Example #1
0
function syn_login($r_res)
{
    $oDb = getDb();
    checkUser($r_res);
    $Session = new Session($oDb);
    $Session->setKey($r_res['uid']);
    select_yjl_db();
}
Example #2
0
function isLoggedIn()
{
    if (isset($_COOKIE['email']) && isset($_COOKIE['password']) && checkUser($_COOKIE['email'], $_COOKIE['password']) > 0) {
        return 1;
    } else {
        return 0;
    }
}
Example #3
0
function loginWJson()
{
    global $JSON;
    $json = $JSON;
    //echo "json is";
    //echo json_encode($JSON);
    //echo (checkUser(@$json['login']['Email'],@$json['login']['password']))?"TRUE":"FALSE";
    return checkUser(@$json['login']['Email'], @$json['login']['password']);
}
Example #4
0
function addData($username, $password, $email) {

        if (!checkUser($username)) {
                if (mysql_query("INSERT INTO users (username, password, email) VALUES ('$username', '$password','$email')")) {
                        return true;
                }
        } else {
                return false;
        }
}
function userAuth($connection)
{
    $validUser = false;
    session_start();
    # Check for a user session set by the website.
    if (isset($_SESSION['user'])) {
        # Get the username and password stored in the session.
        $username = $_SESSION['user'][0];
        $password = $_SESSION['user'][1];
        # Check whether the information stored in the session matches up to a
        # valid user account.
        $validUser = checkUser($username, $password, $connection);
    }
    session_write_close();
    return $validUser;
}
function checkSubmitValues()
{
    global $showErr;
    /* Make sure at least one field was entered */
    if (!$_POST['user']) {
        $showErr = 'Please provide a valid username.';
        return FALSE;
    }
    /* Check if username is valid */
    $email = checkUser($_POST['user']);
    if (!$email) {
        $showErr = 'Sorry, the username: "******" could not be found.';
        return FALSE;
    }
    // If we get here, username is valid. Return the email address.
    return $email;
}
Example #7
0
function Register()
{
    if (empty($_POST['username'])) {
        Redirect("No Username was entered.", "register.php");
    } else {
        if (empty($_POST['password'])) {
            Redirect("No Password was entered.", "register.php");
        } else {
            if ($_POST['rePass'] != $_POST['password']) {
                Redirect("The passwords did not match!", "register.php");
            } else {
                if (empty($_POST['fname'])) {
                    Redirect("Please enter your first name.", "register.php");
                } else {
                    if (empty($_POST['lname'])) {
                        Redirect("Please enter your last name.", "register.php");
                    } else {
                        $username = $_POST['username'];
                        $password = md5($_POST['password']);
                        $fname = $_POST['fname'];
                        $lname = $_POST['lname'];
                        $db = mysqli_connect("localhost", "xinnk", "Final1245!", "login");
                        //make sure we connected to the database
                        if ($db->connect_errno) {
                            die("Connect failed: %s\n" . $db->connect_error);
                        }
                        // check the db for the user
                        if (!checkUser($username, $password, $db)) {
                            mysqli_close($db);
                            header("refresh:5;url=register.php");
                            print "User already exists.<br>" . "redirecting after 5 seconds... ";
                        } else {
                            createUser($username, $password, $fname, $lname, $db);
                        }
                    }
                }
            }
        }
    }
}
Example #8
0
function addUser($userName, $password, $email, $gender)
{
    if (checkUser($userName, $email) > 0) {
        return;
    }
    $sql = "INSERT INTO UserInfoTable (UserName,Password,Email,Gender) VALUES('{$userName}','{$password}','{$email}','{$gender}')";
    if (!exeSQL($sql)) {
        return;
    }
    //printf("add user $userName failed\n");
    $sql = "SELECT UserID from UserInfoTable WHERE UserName='******'";
    $res = exeSQL($sql);
    $row = mysql_fetch_array($res);
    $id = $row[0];
    addAlbum($id, "Face", "The user face album", time());
    addAlbum($id, "Default", "The default user album", time());
    $sql = "SELECT AlbumID FROM AlbumTable WHERE UserID={$id} AND AlbumName='Face'";
    $res = exeSQL($sql);
    $row = mysql_fetch_array($res);
    $albumID = $row[0];
    addPic($id, "DefaultFace.gif", 200, 200, "DefaultFace.gif", "/images/DefaultFace.gif", time(), time(), 0, 0, 0, $albumID);
}
Example #9
0
<?php

session_start();
require_once "../application/libraries/functions.php";
if (!(checkUser($_SESSION["email"], $_SESSION["password"]) && isAdmin($_SESSION["email"]))) {
    header("location: /admin/auth.php");
    exit;
}
Example #10
0
 * @author        Nils Laumaillé
 * @version       2.1.25
 * @copyright     (c) 2009-2015 Nils Laumaillé
 * @licensing     GNU AFFERO GPL 3.0
 * @link          http://www.teampass.net
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 */
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1 || !isset($_SESSION['user_id']) || empty($_SESSION['user_id']) || !isset($_SESSION['key']) || empty($_SESSION['key'])) {
    die('Hacking attempt...');
}
/* do checks */
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/checks.php';
if (!checkUser($_SESSION['user_id'], $_SESSION['key'], curPage())) {
    $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
    //not allowed page
    include $_SESSION['settings']['cpassman_dir'] . '/error.php';
    exit;
}
//load help
require_once $_SESSION['settings']['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '_admin_help.php';
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/main.functions.php';
//Get full list of groups
$arr_groups = array();
$rows = DB::query("SELECT id,title FROM " . prefix_table("nested_tree"));
foreach ($rows as $reccord) {
    $arr_groups[$reccord['id']] = $reccord['title'];
}
//display
Example #11
0
     $the_user = getUser($user_id);
     if (count($the_user)) {
         if (!isset($gusers1[$user_id])) {
             $gusers1[$user_id] = $the_user['user_name'];
             $gusers2 .= ';' . $user_id . ';';
         }
     }
 }
 if (isset($_GET['group_add_user']) && is_numeric($_GET['group_add_user'])) {
     // Adding a user
     if (!$login['user_access_useredit']) {
         showAccessDenied($day, $month, $year, $area, true);
         exit;
     }
     $user_id = $_GET['group_add_user'];
     if (checkUser($user_id)) {
         if (!array_key_exists($user_id, $gusers1)) {
             $gusers2 .= ';' . $user_id . ';';
         }
     } else {
         echo __('User does not exist');
         exit;
     }
     mysql_query("UPDATE `groups` SET `user_ids` = '" . $gusers2 . "' WHERE `group_id` = '{$gid}' LIMIT 1 ;");
     header("Location: admin_group.php?gid={$gid}");
     exit;
 }
 if (isset($_GET['group_del_user']) && is_numeric($_GET['group_del_user'])) {
     // Deleting a user
     if (!$login['user_access_useredit']) {
         showAccessDenied($day, $month, $year, $area, true);
Example #12
0
<?php

// Erzwingen das Session-Cookies benutzt werden und die SID nicht per URL transportiert wird
ini_set('session.use_only_cookies', '1');
ini_set('session.use_trans_sid', '0');
// Session starten
session_start();
// Funktionen einbinden
include '../admin/auth.php';
// Datenbankverbindung öffnen
$conid = db_connect();
// Benutzer prüfen
if (!checkUser($conid)) {
    resetUser();
}
// Benutzer abmelden
if ($_GET['benutzer'] == 'abmelden') {
    resetUser();
}
if (!empty($_POST['name'])) {
    require_once '../conf/DbConnectorW.php';
    $db = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die('<p><font color=red>Fehler bei der Datenbankverbindung: ' . mysqli_connect_errno() . ': ' . mysqli_connect_error() . '</p>');
    $sql = "INSERT INTO Series (Ser_Name, Author_Auth_ID) VALUES ('{$_POST['name']}',{$_POST['author']})";
    mysqli_query($db, $sql);
    $sql = "SELECT User_has_Groups.Groups_ID, User.Name, User.ID FROM User, User_has_Groups WHERE LOWER(`Name`) = '" . mysqli_real_escape_string($db, $_SESSION['benutzername']) . "' and User.ID = User_has_Groups.User_ID";
    $result = mysqli_query($db, $sql);
    $zeile = mysqli_fetch_array($result);
    $sql = "SELECT MAX(`Ser_ID`) AS Ser_ID FROM Series";
    $result = mysqli_query($db, $sql);
    $zeile2 = mysqli_fetch_array($result);
    $sql = "INSERT INTO Log (`Time`, `Activity`, `User_ID`, `Groups_ID`) VALUES (NOW(), '{$zeile['Name']} added Creator with ID {$zeile2['Ser_ID']}', {$zeile['ID']}, {$zeile['Groups_ID']})";
<?php

require_once './library/config.php';
require_once './library/functions.php';
checkUser();
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {
    case 'makeComplain':
        makeComplain();
        break;
    case 'makeComplainFac':
        makeComplainFac();
        break;
    case 'assignComplain':
        assignComplain();
        break;
    case 'assignComplainFac':
        assignComplainFac();
        break;
    case 'commentOnComplain':
        commentOnComplain();
        break;
    case 'commentOnComplainFac':
        commentOnComplainFac();
        break;
    case 'closeComplain':
        closeComplain();
        break;
    case 'closeComplainFac':
        closeComplainFac();
        break;
Example #14
0
 */
require_once "../functions.php";
global $DEBUG;
if ($DEBUG) {
    $starttime_main = microtime(true);
}
ini_set("session.cookie_httponly", 1);
session_start();
if ($_POST['submit'] == "submit") {
    if ($_POST['user'] == "" || $_POST['pass'] == "") {
        $emptyField = true;
    } else {
        $username = @sanitize_paranoid_string($_POST['user']);
        $password = $_POST['pass'];
        $ref = @sanitize_paranoid_string($_POST['ref']);
        $userlogon = checkUser($username, $password);
        if ($userlogon[0]['result']) {
            $_SESSION['login'] = true;
            $_SESSION['userName'] = ucfirst(strtolower($userlogon[0]['username']));
            $_SESSION['userID'] = $userlogon[0]['user_id'];
            $_SESSION['email'] = $userlogon[0]['email'];
            $_SESSION['LAST_ACTIVITY'] = time();
            // define first "last activity" timestamp
            $_SESSION['CREATED'] = time();
            // initialize the session create timestamp
            if ($userlogon[0]['changePass']) {
                $_SESSION['forceChangePass'] = true;
            }
            session_regenerate_id(true);
            // change session ID for the current session an invalidate old session ID
            header("HTTP/1.1 302 Found");
Example #15
0
include_once 'functions.php';
$dosetval = isset($_POST['value']);
if (isset($_POST['requested'])) {
    if ($dosetval) {
        $_SESSION[$_POST['requested']] = $_POST['value'];
    } else {
        if ($_POST['requested'] == "userInfo") {
            if (checkSession()) {
                $id = $_SESSION['user_id'];
                $retVal = getUser($id);
                print json_encode($retVal);
            }
        } else {
            if ($_POST['requested'] == "checkName") {
                $userName = $_POST['userName'];
                $retVal = checkUser($userName);
                print json_encode($retVal);
            } else {
                if ($_POST['requested'] == "checkEmail") {
                    $userEmail = $_POST['userEmail'];
                    $retVal = checkEmail($userEmail);
                    print json_encode($retVal);
                } else {
                    if ($_POST['requested'] == "sesexe") {
                        if (checkSession()) {
                            $id = $_SESSION['user_id'];
                        } else {
                            $id = 12;
                        }
                        $retVal = saveAlgSes($id);
                        print json_encode($retVal);
Example #16
0
 * @copyright 	(c) 2009-2012 Nils Laumaillé
 * @licensing 	GNU AFFERO GPL 3.0
 * @link		http://www.teampass.net
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 */
require_once '../sessions.php';
session_start();
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1 || !isset($_SESSION['user_id']) || empty($_SESSION['user_id']) || !isset($_SESSION['key']) || empty($_SESSION['key'])) {
    die('Hacking attempt...');
}
/* do checks */
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/checks.php';
if (!checkUser($_SESSION['user_id'], $_SESSION['key'], "items")) {
    $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
    //not allowed page
    handleError('Not allowed to ...', 110);
    exit;
}
//check for session
if (isset($_POST['PHPSESSID'])) {
    session_id($_POST['PHPSESSID']);
} elseif (isset($_GET['PHPSESSID'])) {
    session_id($_GET['PHPSESSID']);
} else {
    handleError('No Session was found.');
}
// HTTP headers for no cache etc
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
Example #17
0
function gotDTMF($text)
{
    global $state;
    global $mailbox;
    global $collect_user;
    global $collect_pass;
    Yate::Debug("gotDTMF('{$text}') state: {$state}");
    switch ($state) {
        case "user":
            if ($text == "*") {
                promptUser();
                return;
            }
            if ($text == "#") {
                checkUser();
            } else {
                $collect_user .= $text;
            }
            return;
        case "pass":
            if ($text == "*") {
                promptPass();
                return;
            }
            if ($text == "#") {
                checkPass();
            } else {
                $collect_pass .= $text;
            }
            return;
    }
    if ($mailbox == "") {
        return;
    }
    navigate($text);
}
 * @licensing     GNU AFFERO GPL 3.0
 * @link          http://www.teampass.net
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 */
require_once 'sessions.php';
session_start();
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1 || !isset($_SESSION['user_id']) || empty($_SESSION['user_id']) || !isset($_SESSION['key']) || empty($_SESSION['key']) || !isset($_SESSION['settings']['enable_suggestion']) || $_SESSION['settings']['enable_suggestion'] != 1) {
    die('Hacking attempt...');
}
/* do checks */
require_once $_SESSION['settings']['cpassman_dir'] . '/includes/config/include.php';
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/checks.php';
if (!checkUser($_SESSION['user_id'], $_SESSION['key'], "suggestion")) {
    $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
    //not allowed page
    include $_SESSION['settings']['cpassman_dir'] . '/error.php';
    exit;
}
require_once $_SESSION['settings']['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
include $_SESSION['settings']['cpassman_dir'] . '/includes/config/settings.php';
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/SplClassLoader.php';
header("Content-type: text/html; charset=utf-8");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
require_once 'main.functions.php';
// pw complexity levels
$_SESSION['settings']['pwComplexity'] = array(0 => array(0, $LANG['complex_level0']), 25 => array(25, $LANG['complex_level1']), 50 => array(50, $LANG['complex_level2']), 60 => array(60, $LANG['complex_level3']), 70 => array(70, $LANG['complex_level4']), 80 => array(80, $LANG['complex_level5']), 90 => array(90, $LANG['complex_level6']));
// connect to DB
Example #19
0
 *
 * Kimai is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; Version 3, 29 June 2007
 *
 * Kimai is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with Kimai; If not, see <http://www.gnu.org/licenses/>.
 */
// Include Basics
include '../../includes/basics.php';
$usr = checkUser();
// ============================================
// = initialize currently displayed timespace =
// ============================================
$timespace = get_timespace();
$in = $timespace[0];
$out = $timespace[1];
// set smarty config
require_once WEBROOT . 'libraries/smarty/Smarty.class.php';
$tpl = new Smarty();
$tpl->template_dir = 'templates/';
$tpl->compile_dir = 'compile/';
// read kga ---------------------------------------
$output = $kga;
// clean out sone data that is way too private to be shown in the frontend ...
if (!$kga['show_sensible_data']) {
Example #20
0
/**
 * getEvalList - Retourne la liste des instances de campagnes d'évaluations disponibles pour un utilisateur donné
 *
 * @category : evaluationFunction
 * @param int $id Identifiant de l'utilisateur
 * @return array Array contenant la liste des instances de campagne d'évaluation disponible pour l'utilisateur
 *
 * @Author Ali Bellamine
 *
 *	 Contenu de l'array retourné :<br>
 *		[id de la campagne d'évaluation] => (array) données relative à une évaluation voir {@link getEvalData()}<br>
 *		[id de la campagne d'évaluation]['registerId'] => (int) id de l'instance de la campagne d'évaluation pour l'utilisateur<br>
 *		[id de la campagne d'évaluation]['data'] => (string) informations optionelles relatives à l'instance de la campagne d'évaluation<br>
 *		[id de la campagne d'évaluation]['remplissage']['valeur'] => (int) statut de remplissage de l'instance de la campagne d'évaluation (0 ou 1)<br>
 *		[id de la campagne d'évaluation]['remplissage']['date'] => (string) date du remplissage de l'instance de la campagne d'évaluation sous forme de timestamp
 *
 */
function getEvalList($id)
{
    /*
    	Initialisation des variables
    */
    global $db;
    // Permet l'accès à la BDD
    $erreur = array();
    $evaluations = array();
    /*
    	On vérifie l'existance de l'utilisateur
    */
    $erreur = checkUser($id, $erreur);
    if (count($erreur) == 0) {
        /*
        	Récupèration informations contenant l'utilisateur
        */
        $sql = 'SELECT e.id evaluationId, er.id registerId, er.date dateRemplissage, er.evaluationData evaluationData, er.evaluationStatut remplissageStatut FROM evaluationregister er INNER JOIN evaluation e ON e.id = er.evaluationId WHERE userId = ?';
        $res = $db->prepare($sql);
        if ($res->execute(array($id))) {
            while ($res_f = $res->fetch()) {
                $evaluations[$res_f['evaluationId']] = getEvalData($res_f['evaluationId']);
                $evaluations[$res_f['evaluationId']]['registerId'] = $res_f['registerId'];
                $evaluations[$res_f['evaluationId']]['data'] = $res_f['evaluationData'];
                // On enregistre que l'évaluation a été faite si elle a été faite
                if (isset($res_f['dateRemplissage']) && $res_f['remplissageStatut'] == 1) {
                    $evaluations[$res_f['evaluationId']]['remplissage']['valeur'] = true;
                    $evaluations[$res_f['evaluationId']]['remplissage']['date'] = DatetimeToTimestamp($res_f['dateRemplissage']);
                } else {
                    $evaluations[$res_f['evaluationId']]['remplissage']['valeur'] = false;
                }
            }
        }
        return $evaluations;
    } else {
        return false;
    }
}
Example #21
0
File: init.php Project: jo91/kimai
 * Kimai - Open Source Time Tracking // http://www.kimai.org
 * (c) 2006-2009 Kimai-Development-Team
 *
 * Kimai is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; Version 3, 29 June 2007
 *
 * Kimai is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with Kimai; If not, see <http://www.gnu.org/licenses/>.
 */
// Include Basics
include '../../includes/basics.php';
$dir_templates = "templates/";
$datasrc = "config.ini";
$settings = parse_ini_file($datasrc);
$dir_ext = $settings['EXTENSION_DIR'];
$user = checkUser();
// =========================================
// = Get the currently displayed timeframe =
// =========================================
$timeframe = get_timeframe();
$in = $timeframe[0];
$out = $timeframe[1];
$view = new Zend_View();
$view->setBasePath(WEBROOT . 'extensions/' . $dir_ext . '/' . $dir_templates);
echo $view->render('index.php');
Example #22
0
 switch ($ev->name) {
     case "call.execute":
         $partycallid = $ev->GetValue("id");
         $ev->params["targetid"] = $ourcallid;
         if ($ev->GetValue("debug_on") == "yes") {
             Yate::Output(true);
             Yate::Debug(true);
         }
         if ($ev->GetValue("query_on") == "yes") {
             $query_on = true;
         }
         $ev->handled = true;
         /* We must ACK this message before dispatching a call.answered */
         $ev->Acknowledge();
         /* Check if the mailbox exists, answer only if that's the case */
         if (checkUser($ev->GetValue("called"), $ev->GetValue("caller"))) {
             $m = new Yate("call.answered");
             $m->params["id"] = $ourcallid;
             $m->params["targetid"] = $partycallid;
             // - - - - - - - - - - - - - - - - - - - - - - - - -
             /*  (этого блока ранее не было)  */
             /*  определение правого плеча путем присвоения ему идентификатора вызова (billid) левого плеча  */
             /*  автосекретарь -> внутр. номер -> голосовая почта  */
             // $m->params["direction"] = $ev->GetValue("direction");
             $m->params["direction"] = 'outgoing';
             $m->params["billid"] = $ev->GetValue("billid");
             // $m->params["status"] = $ev->GetValue("status");
             $m->params["status"] = 'cs_voicemail';
             // $m->params["reason"] = $ev->GetValue("reason");
             // - - - - - - - - - - - - - - - - - - - - - - - - -
             // - - - - - - - - - - - - - - - - - - - - - - - - -
Example #23
0
<html>
<head>
    <script>
        $(document).ready(function(){
            removeAllActiveClass();
        })
    </script>

    <?php 
include '../CommonPage/initializer.php';
checkUser($_SESSION["Username"]);
$updatedDueDate = getCurrentDate();
?>
    <?php 
if (isset($_POST['editTodaysDetails'])) {
    $dueDate = $_POST["editedDueDate"];
    $query = "Update book set DueDate='" . $dueDate . "' where DueDate='" . getCurrentDate() . "'";
    $editResult = "yes";
    if ($conn->query($query) === true) {
        $editResult = "yes";
        $updatedDueDate = $dueDate;
    } else {
        $editResult = "no";
    }
}
?>
</head>
<body>
<?php 
include '../CommonPage/header.php';
include '../CommonPage/nav.php';
Example #24
0
@ini_set('session.use_only_cookies', '1');
@header('Cache-Control: no-cache, no-store, must-revalidate');
// HTTP 1.1.
@header('Pragma: no-cache');
// HTTP 1.0.
@header('Expires: 0');
// Proxies.
@session_name('FWLDBA');
session_start();
// check if membership system exists
setupMembership();
########################################################################
// do we have an admin log out request?
if ($_GET['signOut'] == 1) {
    logOutUser();
    ?>
<META HTTP-EQUIV="Refresh" CONTENT="0;url=../index.php"><?php 
    exit;
}
// is there a logged user?
if (!($uname = getLoggedAdmin())) {
    // is there a user trying to log in?
    if (!checkUser($_POST['username'], $_POST['password'])) {
        // display login form
        ?>
<META HTTP-EQUIV="Refresh" CONTENT="0;url=../index.php?signIn=1"><?php 
        exit;
    } else {
        redirect('admin/pageHome.php');
    }
}
Example #25
0
 	Préparation des données : on crée un array contenant toutes les données, ce dernier sera ensuite parcouru pour créer la requête SQL qui sera préparée
 */
 // Ce qui est propre aux edit et delete
 if (($action == 'edit' || $action == 'delete') && isset($serviceInfo)) {
     $sqlData['id'] = $serviceInfo['id'];
     // Id du service
 }
 // Traitement du POST
 if ($action == 'edit' || $action == 'add') {
     foreach ($_POST as $key => $value) {
         if ($key == 'nom') {
             if ($value != '' && ($action == 'add' || $value != $serviceInfo[$key])) {
                 $sqlData[$key] = htmLawed($value);
             }
         }
         if ($key == 'chef' && is_numeric($value) && count(checkUser($value, array())) == 0 && ($action == 'add' || $value != $serviceInfo[$key])) {
             $sqlData[$key] = $value;
         }
         if ($key == 'hopital' && is_numeric($value) && count(checkHopital($value, array())) == 0 && ($action == 'add' || $value != $serviceInfo[$key])) {
             $sqlData[$key] = $value;
         }
         if ($key == 'specialite' && is_numeric($value) && count(checkSpecialite($value, array())) == 0 && ($action == 'add' || $value != $serviceInfo[$key])) {
             $sqlData[$key] = $value;
         }
         if ($key == 'certificat') {
             $sqlAffectationData = array();
             $currentCertificat = array();
             if (isset($serviceInfo)) {
                 $listeCertificats = array();
                 foreach ($serviceInfo['certificat'] as $certificatId => $certificatValue) {
                     $listeCertificats[$certificatValue['idAffectation']] = $certificatId;
Example #26
0
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/
// $Id: editUser.php,v 1.7 2006/01/29 08:15:18 atrommer Exp $
checkUser($_SESSION['USERTYPE'], 2);
//if (!$_REQUEST['u_id'] && !$_REQUEST['action']){
//	accessDenied("Please choose an employee first!");
//}
doHeader("Edit User");
// first we check if we're doing an update
// or a delete
if ($_REQUEST['action'] == 'del') {
    deleteConfirm();
} elseif ($_POST['confirmDelete']) {
    deleteUser($_POST['hdUserID']);
    print "User deactivated sucessfully!";
} else {
    editUserForm();
}
function deleteConfirm()
Example #27
0
File: auth.php Project: romjkeeee/3
<?php

require_once "start.php";
$email = htmlspecialchars($_POST["email"]);
$password = htmlspecialchars($_POST["password"]);
$password = md5($password);
if (checkUser($email, $password)) {
    $_SESSION["email"] = $email;
    $_SESSION["password"] = $password;
} else {
    $_SESSION["error_auth"] = 1;
}
header("Location: " . $_SERVER["HTTP_REFERER"]);
exit;
Example #28
0
 if (isset($_SESSION['users']['update'])) {
     foreach ($_SESSION['users']['update'] as $userDataId => $userData) {
         $tempErreur = array();
         $tempErreur = checkUserInsertData($userData, $tempErreur);
         // On verifie la validité des données
         // On ajoute les données manquantes
         if (!isset($userData['prenom'])) {
             $userData['prenom'] = '';
         }
         if (!isset($userData['promotion'])) {
             $userData['promotion'] = 'NULL';
         }
         if (count($tempErreur) == 1 && isset($tempErreur['exist'])) {
             // On récupère l'id de l'utilisateur
             $userId = getUserIdFromNbEtudiant($userData['nbEtu']);
             if (isset($userId) && is_numeric($userId) && count(checkUser($userId, array())) == 0) {
                 $sql = 'UPDATE user SET nbEtudiant = ?, nom = ?, prenom = ?, mail = ?, promotion = ?, rang = ? WHERE id = ?';
                 $res = $db->prepare($sql);
                 $resT = $res->execute(array($userData['nbEtu'], strtoupper($userData['nom']), $userData['prenom'], serialize($userData['mail']), $userData['promotion'], $userData['rang'], $userId));
                 if (!$resT) {
                     $affectationsErreur[$affectationInsertId][14] = TRUE;
                     // On enregistre l'erreur
                 }
             } else {
                 $affectationsErreur[$affectationInsertId][14] = TRUE;
                 // On enregistre l'erreur
             }
         } else {
             // On enregistre les erreurs
             if (isset($tempErreur['exist'])) {
                 unset($tempErreur['exist']);
 * @licensing     GNU AFFERO GPL 3.0
 * @link          http://www.teampass.net
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 */
require_once 'sessions.php';
session_start();
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1 || !isset($_SESSION['user_id']) || empty($_SESSION['user_id']) || !isset($_SESSION['key']) || empty($_SESSION['key'])) {
    die('Hacking attempt...');
}
/* do checks */
require_once $_SESSION['settings']['cpassman_dir'] . '/includes/include.php';
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/checks.php';
if (!checkUser($_SESSION['user_id'], $_SESSION['key'], "manage_roles")) {
    $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
    //not allowed page
    include $_SESSION['settings']['cpassman_dir'] . '/error.php';
    exit;
}
include $_SESSION['settings']['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
include $_SESSION['settings']['cpassman_dir'] . '/includes/settings.php';
header("Content-type: text/html; charset=utf-8");
require_once 'main.functions.php';
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/SplClassLoader.php';
//Connect to DB
require_once $_SESSION['settings']['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
DB::$host = $server;
DB::$user = $user;
DB::$password = $pass;
 * @copyright     (c) 2009-2014 Nils Laumaillé
 * @licensing     GNU AFFERO GPL 3.0
 * @link          http://www.teampass.net
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 */
require_once 'sessions.php';
session_start();
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1 || !isset($_SESSION['user_id']) || empty($_SESSION['user_id']) || !isset($_SESSION['key']) || empty($_SESSION['key'])) {
    die('Hacking attempt...');
}
/* do checks */
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/checks.php';
if (!checkUser($_SESSION['user_id'], $_SESSION['key'], "manage_settings")) {
    $_SESSION['error']['code'] = ERR_NOT_ALLOWED;
    //not allowed page
    include $_SESSION['settings']['cpassman_dir'] . '/error.php';
    exit;
}
include $_SESSION['settings']['cpassman_dir'] . '/includes/language/' . $_SESSION['user_language'] . '.php';
include $_SESSION['settings']['cpassman_dir'] . '/includes/settings.php';
header("Content-type: text/html; charset==utf-8");
include 'main.functions.php';
require_once $_SESSION['settings']['cpassman_dir'] . '/sources/SplClassLoader.php';
//Connect to mysql server
require_once $_SESSION['settings']['cpassman_dir'] . '/includes/libraries/Database/Meekrodb/db.class.php';
DB::$host = $server;
DB::$user = $user;
DB::$password = $pass;