity == 2) { CLI::PrintActionStart($action . ' config ' . $key); } // Themes only allow for keys starting with "/theme/"! // This is to encourage that all themes share a common subset of configuration options. // EG: if the end user sees: "Site Logo", "Business Address", "Business Phone" on one theme, // they would be expecting to see those same options with the same values if they change the theme, // (and the new theme supports those same options). if (strpos($key, '/theme/') !== 0) { trigger_error('Please ensure that all config options in themes start with "/theme/"! (Mismatched config found in ' . $this->getName() . ':' . $key, E_USER_NOTICE); continue; } // Default if omitted. if (!$type) { $type = 'string'; } $m = \ConfigHandler::GetConfig($key); $m->set('options', $options); $m->set('type', $type); $m->set('default_value', $default); $m->set('title', $title); $m->set('description', $description); $m->set('mapto', $mapto); $m->set('encrypted', $encrypted); $m->set('form_attributes', $formAtts); // Default from the xml, only if it's not already set. if ($m->get('value') === null || !$m->exists()) { $m->set('value', $confignode->getAttribute('default')); } // Allow configurations to overwrite any value. This is useful on the initial installation. if (is_array(\Core\Session::Get('configs')) && isset(\Core\Session::Get('configs')[$key])) { $m->set('value', \Core\Session::Get('configs')[$key]); } if ($m->save()) { $changes[] = $set . ' configuration [' . $m->get('key') . '] to [' . $m->get('value') . ']'; if ($verbosity == 2) { CLI::PrintActionStatus(true); } } else { if ($verbosity == 2) { CLI::PrintActionStatus('skip'); } } // Make it available immediately \ConfigHandler::CacheConfig($m); } return sizeof($changes) ? $changes : false; }