public function UserLogin($userNIM, $password)
{
$this->db->where('userNIM', $userNIM);
$this->db->where('userPass', MD5($password));
$query = $this->db->get("msuser");
return $query->result();
}
/**
* 生成支付代码.
*
* @param array $order 订单信息
* @param array $payment 支付方式信息
*/
public function get_code($order, $payment)
{
$billstr = date('His', time());
$datestr = date('Ymd', time());
$mer_code = $payment['ips_account'];
$billno = str_pad($order['log_id'], 10, '0', STR_PAD_LEFT) . $billstr;
$amount = sprintf('%0.02f', $order['order_amount']);
$strcert = $payment['ips_key'];
$strcontent = $billno . $amount . $datestr . 'RMB' . $strcert;
// 签名验证串 //
$signmd5 = MD5($strcontent);
$def_url = '<br /><form style="text-align:center;" action="https://pay.ips.com.cn/ipayment.aspx" method="post" target="_blank">';
$def_url .= "<input type='hidden' name='Mer_code' value='" . $mer_code . "'>\n";
$def_url .= "<input type='hidden' name='Billno' value='" . $billno . "'>\n";
$def_url .= "<input type='hidden' name='Gateway_type' value='" . $payment['ips_currency'] . "'>\n";
$def_url .= "<input type='hidden' name='Currency_Type' value='RMB'>\n";
$def_url .= "<input type='hidden' name='Lang' value='" . $payment['ips_lang'] . "'>\n";
$def_url .= "<input type='hidden' name='Amount' value='" . $amount . "'>\n";
$def_url .= "<input type='hidden' name='Date' value='" . $datestr . "'>\n";
$def_url .= "<input type='hidden' name='DispAmount' value='" . $amount . "'>\n";
$def_url .= "<input type='hidden' name='OrderEncodeType' value='2'>\n";
$def_url .= "<input type='hidden' name='RetEncodeType' value='12'>\n";
$def_url .= "<input type='hidden' name='Merchanturl' value='" . return_url(basename(__FILE__, '.php')) . "'>\n";
$def_url .= "<input type='hidden' name='SignMD5' value='" . $signmd5 . "'>\n";
$def_url .= "<input type='submit' value='" . $GLOBALS['_LANG']['pay_button'] . "'>";
$def_url .= '</form><br />';
return $def_url;
}
public function create_user($name, $mail, $psw)
{
$data = array('user_name' => $name, 'user_mail_address' => $mail, 'user_psw' => MD5($psw), 'user_created_at' => date('Y-m-d H:i:s'));
$this->db->insert('users', $data);
$result = array('is' => $this->db->insert_id(), 'status' => true);
return $result;
}
function update_password()
{
$username = $this->input->post('username');
$password = $this->input->post('password');
$password = MD5($password);
$baru = $this->input->post('baru');
$ulang = $this->input->post('ulang');
$result = $this->admin_model->cek($username, $password);
if ($result) {
if ($baru == $ulang) {
$id = $this->session->userdata('id');
$data_admin = array('password' => md5($this->input->post('baru')), 'nama' => $this->input->post('nama'), 'username' => $this->input->post('username'));
$this->admin_model->update_data('tbl_admin', 'id_admin', $id, $data_admin);
$data['message'] = '<font color="#00B000">' . 'Anda berhasil ganti password !' . '</font>';
$data['view'] = 'pages/profil_admin';
$this->load->view('home/home', $data);
} else {
$data['message'] = '<font color="#FF0000">' . 'Pasword baru tidak cocok,Mohon di ulangi password baru anda !' . '</font>';
$data['view'] = 'pages/profil_admin';
$this->load->view('home/home', $data);
}
} else {
//if form validate false
$data['message'] = '<font color="#FF0000">' . 'Username dan Password lama salah !' . '</font>';
$data['view'] = 'pages/profil_admin';
$this->load->view('home/home', $data);
// return FALSE;
}
}
function isvalidSession($htoken, $maxidletime = 0, $checkip = false)
{
global $cfg;
$token = rawurldecode($htoken);
#check if we got what we expected....
if ($token && !strstr($token, ":")) {
return FALSE;
}
#get the goodies
list($hash, $expire, $ip) = explode(":", $token);
#Make sure the session hash is valid
if (md5($expire . SESSION_SECRET . $this->userID) != $hash) {
return FALSE;
}
#is it expired??
if ($maxidletime && time() - $expire > $maxidletime) {
return FALSE;
}
#Make sure IP is still same ( proxy access??????)
if ($checkip && strcmp($ip, MD5($this->ip))) {
return FALSE;
}
$this->validated = TRUE;
return TRUE;
}
private function __WriteCache($Url, $Data)
{
$Cache_File = $GLOBALS['Cache_Folder'] . MD5($Url);
$Open = fopen($Cache_File, 'w');
fwrite($Open, $Data);
fclose($Open);
}
public function loging()
{
if ($this->_session('verify') != md5($this->_post('proving'))) {
$this->error('验证码错误!');
exit;
}
$user = D("User");
$condition['username'] = $this->_post('username');
$condition['password'] = $user->userMd5($this->_post('password'));
$list = $user->where($condition)->select();
if ($list) {
session('user_name', $condition['username']);
//设置session
session('user_uid', $list[0]['id']);
session('user_verify', MD5($condition['username'] . DS_ENTERPRISE . $condition['password'] . DS_EN_ENTERPRISE));
session('verify', null);
//删除验证码
//session(null); //清空
$this->userLog('会员登陆', $this->_session('user_uid'));
//会员记录
$this->success("用户登录成功", '__ROOT__/Center.html');
exit;
} else {
$this->error('用户名或密码错误');
exit;
}
}
public function add()
{
if ($this->request->is('post')) {
$this->User->create();
$this->request->data['Group']['Group'][] = (int) Configure::read('Settings.Company.DefaultGroupId');
$this->request->data['User']['date_joined'] = gmdate('Y-m-d H:i:s');
$password = getPassword();
$this->request->data['User']['password'] = $password;
$signature = substr(MD5($this->request->data['User']['email'] . $this->request->data['User']['date_joined']), 0, 7);
$this->request->data['User']['signature'] = $signature;
if ($this->User->save($this->request->data)) {
//save Signature archive
$arrSignature = array();
$arrSignature['SignatureArchive']['user_id'] = $this->User->id;
$arrSignature['SignatureArchive']['signature'] = $signature;
$arrSignature['SignatureArchive']['user_modify'] = $this->Session->read('Auth.User.id');
$arrSignature['SignatureArchive']['date_from'] = gmdate('Y-m-d H:i:s');
$arrSignature['SignatureArchive']['date_till'] = gmdate('Y-m-d H:i:s');
$this->SignatureArchive->save($arrSignature);
$mail_content = "Account informations: \n\n" . "Name: " . $this->request->data['User']['name'] . "\n" . "Email login: "******"\n" . "Password: "******"\n" . "Signature: " . $signature . "\n";
$arr_options = array('to' => array($this->request->data['User']['email']), 'viewVars' => array('content' => $mail_content));
$this->_sendEmail($arr_options);
$this->Session->setFlash(__('The user has been saved'));
return $this->redirect(array('action' => 'index'));
}
} else {
$companyid = $this->Session->read('company_id');
if ($companyid) {
$this->request->data['User']['company_id'] = $companyid;
}
}
$this->render('edit');
}
function db($host = null, $port = null, $user = null, $password = null, $db_name = null)
{
$db_key = MD5($host . '-' . $port . '-' . $user . '-' . $password . '-' . $db_name);
if (!isset($GLOBALS['LP_' . $db_key])) {
include_once AROOT . 'config/db.config.php';
//include_once( CROOT . 'lib/db.function.php' );
$db_config = $GLOBALS['config']['db'];
if ($host == null) {
$host = $db_config['db_host'];
}
if ($port == null) {
$port = $db_config['db_port'];
}
if ($user == null) {
$user = $db_config['db_user'];
}
if ($password == null) {
$password = $db_config['db_password'];
}
if ($db_name == null) {
$db_name = $db_config['db_name'];
}
//if( !$GLOBALS['LP_'.$db_key] = mysql_connect( $host.':'.$port , $user , $password , true ) )
if (!($GLOBALS['LP_' . $db_key] = mysqli_connect($host, $user, $password, $db_name, $port))) {
//
echo 'can\'t connect to database';
return false;
}
mysqli_query($GLOBALS['LP_' . $db_key], "SET NAMES 'UTF8'");
}
return $GLOBALS['LP_' . $db_key];
}
/**
* Render Template (php file aja)
*
* @param string $templateFile
* @param unknown $data
*/
public function render($templateFile = '', $data = array())
{
if (!empty($templateFile)) {
$cacheDir = realpath($this->appPath . DS . '..') . DS . 'storage' . DS . 'cache' . DS . 'templates';
$cacheFile = $cacheDir . DS . MD5($this->viewPath . str_replace('.' . $this->config['templateExtension'], '', $templateFile)) . '.php';
if (!file_exists($cacheFile) || ($this->config['cache'] === 'false' || $this->config['cache'] === false)) {
$templateTmp = file_get_contents($this->viewPath . DS . $templateFile);
preg_match_all("~\\{\\{\\s*(.*?)\\s*\\}\\}~", $templateTmp, $block);
foreach ($block[1] as $k => $v) {
if ($v === 'php') {
$templateTmp = str_replace('{{php}}', '<?php', $templateTmp);
} elseif ($v === '/php') {
$templateTmp = str_replace('{{/php}}', '?>', $templateTmp);
} else {
$blockTemplate = $this->includeBlock($v);
$templateTmp = str_replace('{{' . $v . '}}', $blockTemplate, $templateTmp);
}
}
$templateTmp .= "\n <!-- Generated at: " . date('Y-m-d H:i:s') . " -->";
$fp = fopen($cacheFile, 'w');
$write = fwrite($fp, $templateTmp);
fclose($fp);
}
extract((array) $data);
require_once $cacheFile;
}
}
/** do login in cred. matches
* @param $_post data
* @redirect to dashboard if cred. matches
*/
protected function __postLogin()
{
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$userData = $this->user->getBy('email', $username);
if (isset($userData) && !empty($userData)) {
if (MD5($password) == $userData['0']['password']) {
//set the session to true
Session::set('loggin', true);
// if matches username and password redirect to dashboard
$this->redirect('admin/dashboard');
} else {
//when password is wrong
$response = array();
$response['message'][] = 'Your password is wrong, please try again !';
$this->view('admin/login', $response);
}
} else {
// when username is wrong
$response = array();
$response['message'][] = 'Your Username is wrong, please try again !';
$this->view('admin/login', $response);
}
} else {
// if user press submit button without entering username and password
$response = array();
$response['message'][] = 'Please enter username and password to login !';
$this->view('admin/login', $response);
}
}
private function _getConnect($type)
{
try {
if (empty($this->_conf['slave'])) {
$this->_conf['slave'] = $this->_conf['master'];
}
if ($type === 'slave') {
$key = MD5($this->_conf['slave']['database'] . $this->_conf['slave']['host'] . $this->_conf['slave']['port'] . $this->_conf['slave']['username'] . $this->_conf['slave']['password']);
if (isset(self::$_instance[$key])) {
$this->_pdo = self::$_instance[$key];
return;
}
$dsn = "mysql:dbname=" . $this->_conf['slave']['database'] . ";host=" . $this->_conf['slave']['host'] . ';port=' . $this->_conf['slave']['port'];
$username = $this->_conf['slave']['username'];
$password = $this->_conf['slave']['password'];
} else {
$key = MD5($this->_conf['master']['database'] . $this->_conf['master']['host'] . $this->_conf['master']['port'] . $this->_conf['master']['username'] . $this->_conf['master']['password']);
if (isset(self::$_instance[$key])) {
$this->_pdo = self::$_instance[$key];
return;
}
$dsn = "mysql:dbname=" . $this->_conf['master']['database'] . ";host=" . $this->_conf['master']['host'] . ';port=' . $this->_conf['master']['port'];
$username = $this->_conf['master']['username'];
$password = $this->_conf['master']['password'];
}
self::$_instance[$key] = new PDO($dsn, $username, $password, array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES " . $this->_conf['charset']));
$this->_pdo = self::$_instance[$key];
$this->_pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// 设置错误模式为exceptions异常。
$this->_pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
//禁用预处理语句的模拟
} catch (PDOException $e) {
throw new Exception('连接数据库失败:' . $e->getMessage());
}
}
public static function login(Cart66Account $account)
{
$name = $account->firstName . ' ' . $account->lastName;
$email = $account->email;
$externalId = $account->id;
$organization = Cart66Setting::getValue('zendesk_organization');
$key = Cart66Setting::getValue('zendesk_token');
$prefix = Cart66Setting::getValue('zendesk_prefix');
if (Cart66Setting::getValue('zendesk_jwt')) {
$now = time();
$token = array("jti" => md5($now . rand()), "iat" => $now, "name" => $name, "email" => $email);
include_once CART66_PATH . "/pro/models/JWT.php";
$jwt = JWT::encode($token, $key);
// Redirect
header("Location: https://" . $prefix . ".zendesk.com/access/jwt?jwt=" . $jwt);
exit;
} else {
/* Build the message */
$ts = isset($_GET['timestamp']) ? $_GET['timestamp'] : time();
$message = $name . '|' . $email . '|' . $externalId . '|' . $organization . '|||' . $key . '|' . $ts;
$hash = MD5($message);
$remoteAuthUrl = 'http://' . $prefix . '.zendesk.com/access/remoteauth/';
$arguments = array('name' => $name, 'email' => $email, 'external_id' => $externalId, 'organization' => $organization, 'timestamp' => $ts, 'hash' => $hash);
$url = add_query_arg($arguments, $remoteAuthUrl);
header("Location: " . $url);
exit;
}
}
/**
+--------------------------------------------------
* 生成图片缩略图
+--------------------------------------------------
*/
public function img_thumb()
{
$gData = checkData($_GET);
$w = $gData['w'] + 0;
$h = $gData['h'] + 0;
$allow_width = array(300, 720);
$allow_height = array(168, 405);
if (!in_array($w, $allow_width)) {
die(json_encode(array('code' => -201, "msg" => "参数错误")));
}
if (!in_array($h, $allow_height)) {
die(json_encode(array('code' => -202, "msg" => "参数错误")));
}
$img_path = substr(HTML_PATH, 0, -1);
///images/videos/14999572630/screenshot/1d1c67cd5c1926a6e379fb78c711b87b_360X640.png
$img_file = MD5(xxx);
if (!file_exists($img_file)) {
//生成图片
} else {
//读取图片
}
// $this->img_operate->open($img_path.$addData['pic_url']);
// if ($this->img_operate->width() == '135' && $this->img_operate->height() == '135') {
// $this->img_operate->save(HTML_PATH . '/images/videos/' . $_v['video_id'] . '/yingyongbao/', $imageName);
// } else {
// $this->img_operate->thumb(300, 300, 3)->save(HTML_PATH . '/images/videos/' . $_v['video_id'] . '/yingyongbao/', $imageName);
// $this->img_operate->open(HTML_PATH . '/images/videos/' . $_v['video_id'] . '/yingyongbao/' . $imageName);
// $this->img_operate->thumb(135, 135, 1)->save(HTML_PATH . '/images/videos/' . $_v['video_id'] . '/yingyongbao/', $imageName);
// }
//
// $this->img_operate->thumb(300, 300, 3)->save(HTML_PATH . '/images/videos/' . $_v['video_id'] . '/yingyongbao/', $imageName);
// $this->img_operate->open(HTML_PATH . '/images/videos/' . $_v['video_id'] . '/yingyongbao/' . $imageName);
}
/**
* Set VerificationString if not set
* If not verified log out user and display message.
*/
function onBeforeWrite()
{
parent::onBeforeWrite();
if (!$this->owner->VerificationString) {
$this->owner->VerificationString = MD5(rand());
}
if (!$this->owner->Verified) {
if (!$this->owner->VerificationEmailSent) {
if (!self::$hasOnBeforeWrite) {
self::$hasOnBeforeWrite = true;
$this->owner->sendemail($this->owner, false);
}
}
if (Member::currentUserID() && $this->owner->Email == Member::currentUser()->Email) {
Security::logout(false);
if (!is_null(Controller::redirectedTo())) {
$messageSet = array('default' => _t('EmailVerifiedMember.EMAILVERIFY', 'Please verify your email address by clicking on the link in the email before logging in.'));
}
Session::set("Security.Message.type", 'bad');
Security::permissionFailure(Controller::curr(), $messageSet);
} else {
return;
}
} else {
return;
}
}
public function loginhandler()
{
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$info = $this->getdata->getContentAdvance('dfbadmin', array('username' => $username));
if (property_exists($info, 'username')) {
$post_pwd = MD5("MonkeyKing" . $password);
$db_pwd = $info->password;
if ($post_pwd == $db_pwd) {
$_SESSION['username'] = $info->username;
$_SESSION['userid'] = $info->id;
$_SESSION['usertype'] = "admin";
//echo json_encode(array("result"=>"success","message"=>"登录成功!"));
$this->load->view('redirect', array('url' => '/admin/index'));
} else {
echo json_encode(array("result" => "failed", "message" => "密码错误!"));
}
} else {
echo json_encode(array("result" => "failed", "message" => "用户名不存在!"));
}
} else {
echo json_encode(array("result" => "failed", "message" => "请输入用户名和密码!"));
}
}
function reset_password()
{
extract($_POST);
$data['passward'] = MD5('123456');
$this->db->where('user_name', $username);
$this->db->update('users_tb', $data);
}
public function submit()
{
if ($this->session->userdata('logged_in')) {
$session_array = $this->session->userdata('logged_in');
if ($this->input->post('password1') != $this->input->post('password2')) {
$data = $this->session->userdata('logged_in');
$data['msg'] = "Passwords do not match.";
$this->load->model('SET_model');
$data['SET'] = $this->SET_model->getRecords();
$this->load->view('change_password', $data);
} else {
if (MD5($this->input->post('password') . $session_array['salt']) != $session_array['password']) {
$data = $this->session->userdata('logged_in');
$this->load->model('SET_model');
$data['SET'] = $this->SET_model->getRecords();
$data['msg'] = "Invalid password.";
$this->load->view('change_password', $data);
} else {
$data = array('password' => MD5($this->input->post('password1') . $session_array['salt']));
$this->user->updateRecord($data, $session_array['username']);
$data = $this->session->userdata('logged_in');
$data['msg'] = "Password changed.";
$this->load->view('change_password', $data);
}
}
} else {
redirect('home', 'refresh');
}
}
/**
* Manage confirm requests from STP API server
* Confirm payment was actually made and effective.
* Notify platform admin to proceed with payment to the receiver from the appropriate platform
*/
public function confirmPayment()
{
$payment = array('stp_transact_status' => Input::get('merchantAccount'), 'date' => Input::get('date'), 'amount' => Input::get('amount'), 'member' => Input::get('member'), 'item_id' => Input::get('item_id'), 'email' => Input::get('email'), 'memo' => Input::get('memo'), 'tr_id' => Input::get('tr_id'), 'receiver' => Input::get('user1'), 'provider' => Input::get('user2'));
print_r($payment);
//transaction verification and authentication scheme
$secondary_password = '******';
$secondary_password = md5($secondary_password . 's+E_a*');
//encryption for db
$hash_received = MD5($_POST['tr_id'] . ":" . MD5($secondary_password) . ":" . $_POST['amount'] . "\n :" . $_POST['merchantAccount'] . ":" . $_POST['payerAccount']);
if ($hash_received == $_POST['hash']) {
// valid payment
$transaction = new IcePayTransaction();
$transaction->user_id = Auth::user()->id;
$transaction->tid = $payment['tr_id'];
//transaction id or transaction bordereaux
$transaction->sender_email = Auth::user()->email;
//$payer['email']; //sender's email
$transaction->receiver_email = $payment['receiver'];
//receiver's email or number
$transaction->type = 'STP to ' . $payment['provider'];
$transaction->status = 'pending';
//$transaction_json['related_resources'][0]['sale']['state'];
$transaction->amount = $payment['amount'];
//total amount deducted and transferred
$transaction->currency = '';
$transaction->save();
Mail::send(['html' => 'emails.auth.transactionemail'], array('tdate' => $payment['date'], 'tid' => $payment['tr_id'], 'sender_email' => Auth::user()->email, 'sender_number' => Auth::user()->number, 'receiver_email' => 'TEST', 'receiver_number' => $payment['receiver'], 'status' => 'PENDING', 'amount' => $payment['amount'], 'charge' => '0.0 USD', 'total' => $payment['amount'] . ' ', 'mode' => 'STP to ' . $payment['provider']), function ($message) use($email, $username) {
$message->to($email, $username)->subject('Transaction Receipt');
});
return Redirect::route('dashboard')->with('alertMessage', 'STP Transaction successful');
} else {
// invalid payment; the payment has been altered
return Redirect::route('dashboard')->with('alertError', 'Invalid Payment. The payment may have been altered. Please try again');
}
}
/**
* Execute the action
* @param array command line parameters specific for this command
* args[0] is the file name that contains the user
*/
public function run($args)
{
echo "Running...\n";
$file = fopen($args[0], "r");
if ($file == 0) {
exit("Unable to open file!");
}
while (!feof($file)) {
$line = fgets($file);
$line = str_replace("\n", "", $line);
$line = str_replace("\r", "", $line);
$info = explode("|", $line);
$user = new User();
//remove the dirty data(zip code is not numeric)
if (is_numeric($info[4])) {
$user->id = (int) $info[0];
$user->age = (int) $info[1];
$user->gender = $info[2];
$user->occupation = $info[3];
$user->zipCode = $info[4];
$user->email = "*****@*****.**";
$user->password = MD5("recsys-nju");
$user->nickname = "NJUer";
$user->ageCommunityId = $this->clusterAge($user->age);
$user->locationCommunityId = $this->clusterLocation($user->zipCode);
$user->occupationCommunityId = $this->clusterOccupation($user->occupation);
if (!$user->save()) {
echo "user" . $user->id . " fails to save\n";
} else {
echo "user" . $user->id . " saved\n";
}
}
}
echo "Complete\n";
}
public function atualizaEad($p, $senha)
{
$controle_teste = $_SESSION['controle_teste'];
global $controle_teste;
if ($_SESSION['controle_teste'] != '') {
return 1;
}
$this->sql = "SELECT id\n\t\t\t\t\tFROM mdl_user user\n\t\t\t\t\tWHERE username=?";
$this->values = array($p->email);
$res = $this->fetch();
#criptografa a senha com a chave do arquivo config.php do EAD
$senhaead = MD5($senha . '20n@]9Rsoftfox.com.br`y>AIoDIE3T');
if ($p->status == 'Ativo' and ($p->statusEmp == 'Ativo' or $p->statusEmp == 'Inativo')) {
$suspended = 0;
} else {
$suspended = 1;
}
$nome1 = explode(' ', $p->nome);
if ($nome1[0] == 'Administrador') {
$nome1[0] = 'Admin';
}
if ($nome1[1] == '') {
$nome1[1] = 'Cartório';
}
if ($res[0]->id != '') {
$this->sql = "update mdl_user set password=?, suspended=?, username=?, firstname=?,lastname=?, city=? WHERE id=?";
$this->values = array($senhaead, $suspended, $p->email, $nome1[0], $nome1[1], $p->bairro . '-' . $p->cidade . '-' . $p->estado, $res[0]->id);
$valor = $this->exec();
} else {
$this->sql = "insert into mdl_user (timemodified,firstaccess,timecreated,confirmed,ajax,mnethostid,password,suspended,username,firstname,lastname, email, city,country,lang,timezone,descriptionformat,mailformat, maildisplay,htmleditor,autosubscribe,trackforums) \n values ('1342642560','1342642560','1342642560','1','0','1','" . $senhaead . "', '" . $suspended . "', '" . $p->email . "', '" . $nome1[0] . "', '" . $nome1[1] . "', '" . $p->email . "', '" . $p->bairro . '-' . $p->cidade . '-' . $p->estado . "','BR','pt_br','99','1','1','2','1','1','1')";
$this->values = array();
$valor = $this->exec();
}
return $valor;
}
public function login()
{
//var_dump(123132);
if (property_exists($this->_data, "username") && property_exists($this->_data, "password")) {
$username = $this->_data->username;
$password = $this->_data->password;
$info = $this->getdata->getContentAdvance('admin', array('username' => $username));
if (property_exists($info, 'username')) {
$post_pwd = MD5("MonkeyKing" . $password);
$db_pwd = $info->password;
if ($post_pwd == $db_pwd) {
$_SESSION['username'] = $info->username;
$_SESSION['userid'] = $info->id;
$_SESSION['usertype'] = "admin";
echo json_encode(array("result" => "success", "message" => "登录成功!"));
} else {
echo json_encode(array("result" => "failed", "message" => "密码错误!"));
}
} else {
echo json_encode(array("result" => "failed", "message" => "用户名不存在!"));
}
} else {
echo json_encode(array("result" => "failed", "message" => "请输入用户名和密码!"));
}
}
function login($email, $password)
{
$user_id = user_id_from_email($email);
$email = sanitize($email);
$password = MD5($password);
return mysql_result(mysql_query("SELECT COUNT(user_id) FROM users WHERE email = '{$email}' AND password = '******'"), 0) == 1 ? $user_id : false;
}
function sendIcalEvent($from_name, $from_address, $to_name, $to_address, $startTime, $endTime, $subject, $description, $location)
{
$domain = 'exchangecore.com';
//Create Email Headers
$mime_boundary = "----Meeting Booking----" . MD5(TIME());
$headers = "From: " . $from_name . " <" . $from_address . ">\n";
$headers .= "Reply-To: " . $from_name . " <" . $from_address . ">\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-Type: multipart/alternative; boundary=\"{$mime_boundary}\"\n";
$headers .= "Content-class: urn:content-classes:calendarmessage\n";
//Create Email Body (HTML)
$message = "--{$mime_boundary}\r\n";
$message .= "Content-Type: text/html; charset=UTF-8\n";
$message .= "Content-Transfer-Encoding: 8bit\n\n";
$message .= "<html>\n";
$message .= "<body>\n";
$message .= '<p>Dear ' . $to_name . ',</p>';
$message .= '<p>' . $description . '</p>';
$message .= "</body>\n";
$message .= "</html>\n";
$message .= "--{$mime_boundary}\r\n";
$ical = 'BEGIN:VCALENDAR' . "\r\n" . 'PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN' . "\r\n" . 'VERSION:2.0' . "\r\n" . 'METHOD:REQUEST' . "\r\n" . 'BEGIN:VTIMEZONE' . "\r\n" . 'TZID:Eastern Time' . "\r\n" . 'BEGIN:STANDARD' . "\r\n" . 'DTSTART:20091101T020000' . "\r\n" . 'RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=11' . "\r\n" . 'TZOFFSETFROM:-0400' . "\r\n" . 'TZOFFSETTO:-0500' . "\r\n" . 'TZNAME:EST' . "\r\n" . 'END:STANDARD' . "\r\n" . 'BEGIN:DAYLIGHT' . "\r\n" . 'DTSTART:20090301T020000' . "\r\n" . 'RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=2SU;BYMONTH=3' . "\r\n" . 'TZOFFSETFROM:-0500' . "\r\n" . 'TZOFFSETTO:-0400' . "\r\n" . 'TZNAME:EDST' . "\r\n" . 'END:DAYLIGHT' . "\r\n" . 'END:VTIMEZONE' . "\r\n" . 'BEGIN:VEVENT' . "\r\n" . 'ORGANIZER;CN="' . $from_name . '":MAILTO:' . $from_address . "\r\n" . 'ATTENDEE;CN="' . $to_name . '";ROLE=REQ-PARTICIPANT;RSVP=TRUE:MAILTO:' . $to_address . "\r\n" . 'LAST-MODIFIED:' . date("Ymd\\TGis") . "\r\n" . 'UID:' . date("Ymd\\TGis", strtotime($startTime)) . rand() . "@" . $domain . "\r\n" . 'DTSTAMP:' . date("Ymd\\TGis") . "\r\n" . 'DTSTART;TZID="Eastern Time":' . date("Ymd\\THis", strtotime($startTime)) . "\r\n" . 'DTEND;TZID="Eastern Time":' . date("Ymd\\THis", strtotime($endTime)) . "\r\n" . 'TRANSP:OPAQUE' . "\r\n" . 'SEQUENCE:1' . "\r\n" . 'SUMMARY:' . $subject . "\r\n" . 'LOCATION:' . $location . "\r\n" . 'CLASS:PUBLIC' . "\r\n" . 'PRIORITY:5' . "\r\n" . 'BEGIN:VALARM' . "\r\n" . 'TRIGGER:-PT15M' . "\r\n" . 'ACTION:DISPLAY' . "\r\n" . 'DESCRIPTION:Reminder' . "\r\n" . 'END:VALARM' . "\r\n" . 'END:VEVENT' . "\r\n" . 'END:VCALENDAR' . "\r\n";
$message .= 'Content-Type: text/calendar;name="meeting.ics";method=REQUEST' . "\n";
$message .= "Content-Transfer-Encoding: 8bit\n\n";
$message .= $ical;
$mailsent = mail($to_address, $subject, $message, $headers);
return $mailsent ? true : false;
}
function verifikasi()
{
$this->form_validation->set_rules('mobile', 'No Handphone', 'required|numeric');
if ($this->form_validation->run() == true) {
$mobile = $this->input->post('mobile');
$cekvote = $this->m_register->cekvotejalan($mobile);
if ($cekvote->num_rows() > 0) {
$no = $cekvote->row_array();
redirect('jalan/edit/' . $no['polling_id']);
} else {
$today = date("Ymd");
$msg = substr(md5($mobile + $today), "0", "4");
$user = "******";
$password = "******";
$auth = MD5($user . $password . $mobile);
$trxid = "sms0000000001";
$msg = urlencode($msg);
$info = array('mobile' => $this->input->post('mobile'), 'kode_verifikasi' => $msg);
$this->m_register->addVoter($info);
$data = 'username='******'&mobile=' . $mobile . '&message=' . $msg . '&auth=' . $auth . '&trxid=' . $trxid;
$curlHandle = curl_init('http://send2.smsmasking.co.id/sms/api_proxy/sendsms.php?' . $data);
curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curlHandle, CURLOPT_HEADER, 0);
$data = curl_exec($curlHandle);
curl_close($curlHandle);
$this->send();
}
} else {
$data['message'] = "";
$this->load->template('jalan/registrasi', $data);
}
}
function generate_mdp()
{
$this->load->helper('security');
$this->load->helper('string');
$mdp = MD5(random_string('alnum', 12));
return $mdp;
}
public function studentAdd($data = array())
{
if (!empty($data)) {
$account_data['login_email'] = $data['login_email'];
$account_data['login_pass'] = MD5(Crypt::encrypt(123456));
//默认密码
$account_data['account_type'] = 2;
//默认账户类型
$account_data['create_time'] = $data['create_time'];
$account_data['modify_time'] = $data['modify_time'];
$account_id = D('Account')->accountAdd($account_data);
if ($account_id) {
$data['account_id'] = $account_id;
$bool = $this->data($data)->add();
if ($bool) {
return array('status' => 'true', 'msg' => '新增学员成功', 'data' => $bool);
} else {
// $bool = D('Account')->accountDelete(); to do ...
return array('status' => 'true', 'msg' => '新增学员失败', 'data' => $account_id);
}
} else {
return array('status' => 'false', 'msg' => '学员Account添加失败');
}
}
}
function login($username, $password)
{
$this->db->select("*");
$this->db->from("account");
$this->db->where("username", $username);
$this->db->where("password", MD5($password));
$login = $this->db->get()->result();
$this->latestErr = "Email or password is not correct. Please make sure them correctly and try again.";
// The results of the query are stored in $login.
// If a value exists, then the user account exists and is validated
if (is_array($login) && count($login) == 1) {
// Set the users details into the $details property of this class
$this->details = $login[0];
// This user is not verified yet...
if ($this->details->status == 0) {
$this->latestErr = "This account is not verified. please verify via email and try again.";
return false;
}
$this->latestErr = "";
// Call set_session to set the user's session vars via CodeIgniter
$this->set_session();
return true;
}
return false;
}
public function index()
{
if (isset($_POST['name'])) {
if ($this->_session('verify') != md5($this->_post('proving'))) {
$this->error('验证码错误!');
exit;
}
$User = D("Admin");
// 实例化User对象
$condition['username'] = $this->_post('name');
$condition['password'] = $User->adminMd5($this->_post('passw'));
$list = $User->where($condition)->find();
if ($list) {
session('admin_name', $list['username']);
//设置session
session('admin_uid', $list['id']);
session('admin_verify', MD5($list['username'] . DS_ENTERPRISE . $list['password'] . DS_EN_ENTERPRISE));
session('verify', null);
//删除验证码
//session(null); //清空
$this->Record('管理员登陆成功');
//后台操作
$this->success('用户登录成功', __APP__ . '/' . TIFAWEB_DSWJCMS . '/Index/index');
exit;
} else {
$this->error('用户名或密码错误');
exit;
}
}
$this->display();
}
/**
* @param Schedule $schedule
* @return bool
* @throws \yii\web\BadRequestHttpException
*/
public static function sendCalendarInvite($schedule)
{
if ($schedule->className() !== Schedule::className()) {
throw new BadRequestHttpException('Invalid request');
}
//Create Email Headers
$mime_boundary = '----Meeting Booking----' . MD5(TIME());
$headers = "From: " . self::$from_name . " <" . self::$from_address . ">\n";
$headers .= "Reply-To: " . self::$from_name . " <" . self::$from_address . ">\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-Type: multipart/alternative; boundary=\"{$mime_boundary}\"\n";
$headers .= "Content-class: urn:content-classes:calendarmessage\n";
//Create Email Body (HTML)
$message = "--{$mime_boundary}\r\n";
$message .= "Content-Type: text/html; charset=UTF-8\n";
$message .= "Content-Transfer-Encoding: 8bit\n\n";
$message .= "<html>\n";
$message .= "<body>\n";
$message .= '<p>' . $schedule->description . '</p>';
$message .= "<h4>Tickets:</h4>\n";
$message .= "<ul>\n";
foreach ($schedule->notes as $note) {
$message .= '<li>' . Html::a($note->ticket->fullName, Url::base(true) . Url::to(['/ticket/view', 'id' => $note->ticket_id])) . "</li>\n";
}
$message .= "</ul>\n";
$message .= '(' . Html::a('view calendar event', Url::to(['/schedule/view', 'id' => $schedule->id], true)) . ")\n";
$message .= "</body>\n";
$message .= "</html>\n";
$message .= "--{$mime_boundary}\r\n";
$message .= 'Content-Type: text/calendar;name="meeting.ics";method=REQUEST' . "\n";
$message .= "Content-Transfer-Encoding: 8bit\n\n";
$message .= 'BEGIN:VCALENDAR' . "\r\n" . 'METHOD:REQUEST' . "\r\n" . 'PRODID:-//Microsoft Corporation//Outlook 10.0 MIMEDIR//EN' . "\r\n" . 'VERSION:2.0' . "\r\n" . 'BEGIN:VTIMEZONE' . "\r\n" . 'TZID:Pacific Standard Time' . "\r\n" . 'BEGIN:STANDARD' . "\r\n" . 'DTSTART:16010101T020000' . "\r\n" . 'TZOFFSETFROM:-0700' . "\r\n" . 'TZOFFSETTO:-0800' . "\r\n" . 'RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=1SU;BYMONTH=11' . "\r\n" . 'END:STANDARD' . "\r\n" . 'BEGIN:DAYLIGHT' . "\r\n" . 'DTSTART:16010101T020000' . "\r\n" . 'TZOFFSETFROM:-0800' . "\r\n" . 'TZOFFSETTO:-0700' . "\r\n" . 'RRULE:FREQ=YEARLY;INTERVAL=1;BYDAY=2SU;BYMONTH=3' . "\r\n" . 'END:DAYLIGHT' . "\r\n" . 'END:VTIMEZONE' . "\r\n" . 'BEGIN:VEVENT' . "\r\n" . 'ORGANIZER;CN="' . $schedule->createdBy->name . '":MAILTO:' . self::$from_address . "\r\n" . 'ATTENDEE;CN="' . $schedule->tech->name . '";ROLE=REQ-PARTICIPANT;RSVP=TRUE:MAILTO:' . $schedule->tech->email . "\r\n" . 'LAST-MODIFIED:' . date("Ymd\\TGis") . "\r\n" . 'UID:' . date("Ymd\\TGis", strtotime($schedule->start_time)) . rand() . "@" . self::$domain . "\r\n" . 'DTSTAMP:' . date("Ymd\\TGis") . "\r\n" . 'DTSTART;TZID="Pacific Standard Time":' . date("Ymd\\THis", strtotime($schedule->start_time)) . "\r\n" . 'DTEND;TZID="Pacific Standard Time":' . date("Ymd\\THis", strtotime($schedule->endTime)) . "\r\n" . 'TRANSP:OPAQUE' . "\r\n" . 'SEQUENCE:1' . "\r\n" . 'SUMMARY:' . $schedule->invoice->location->fullName . "\r\n" . 'LOCATION:' . $schedule->invoice->location->address . "\r\n" . 'CLASS:PUBLIC' . "\r\n" . 'PRIORITY:5' . "\r\n" . 'BEGIN:VALARM' . "\r\n" . 'TRIGGER:-PT60M' . "\r\n" . 'ACTION:DISPLAY' . "\r\n" . 'DESCRIPTION:Reminder' . "\r\n" . 'END:VALARM' . "\r\n" . 'END:VEVENT' . "\r\n" . 'END:VCALENDAR' . "\r\n";
return self::send($schedule->tech->email, $schedule->invoice->location->fullName, $message, $headers);
}