$cmd = empty($HTTP_GET_VARS['cmd']) ? '' : $HTTP_GET_VARS['cmd'];
if (!USER_ID && $cmd && $cmd != 'send_reg') {
$cmd = 'login';
}
if (!empty($HTTP_POST_VARS['username'])) {
$cmd = 'process_login';
}
switch ($cmd) {
case 'login':
output_header();
form_login();
output_footer();
break;
case 'process_login':
output_header();
process_login();
output_footer();
break;
case 'publish':
output_header();
form_publish();
output_footer();
break;
case 'create_album':
output_header();
create_album();
output_footer();
break;
case 'add_picture':
process_picture();
break;
if ($submit == "Add a Row") {
$rows++;
} else {
if ($submit == "submit") {
/* Save first before submitting */
save(0);
/* Make sure sum of all percentage of selected
* weeks activity is 100
*/
submit();
} else {
if ($submit == "login") {
$user = make_safe($_POST['user']);
$password = make_safe($_POST['password']);
$userErr = $passErr = "";
if (process_login($user, $password) == 0) {
/* Store session */
$_SESSION['Name'] = $user;
} else {
$userErr = 'Either username or password is incorrect';
/* Show login form again */
}
} else {
if ($save == "save") {
save(1);
} else {
if ($submit == "register") {
$userErr = $passErr = "";
}
}
}
include_once "{$fileman_home}/screens/confirm-delete.inc";
include_once "{$fileman_home}/screens/edit-permissions.inc";
include_once "{$fileman_home}/screens/edit-file.inc";
include_once "{$fileman_home}/screens/upload-multi.inc";
include_once "{$fileman_home}/screens/rename.inc";
include_once "{$fileman_home}/screens/copy-move.inc";
include_once "{$fileman_home}/screens/preferences.inc";
include_once "{$fileman_home}/screens/search-form.inc";
include_once "{$fileman_home}/screens/error.inc";
$fileman_url = "{$http_protocol}://{$hostname}/test/fw/app/js/yafm/var/www/html/yafm";
$_SESSION['fileman_css'] = $fileman_url . 'css/style.css';
preferences_init();
if (empty($_SESSION['fileman_user'])) {
//the user has not authenticated yet
if (!empty($_REQUEST['action']) && 'login' == strtolower($_REQUEST['action'])) {
$screen = process_login($_REQUEST);
} else {
$screen = 'screen_login';
}
if ($screen == 'screen_login') {
$screen();
exit;
}
}
//if vfs_id is set we're not browsing a regular folder but a virtual filesystem, e.g.
//a search result set or the contents of an archive
$vfs_id = empty($_REQUEST['vfs_id']) ? false : $_REQUEST['vfs_id'];
//try the value in $_REQUEST then $fm_config['HOME_FOLDER'] then default value '/'
$folder = empty($_REQUEST['folder']) ? empty($fm_config['HOME_FOLDER']) ? '/' : $fm_config['HOME_FOLDER'] : $_REQUEST['folder'];
$folder = validate_folder($folder);
//check if it's a valid folder and if it's within the tree we're allowed to access
</head>
<body>
<?php
error_reporting(E_ALL);
require 'AuthMeController.php';
// Change this to the file of the hash encryption you need, e.g. Bcrypt.php or Sha256.php
require 'Sha256.php';
// The class name must correspond to the file you have in require above! e.g. require 'Sha256.php'; and new Sha256();
$authme_controller = new Sha256();
$action = get_from_post_or_empty('action');
$user = get_from_post_or_empty('username');
$pass = get_from_post_or_empty('password');
$was_successful = false;
if ($action && $user && $pass) {
if ($action === 'Log in') {
$was_successful = process_login($user, $pass, $authme_controller);
} else {
if ($action === 'Register') {
$was_successful = process_register($user, $pass, $authme_controller);
}
}
}
if (!$was_successful) {
echo '<h1>Login sample</h1>
This is a demo form for AuthMe website integration. Enter your AuthMe login details
into the following form to test it.
<form method="post">
<table>
<tr><td>Name</td><td><input type="text" value="' . htmlspecialchars($user) . '" name="username" /></td></tr>
<tr><td>Pass</td><td><input type="password" value="' . htmlspecialchars($pass) . '" name="password" /></td></tr>
<tr>
* @package Textodo
* @copyright Copyright (c) 2010 Unirgy LLC (http://www.unirgy.com)
* @license http://opensource.org/licenses/osl-3.0.php Open Software License (OSL 3.0)
* @version 0.2.0
*/
/************** CONFIGURATION *****************/
error_reporting(E_ALL | E_STRICT);
$config = array('db' => array('host' => 'localhost', 'user' => 'root', 'pass' => '', 'name' => 'dbname'), 'rate' => array('query' => 300, 'changes' => 1500), 'login' => array('session_cookie' => 'unirgy_textodo', 'username_cookie' => 'unirgy_gtd_last_username', 'username_expire' => 86400 * 30));
/*************** CONTROLLER *******************/
session_name($config['login']['session_cookie']);
session_start();
if (empty($_SESSION['user'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
login_form();
} else {
process_login($_POST['username'], $_POST['password']);
}
exit;
}
switch (empty($_GET['r']) ? '' : $_GET['r']) {
case '':
main_page();
break;
case 'ajax_search':
fetch_lines();
break;
case 'ajax_updates':
apply_updates();
break;
case 'logout':
session_destroy();
}
} else {
if ($fm_stage == "suauth") {
if (empty($fm_sessionid) || empty($fm_username) || empty($fm_sitename)) {
display_errorbox("Must have a valid user session.");
print_request_login_form($fm_username, $fm_password, $fm_sitename);
} else {
if (empty($fm_password) || empty($fm_siteid)) {
display_errorbox("Must select the target sub-account.");
$bapi = connect_bronto_session($fm_sessionid);
$accounts = get_all_accounts($bapi);
sort_accounts_by_name($accounts);
print_agency_login_form($fm_username, $fm_password, $fm_sitename, $fm_siteid, $fm_sessionid, $accounts);
} else {
$login_info = bronto_user_login($fm_username, $fm_password, $fm_sitename, $fm_siteid);
process_login($login_info, $fm_username, $fm_password, $fm_sitename);
}
}
} else {
if ($fm_stage == "userinfo") {
$dbh = open_db();
// we could obtain the username from the userinfo form itself, but this could allow a malicious user to
// change the user information for a user other than him/herself; a DB lookup is used instead
$username = db_get_session_user($dbh, $fm_sessionid);
if ($username) {
$got_error = false;
$userinfo = array('firstname' => $fm_firstname, 'lastname' => $fm_lastname, 'email' => $fm_email, 'phone' => $fm_phone);
if ($fm_firstname && $fm_lastname && $fm_email && $fm_phone) {
if (is_valid_email($fm_email)) {
if (db_update_user_info($dbh, $username, $userinfo) == true) {
print_message_select_form($bapi, $fm_sessionid);
$PostHash['username'] = '******';
$PostHash['passwd'] = 'grafdevalery';
$Html = copy_be($Html, '<form ', '>');
$Tags = extract_property_values($Html, 'action', "\r\n");
$Html = download($Tags, 'POST', 'http://www.buker.ru/dostaken.php', $PostHash);
return $Html;
}
if ($debug) {
$FileName = $Lines . 'login.html';
if (file_exists($FileName)) {
$Html = file_get_contents($FileName);
}
}
$LoginForm = copy_be($Html, '<form ', '</form>', 'login');
if ($LoginForm) {
$Html = process_login($LoginForm);
if ($debug) {
file_put_contents($Lines . 'login.html', $Html);
}
}
function extract_bet($Html)
{
$Html = extract_tags($Html, '<table ', '</table>', '', 'Дома');
$Html = kill_space($Html);
$Html = str_ireplace('=>', '|', $Html);
$Html = kill_comment($Html);
$Html = kill_tag($Html, 'script');
$Html = kill_tag_bound($Html, 'input|b|a|img|strong');
$Html = str_ireplace('<br>', '|', $Html);
$Html = str_ireplace('>-<', '><', $Html);
$Html = str_ireplace(' bgcolor="#66FFFF"', ' league="#66FFFF"', $Html);
if (!is_dir(BASE_META_DIR . '/temp') && !mkdir(BASE_META_DIR . '/temp')) {
die("couldn't access to directory for storing meta data [" . BASE_META_DIR . "/temp]\n");
}
$success = false;
$succ_cnt = 0;
$total_cnt = 0;
$cookie_files = array();
foreach ($logins as $login => $data) {
$total_cnt++;
if ($scrape_options["verbose"]) {
echo "processing login {$login}\n";
}
//specifying location for storing cURL cookies
$cookiefile = BASE_META_DIR . "temp/itc_cookies" . time();
$cookie_files[] = $cookiefile;
$res = process_login($data);
if ($res) {
$success = true;
if ($scrape_options["verbose"]) {
echo "\n\n\n**********************\nprocessing login {$login} succeeded\n";
}
$succ_cnt++;
} else {
if ($scrape_options["verbose"]) {
echo "processing login {$login} failed\n";
}
}
curl_close($ch);
$ch = false;
}
agregate_sales();