function getContent()
{
global $bd;
if (isset($_GET['name']) && !empty($_GET['name'])) {
$name = ClearString($_GET['name']);
$res = $bd->query(" SELECT * FROM pages\n WHERE name='{$name}'");
if ($res->num_rows > 0) {
$rows = $res->fetch_assoc();
$title = $rows['title'];
$text = $rows['text'];
$result_content = ' <div class="panel panel-default" style="padding: 20px">
<div id="legend">
<legend>' . $title . '</legend>
</div>
' . $text . '
</div>';
$this->title = $title;
} else {
$result_content = '<div class="alert alert-warning" role="alert">Такой страницы не существует!<br><a href="/do/index" class="alert-link">Вернуться на главную</a></div>';
}
} else {
doRedirect('../do/error');
exit;
}
return $result_content;
}
function doLogin($referer_in, $post)
{
extract($post);
if ($submit_login) {
if (!recaptchaCheck()) {
return 0;
}
$database = connectToDatabase();
$account = new Account($username);
if ($account->checkPassword($password)) {
session_name($username);
$_SESSION['username'] = $username;
$_SESSION['id'] = $account->getDatabaseID();
if ($referer) {
doRedirect($referer);
} else {
renderError("Cannot redirect you to the proper place. Please press the back button and try again.");
return 0;
}
} else {
renderError("Your password is incorrect. Please try again");
return 0;
}
} else {
renderError("You need to login to do that.");
displayLoginForm($referer_in);
return 0;
}
}
public function __construct()
{
if ($_COOKIE['emc-group'] < 7) {
doRedirect('/do/error');
die('ACCESS DENIED!');
}
}
function requireAdmin()
{
global $CFG;
if ($_SESSION['admin'] != 'yes') {
$_SESSION['err'] = 'Login required';
doRedirect($CFG->wwwroot . '/login.php');
exit;
}
}
function getContent()
{
global $bd;
if (isset($_GET['login']) && !empty($_GET['login'])) {
$login = ClearString($_GET['login']);
$res = $bd->query(" SELECT * FROM users\n WHERE login='******'");
if ($res->num_rows > 0) {
$rows = $res->fetch_assoc();
$id = $rows['id'];
$email = $rows['email'];
$about = $this->ClearStringHTML($rows['About']);
$group = $rows['group'];
$result_content = '<div class="panel panel-default" style="padding: 20px">
<div id="legend">
<legend>Профиль ' . $login . '
<div class="btn-group text-right">
<a class="btn dropdown-toggle btn-info" data-toggle="dropdown" href="#">
Action
<span class="icon-cog icon-white"></span><span class="caret"></span>
</a>
<ul class="dropdown-menu">
<li><a href="../do/edituser/' . $id . '"><span class="icon-wrench"></span> Modify</a></li>
<li><a href="../do/deluser/' . $id . '"><span class="icon-trash"></span> Delete</a></li>
</ul>
</div>
</legend>
</div>
<div class="row-fluid">
<div class="span2" >
<img src="{TMP_URL}/skin.png">
</div>
<div class="span8">
<h5>Email: ' . $email . '</h5>
<h5>О себе: ' . $about . '</h5>
<h5>Группа: ' . $group . '</h5>
<h5><a href="../do/report/' . $id . '">Пожаловаться на этого пользователя </a></h5>
</div>
<div class="span2">
</div>
</div>
</div>';
$this->title = $title;
} else {
$result_content = '<div class="alert alert-warning" role="alert">Такого пользователя не существует!<br><a href="/do/index" class="alert-link">Вернуться на главную</a></div>';
}
} else {
doRedirect('../do/error');
exit;
}
return $result_content;
}
function getContent()
{
global $bd;
if (isset($_COOKIE['emc-login']) && isset($_COOKIE['emc-password'])) {
$login = $_COOKIE['emc-login'];
setcookie("emc-login", "");
setcookie("emc-password", "");
setcookie("emc-group", "");
$lastdate = date("Y-m-d");
$lastip = $_SERVER["REMOTE_ADDR"];
$bd->query(" UPDATE users\n SET lastip = '{$lastip}', lastdate = '{$lastdate}' \n WHERE login = '******'\n ");
doRedirect('../');
exit;
}
if (!isset($_COOKIE['evervolv-login']) && !isset($_COOKIE['evervolv-pass'])) {
doRedirect('../');
exit;
}
$result_content = null;
return $result_content;
}
if ("comment" == $action) {
// check to see if user is allowed to make posts
if ($_user->getPrivileges($_SESSION['user']['id'], CAN_MAKE_COMMENTS)) {
$auth = 1;
if ("POST" == $_SERVER['REQUEST_METHOD']) {
if (!@empty($_POST['body'])) {
if (isset($_POST['thread']) && is_numeric(@$_POST['thread'])) {
if (!isset($_POST['parent']) || !is_numeric(@$_POST['parent'])) {
$parent = 0;
} else {
$parent = $_POST['parent'];
}
$content = new contentClass();
if (FALSE != ($pid = $content->newComment($_SESSION['user']['id'], $_POST['thread'], $parent, $_POST['body']))) {
doRedirect('?module=post&id=' . $_POST['thread'] . '#comment-' . $pid, TRUE);
} else {
doRedirect('?module=post&id=' . $_POST['thread'] . '#comment-' . $parent, TRUE);
}
} else {
$status = "Invalid post id.";
}
} else {
$status = "You must enter some text.";
}
}
} else {
$status = "You are not allowed to make this kind of contribution.";
}
}
}
}
function getContent()
{
global $bd;
$result_content = '';
if (!isset($_COOKIE['emc-login']) && !isset($_COOKIE['emc-password'])) {
if (isset($_POST['register-submit']) && isset($_POST['username-data']) && isset($_POST['password-data']) && isset($_POST['email-data']) && isset($_POST['password-repeat-data'])) {
if ($_POST['password-data'] == $_POST['password-repeat-data']) {
$password = $_POST['password-data'];
$login = $_POST['username-data'];
$email = $_POST['email-data'];
if (preg_match("/^([\\w\\d\\-\\_\\.]+)\\@([\\w\\d\\-\\_\\.]+)\\.([\\w\\d]{2,4})\$/", $email)) {
if (strlen($password) > 4) {
$res = $bd->query(" SELECT login, email \n FROM users\n WHERE login='******' OR email='{$email}'");
if (!($res->num_rows > 0)) {
$activateHash = md5($login . ';' . $password);
$pass = md5($password);
$regip = $_SERVER["REMOTE_ADDR"];
$date = date("Y-m-d");
$group = '0';
$bd->query("INSERT INTO users\n (`login`, `email`, `password`, `date`, `regip`, `activateHash`, `group`, `About`)\n VALUES\n ('{$login}', '{$email}', '{$pass}', '{$date}', '{$regip}', '{$activateHash}', '{$group}', 'Не указано')\n ");
mail($email, 'EvervolvMC activation', 'Your verify link:\\nhttp://evervolv.tk/?do=activate&hash=' . $activateHash);
doRedirect('../do/activate');
die;
} else {
$result_content .= '<div class="alert alert-warning" role="alert">Пользователь с таким логином или E-mail уже зарегистрирован!</div>';
}
} else {
$result_content .= '<div class="alert alert-warning" role="alert">Пароль содержит меньше 4-ех символов!</div>';
}
} else {
$result_content .= '<div class="alert alert-warning" role="alert">Неправильный E-mail</div>';
}
} else {
$result_content .= '<div class="alert alert-warning" role="alert">Пароли не совпадают</div>';
}
}
} else {
doRedirect('../');
exit;
}
$result_content .= '
<div class="panel panel-default" style="padding: 20px">
<form class="form-horizontal" action="" method="post">
<fieldset>
<div id="legend">
<legend class="">Регистрация<small> (Шаг 1/2)</small></legend>
</div>
<div class="control-group">
<!-- Username -->
<label class="control-label" for="username">Логин</label>
<div class="controls">
<input type="text" id="username" name="username-data" placeholder="" class="input-xlarge">
<p class="help-block">Логин может содержать только буквы и цифры, без пробелов</p>
</div>
</div>
<div class="control-group">
<!-- E-mail -->
<label class="control-label" for="email">E-mail</label>
<div class="controls">
<input type="text" id="email" name="email-data" placeholder="" class="input-xlarge">
<p class="help-block">Укажите ваш E-mail</p>
</div>
</div>
<div class="control-group">
<!-- Password-->
<label class="control-label" for="password">Пароль</label>
<div class="controls">
<input type="password" id="password" name="password-data" placeholder="" class="input-xlarge">
<p class="help-block">Пароль должен содержать как минимум 4 символа</p>
</div>
</div>
<div class="control-group">
<!-- Password -->
<label class="control-label" for="password_confirm">Повторите пароль</label>
<div class="controls">
<input type="password" id="password_confirm" name="password-repeat-data" placeholder="" class="input-xlarge">
<p class="help-block">Пожалуйста, повторите пароль</p>
<br>
</div>
</div>
<div class="control-group">
<!-- Button -->
<div class="controls">
<button class="btn btn-success" name="register-submit">Зарегистрироваться</button>
</div>
</div>
</fieldset>
</form>
</div>';
return $result_content;
}
unset($_SESSION['user_id']);
unset($_SESSION['user_name']);
if (isset($_POST['account']) && isset($_POST['password'])) {
if ($_POST['account'] == 'admin' && $_POST['password'] == 'imslti') {
$_SESSION['admin'] = 'yes';
doRedirect('courses/index.php');
return;
}
$a = $db->quote($_POST['account']);
$p = $db->quote($_POST['password']);
$sql = sprintf("SELECT * FROM LTI_Users WHERE (email=%s OR lkey=%s) AND password=%s AND key_id=%s", $a, $a, $p, $CFG->localkeyid);
$q = $db->query($sql);
if ($q && ($user = $q->fetch())) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_name'] = $user['name'];
doRedirect('courses.php');
} else {
$_SESSION['err'] = 'Login failed';
}
}
userMenu();
flashMessages();
?>
<div id="small-dialog-container">
<div id="small-dialog">
<form method="post">
<p>E-Mail or Account:
<input type="text" name="account"></p>
<p>Password:
<input type="text" name="password"></p>
<p><input type="submit" value="Login"/>
header('Location: error.php');
return;
}
$sql = sprintf("SELECT name,lkey,image,email FROM LTI_Users WHERE id=%s AND key_id=%s", $db->quote($_SESSION['user_id']), $CFG->localkeyid);
$q = $db->query($sql);
$user = $q->fetch();
if (!$course) {
$_SESSION['error'] = 'Bad value for id';
header('Location: error.php');
return;
}
$sql = sprintf("SELECT role_id FROM LTI_Members WHERE user_id=%s AND course_id=%s", $db->quote($_SESSION['user_id']), $db->quote($course['id']));
$q = $db->query($sql);
if ($q) {
$member = $q->fetch();
}
$_SESSION['_context_consumer_key'] = $CFG->localkey;
$_SESSION['_context_consumer_id'] = $CFG->localkeyid;
$_SESSION['_lti_context'] = array('oauth_consumer_key' => 'local', 'resource_link_id' => 'rlid-1234', 'resource_link_title' => 'This Week', 'resource_link_description' => 'Please complete this', 'user_id' => $user['lkey'], 'roles' => $member['roleid'] == 0 ? 'Instructor' : 'Learner', 'lis_person_name_full' => $user['name'], 'lis_person_contact_email_primary' => $user['email'], 'lis_person_sourcedid' => 'localhost.edu::' . $user['id'], 'context_id' => $course['lkey'], 'context_title' => $course['name'], 'context_label' => $course['lkey'], 'tool_consumer_info_product_family_code' => 'ims', 'tool_consumer_info_version' => '1.1', 'tool_consumer_instance_guid' => 'www.imsglobal.org', 'tool_consumer_instance_description' => 'University of Localhost (LMSng)');
/*
echo("<pre>\n");
print_r($course);
print_r($user);
print_r($member);
print_r($_SESSION);
echo("</pre>\n");
*/
// Do this by hand to switch away from cookie based sessions.
$location = addSession('mod/response/index.php');
doRedirect($location);
if ("POST" == $_SERVER['REQUEST_METHOD']) {
// is the user already logged in?
if (!@$_SESSION['user']['id']) {
if (!@empty($_POST['username']) && !@empty($_POST['password'])) {
// attempt to authenticate the user
if ($uid = $_user->login($_POST['username'], $_POST['password'])) {
$status = "Login successful";
// regenerate session ID upon authentication
$sid = $_session->genID();
// populate session data
$_SESSION['user'] = $_user->get($uid);
// update cookie with the new session ID
$cookie = session_get_cookie_params();
setcookie(COOKIE_NAME, $sid, $cookie['lifetime'], $cookie['path'], $cookie['domain'], $cookie['secure']);
// redirect the user to their profile
doRedirect("?module=user&id=" . htmlentities($uid), TRUE);
} else {
$status = "Login failed";
$username = htmlentities($_POST['username']);
}
} else {
$status = "You must enter a username and password.";
}
}
}
$auth = array('error' => $status, 'username' => $username);
$templates[] = array('name' => 'auth.login', 'vars' => array('auth' => $auth, 'user' => $_SESSION['user']));
renderPage($templates);
// password reset
} else {
if ("reset" == $action) {
window.location.reload()
</script>';
}
function ClearString($string)
{
return trim(htmlspecialchars(stripslashes($string)));
}
if (isset($_POST['send-param'])) {
$login = ClearString($_POST['login-data']);
$password = md5($_POST['password-data']);
$res = $bd->query("\n SELECT password, login, `group`\n FROM users\n WHERE login='******' AND password='******'\n ");
if ($res->num_rows > 0) {
$row = mysqli_fetch_assoc($res);
if ($row['group'] > 0) {
$password = $row['password'];
$login = $row['login'];
$groupid = getGroupNumber($login, $bd);
setcookie("emc-login", $login);
setcookie("emc-password", $password);
setcookie("emc-group", $groupid);
doRedirect('../');
exit;
} else {
$errorCode = "3";
echo '<div class="container"><div class="alert alert-warning" style="margin-top: 50px; margin-bottom: -45px" role="alert">Вы не активировали вашу учетную запись!</div></div>';
}
} else {
$errorCode = "2";
echo '<div class="container"><div class="alert alert-warning" style="margin-top: 50px; margin-bottom: -45px" role="alert">Неправильный логин или пароль!</div></div>';
}
}