private function __construct() { $this->m_state = json_decode(file_get_contents(__DIR__ . ServiceState::StateFile), true); if ($this->m_state === null) { Error('Unable to decode the service state file (' . ServiceState::StateFile . ').'); } }
function edit_user() { if (!is_logged_in() || !is_post_parameter_complete(array('salutation', 'gender', 'firstname', 'lastname', 'birthyear', 'birthmonth', 'birthday', 'password', 'aboutme'))) { Redirect('../edit_user.php'); } $userDetails['salutation'] = $_POST['salutation']; $userDetails['firstname'] = $_POST['firstname']; $userDetails['lastname'] = $_POST['lastname']; $userDetails['gender'] = $_POST['gender']; $userDetails['birthdate'] = "{$_POST['birthyear']}-{$_POST['birthmonth']}-{$_POST['birthday']}"; $userDetails['username'] = $_SESSION['user']['username']; $userDetails['password'] = $_POST['password']; $userDetails['aboutme'] = $_POST['aboutme']; if (is_admin()) { if (is_post_parameter_complete(array('accesslevel'))) { $userDetails['accesslevel'] = $_POST['accesslevel']; } else { Redirect('../edit_user.php'); } } else { $userDetails['accesslevel'] = 'User'; } if (EditUser($userDetails)) { if ($_SESSION['user']['accesslevel'] == $userDetails['accesslevel']) { $_SESSION['user'] = SelectUser($userDetails['username']); Redirect('../index.php'); } else { Redirect('../landing.php/logout'); } } else { Error('Edit Failed'); } }
function register_user() { if (!is_post_parameter_complete(array('salutation', 'gender', 'firstname', 'lastname', 'birthyear', 'birthmonth', 'birthday', 'username', 'password', 'aboutme'))) { Redirect('../register.php'); } $userDetails['salutation'] = $_POST['salutation']; $userDetails['firstname'] = $_POST['firstname']; $userDetails['lastname'] = $_POST['lastname']; $userDetails['gender'] = $_POST['gender']; $userDetails['birthdate'] = "{$_POST['birthyear']}-{$_POST['birthmonth']}-{$_POST['birthday']}"; $userDetails['username'] = $_POST['username']; $userDetails['password'] = $_POST['password']; $userDetails['aboutme'] = $_POST['aboutme']; if (is_admin()) { if (is_post_parameter_complete(array('accesslevel'))) { $userDetails['accesslevel'] = $_POST['accesslevel']; } else { Redirect('../register.php'); } } else { $userDetails['accesslevel'] = 'User'; } if (AddUser($userDetails)) { Redirect('../index.php'); } else { Error('Registration Failed'); } }
function initialize_store() { if (!is_logged_in()) { Error('Invalid Access'); } $GLOBALS['items'] = GetItems(); }
public function save() { $aid = $this->admin['aid']; $password = ForceStringFrom('password'); $passwordconfirm = ForceStringFrom('passwordconfirm'); $email = ForceStringFrom('email'); $fullname = ForceStringFrom('fullname'); $fullname_en = ForceStringFrom('fullname_en'); if (strlen($password) or strlen($passwordconfirm)) { if (strcmp($password, $passwordconfirm)) { $errors[] = '两次输入的密码不相同!'; } } if (!$email) { $errors[] = '请输入Email地址!'; } elseif (!IsEmail($email)) { $errors[] = 'Email地址不规范!'; } elseif (APP::$DB->getOne("SELECT aid FROM " . TABLE_PREFIX . "admin WHERE email = '{$email}' AND aid != '{$aid}'")) { $errors[] = 'Email地址已占用!'; } if (!$fullname) { $errors[] = '请输入中文昵称!'; } if (!$fullname_en) { $errors[] = '请输入英文昵称!'; } if (isset($errors)) { Error($errors, '编辑我的信息错误'); } else { APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET \r\n\t\t\t" . Iif($password, "password = '******',") . "\r\n\t\t\temail = '{$email}',\r\n\t\t\tfullname = '{$fullname}',\r\n\t\t\tfullname_en = '{$fullname_en}'\r\n\t\t\tWHERE aid = '{$aid}'"); Success('myprofile'); } }
/** * validateLogin, verify that the login credentials are correct. * * @param string $login the login field * @param string $password the password * * @return array * index 0 -> false if login failed, index of the administrator if successful * index 1 -> error message when login fails * * eg * return array(5,'OK'); // -> login successful for admin 5 * return array(0,'Incorrect login details'); // login failed */ public function validateLogin($login, $password) { $query = sprintf('select password, disabled, id from %s where loginname = "%s"', $GLOBALS['tables']['admin'], sql_escape($login)); $req = Sql_Query($query); $admindata = Sql_Fetch_Assoc($req); $encryptedPass = hash(ENCRYPTION_ALGO, $password); $passwordDB = $admindata['password']; #Password encryption verification. if (strlen($passwordDB) < $GLOBALS['hash_length']) { // Passwords are encrypted but the actual is not. #Encrypt the actual DB password before performing the validation below. $encryptedPassDB = hash(ENCRYPTION_ALGO, $passwordDB); $query = sprintf('update %s set password = "******" where loginname = "%s"', $GLOBALS['tables']['admin'], $encryptedPassDB, sql_escape($login)); $passwordDB = $encryptedPassDB; $req = Sql_Query($query); } if ($admindata['disabled']) { return array(0, s('your account has been disabled')); } elseif (!empty($passwordDB) && $encryptedPass == $passwordDB) { return array($admindata['id'], 'OK'); } else { if (!empty($GLOBALS['admin_auth_module'])) { Error(s('Admin authentication has changed, please update your admin module'), 'https://resources.phplist.com/documentation/errors/adminauthchange'); return; } return array(0, s('incorrect password')); } if (!empty($GLOBALS['admin_auth_module'])) { Error(s('Admin authentication has changed, please update your admin module'), 'https://resources.phplist.com/documentation/errors/adminauthchange'); return; } return array(0, s('Login failed')); }
public function save() { $aids = $_POST['aids']; $nums = count($aids); $msg = ForceStringFrom('msg'); $msg_en = ForceStringFrom('msg_en'); if ($nums < 1) { $errors[] = '请选择所属客服人员!'; } if (!$msg) { $errors[] = '请填写常用短语中文内容!'; } if (!$msg_en) { $errors[] = '请填写常用短语英文内容!'; } if (isset($errors)) { Error($errors, '添加常用短语'); } for ($i = 0; $i < $nums; $i++) { $aid = ForceInt($aids[$i]); APP::$DB->exe("INSERT INTO " . TABLE_PREFIX . "phrase (aid, activated, msg, msg_en) VALUES ('{$aid}', 1, '{$msg}', '{$msg_en}')"); $lastid = APP::$DB->insert_id; APP::$DB->exe("UPDATE " . TABLE_PREFIX . "phrase SET sort = '{$lastid}' WHERE pid = '{$lastid}'"); } Success('phrases'); }
public function __construct($IdOrRow) { $row = NULL; if ($IdOrRow) { if (is_integer($IdOrRow) or is_numeric($IdOrRow)) { $row = dbFetchOne('SELECT * FROM Frames WHERE Id=?', NULL, array($IdOrRow)); if (!$row) { Error("Unable to load Frame record for Id=" . $IdOrRow); } } elseif (is_array($IdOrRow)) { $row = $IdOrRow; } else { Error("Unknown argument passed to Frame Constructor ({$IdOrRow})"); return; } } # end if isset($IdOrRow) if ($row) { foreach ($row as $k => $v) { $this->{$k} = $v; } } else { Error("No row for Frame " . $IdOrRow); } }
public function __construct($IdOrRow) { $row = NULL; if ($IdOrRow) { if (is_integer($IdOrRow) or is_numeric($IdOrRow)) { $row = dbFetchOne('SELECT * FROM Monitors WHERE Id=?', NULL, array($IdOrRow)); if (!$row) { Error("Unable to load Server record for Id=" . $IdOrRow); } } elseif (is_array($IdOrRow)) { $row = $IdOrRow; } else { Error("Unknown argument passed to Monitor Constructor ({$IdOrRow})"); return; } } # end if isset($IdOrRow) if ($row) { foreach ($row as $k => $v) { $this->{$k} = $v; } if ($this->{'Controllable'}) { $s = dbFetchOne('SELECT * FROM Controls WHERE Id=?', NULL, array($this->{'ControlId'})); foreach ($s as $k => $v) { if ($k == 'Id') { continue; } $this->{$k} = $v; } } } else { Error("No row for Monitor " . $IdOrRow); } }
public function LinkPath() { if (ZM_USE_DEEP_STORAGE) { return $this->{'MonitorId'} . '/' . strftime("%y/%m/%d/.", $this->Time()) . $this->{'Id'}; } Error("Calling Link_Path when not using deep storage"); return ''; }
function chk_id($id, $url = "", $msg = "操作非法") { $id = intval($id); if (!$id || $id == 0) { Error($msg, $url); } return true; }
function Fatal_error($msg) { global $config; # logError($msg); $emailmsg = ' Fatal Error ' . $config["websiteurl"] . "\n\n" . $PHP_SELF . " " . $page . ", {$msg}"; sendError($emailmsg); Error($msg); exit; }
function check_user($user_id) { $sql = mysql_query("SELECT COUNT(*) FROM " . TABLE_ORDER . " WHERE user_id='{$user_id}'") or Error(1, __FILE__, __LINE__); $arr = @mysql_fetch_array($sql); if (@$arr[0]) { return 1; } return 0; }
function check_event($event_id) { $sql = mysql_query("SELECT user_id FROM " . TABLE_EVENT . " WHERE event_id={$event_id}") or Error(1, __FILE__, __LINE__); $info = @mysql_fetch_array($sql); if ($info['user_id'] != $_SESSION['admin_id']) { return '-'; } return 0; }
fclose($handle); } /** * Add a new mail content by Admin * @param array 0 => title, 1 => content */ public static function addNewMail($newmail) { assert(count($newmail) == 2); xassert(trim($newmail['title']) != '' && $newmail['content'] != '', Error('nullContent'));
public function verifyAndRotateLogs() { $directory = realpath(__DIR__ . '/../../logs/'); $latest = $directory . '/latest.log'; if (!file_exists($latest)) { Error('ServicesMonitor: The latest log file does not exists (/logs/latest.log).'); return; } if (!is_writable($directory)) { Error('ServicesMonitor: Unable to write to the logs (/logs/) directory.'); return; } $logs = array(); $errors = array(); $warnings = array(); $invalid = array(); $entries = file($latest); while (($line = array_shift($entries)) !== null) { $line = trim($line); if (!strlen($line)) { continue; } if (!preg_match('/^\\[(\\d+-\\d+-\\d+ \\d+:\\d+:\\d+)\\] \\[(Error|Warning|Info)\\] (.*?)$/s', $line, $matches)) { $invalid[] = $line; continue; } while (count($entries) > 0 && substr(reset($entries), 0, 3) != '[20') { $matches[3] .= PHP_EOL . trim(array_shift($entries)); } $date = substr($matches[1], 0, 10); if (!array_key_exists($date, $logs)) { $logs[$date] = array(); } $logs[$date][] = $matches; if ($matches[2] == 'Warning') { $warnings[] = $matches; } if ($matches[2] == 'Error') { $errors[] = $matches; } } foreach ($logs as $date => $entries) { $file = fopen($directory . '/' . $date . '.log', 'a'); foreach ($entries as $entry) { fwrite($file, '[' . $entry[1] . '] [' . $entry[2] . '] ' . trim($entry[3]) . PHP_EOL); } fclose($file); } file_put_contents($latest, ''); if (!count($errors) && !count($warnings) && !count($invalid)) { return; } $message = $this->loadMessage($errors, $warnings, $invalid); $subject = 'Service Monitor update for ' . date('Y-m-d'); $headers = array('From: Peter Beverloo <*****@*****.**>', 'Reply-To: Peter Beverloo <*****@*****.**>', 'Return-Path: Peter Beverloo <*****@*****.**>', 'Content-Type: text/html'); mail(Configuration::$serviceMonitorUpdateAddress, $subject, $message, implode("\r\n", $headers)); }
function check_tz($tz_id) { $sql = mysql_query("SELECT COUNT(*) FROM " . TABLE_OBJECT . " WHERE tz_id={$tz_id}") or Error(1, __FILE__, __LINE__); $arr = @mysql_fetch_array($sql); $count = (int) @$arr[0]; if ($count) { return $count . "об"; } return ''; }
public function fastdelete() { $days = ForceIntFrom('days'); if (!$days) { Error('请选择删除期限!'); } $time = time() - $days * 24 * 3600; APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "comment WHERE readed = 1 AND time < {$time}"); Success('comments'); }
static function Error($msg_class = null, $err_code = 0, $msg = "error") { switch (func_num_args()) { case 0: Error(); break; default: Error($msg_class, $err_code, $msg); } }
public function fastdelete() { $days = ForceIntFrom('days'); if (!$days) { Error('请选择删除期限!'); } $time = time() - $days * 24 * 3600; APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "msg WHERE time < {$time}"); Success('messages'); }
public function get_field($query) { $this->result = $this->mysqli->query($query); for ($count = 0; $array = $this->result->fetch_array(); $count++) { $this->toShow[$count] = $array[0]; } if ($count == 0) { Error('Not found any requested article from records.'); } }
public function process() { $context = \CADB\Model\Context::instance(); if (!$this->params['nid']) { Error('단체협약서 번호를 입력하세요.'); } if (!$this->themes) { $this->themes = $context->getProperty('service.themes'); } $this->fields = \CADB\Agreement::getFieldInfo(1); $this->articles = \CADB\Agreement::getAgreement($this->params['nid'], $this->params['did'] ? $this->params['did'] : 0); if (!$this->articles) { Error('존재하지 않는 단체협약입니다.'); } if (\CADB\Privilege::checkAgreement($this->articles) == false) { Error('접근 권한이 없습니다.'); } $g_cids = \CADB\Guide::getTaxonomy(); foreach ($g_cids as $id) { $this->guide_taxonomy_terms[$id] = \CADB\Guide::getRelativeGuideTerm($id); } $this->taxonomy = $this->fields['taxonomy']; $taxonomy_cids = array(); foreach ($this->fields['field'] as $fid => $f) { if ($f['table'] == 'agreement') { if ($f['type'] == 'taxonomy') { $taxonomy_cids[] = $f['cid']; } } } if (count($taxonomy_cids)) { $this->taxonomy += \CADB\Taxonomy::getTaxonomy($taxonomy_cids); } $cids = array_keys($this->taxonomy); if ($cids) { $taxonomy_terms = \CADB\Taxonomy::getTaxonomyTerms($cids); foreach ($taxonomy_terms as $cid => $terms) { $this->taxonomy_terms[$cid] = \CADB\Taxonomy::makeTree($terms); } } /* ob_start(); $theme_html_file = ""; if($this->themes) { $theme_html_file = CADB_PATH."/themes/".$this->themes."/articles/pdf.html.php"; if($theme_html_file && file_exists($theme_html_file)) { include $theme_html_file; } else { include dirname(__FILE__)."/pdf.html.php"; } } else { include dirname(__FILE__)."/pdf.html.php"; } $content = ob_get_contents(); ob_end_clean(); */ }
public function alter_database($query) { if ($this->permission() != ADMIN) { Error('You must be admin to alter the database'); } conn($mysqli); if (!$mysqli->query($query)) { Error($mysqli->error); } $mysqli->close(); }
function initialize_profile() { global $userDetails; if (!is_get_parameter_complete(array('username'))) { Redirect('index.php'); } $userDetails = SelectUser($_GET['username']); if ($userDetails == null) { Error('User not found'); } }
function edit_message() { if (!is_logged_in() || !is_post_parameter_complete(array('username', 'date', 'message')) || !(is_admin() || is_logged_username($_POST['username']))) { Error('Invalid Access'); } if (EditPost($_POST['username'], $_POST['date'], $_POST['message'])) { echo 'success'; } else { echo 'Edit failed'; } }
function initialize_item() { global $itemDetails; if (!is_get_parameter_complete(array('iditem'))) { Redirect('store.php'); } $itemDetails = SelectItem($_GET['iditem']); if ($itemDetails == null) { Error('Item not found'); } }
function delete_item() { if (!is_admin()) { Error('Invalid Access'); } $iditem = $_POST['iditem']; if (DeleteItem($iditem)) { echo 'success'; } else { echo 'edit item unsuccessfull'; } }
function cleanFilter($filterArray) { $criteriaArray = parseCriteriaXML(); // print_r($criteriaArray); die(); $result = (object) array(); $result->query = " "; $result->variables = array(); // $bool = true; foreach ($filterArray as $filter) { $tempQuery = ""; $tempVariables = array(); $tempCount = count($result->variables); $filter = explode(",", $filter); // echo $filter[0] . ' ' . $filter[3] . '<br>'; if ($filter[0] == 'AND' || $filter[0] == 'OR') { $tempQuery .= $filter[0] . ' '; } else { Error('Error in query'); } // Get query for the specified choice if (isset($criteriaArray[$filter[1]])) { $tempQuery .= $criteriaArray[$filter[1]]['query'] . ' '; // echo $tempQuery; } else { // $bool = false; // break; Error('Error in query'); } // Validate the inputs foreach ($criteriaArray[$filter[1]]['inputs'] as $key => $value) { // echo $key . $value .'<br>'; if ($filter[2 * ($key + 1)] == $value && $filter[2 * ($key + 1) + 1] != "") { $result->variables[":{$tempCount}"] = $filter[2 * ($key + 1) + 1]; $tempQuery = str_replace(":{$value}", ":{$tempCount}", $tempQuery); $tempCount++; } else { // $bool = false; // break; Error('Error in query'); } } // if(!$bool){ // break; // } $result->query .= $tempQuery; } // if(!$bool){ // $result->query = ""; // $result->variables = array(); // } return $result; }
function create_post() { if (!is_logged_in() || !is_post_parameter_complete(array('post-message'))) { Error('Forbidden Access'); } if (AddPost($_SESSION['user']['username'], $_POST['post-message'])) { echo 'success'; die; } else { echo 'Message was not posted successfully.'; die; } }
function create_item() { if (!is_admin() || !is_post_parameter_complete(GetFormInputNames($GLOBALS['itemForm']))) { Error('Invalid Access'); } $item = CleanFormInput($GLOBALS['itemForm'], $_POST); if (!$item) { Error('Erroneous Parameters'); } if (AddItem($item)) { echo 'success'; } else { echo 'create item unsuccessfull'; } }