Example #1
0
 public static function processAdminPageSecurity($ajaxMode = false)
 {
     Security::processLogoutRequest();
     if (!isLogged() || isLoggedAsGuest()) {
         Security::tryRelogin();
     }
     if (IsAdmin()) {
         return true;
     }
     if ($ajaxMode) {
         Security::sendPermissionError();
         return false;
     }
     // The user is logged in but lacks necessary permissions
     // redirect to Menu.
     if (isLogged() && !isLoggedAsGuest()) {
         HeaderRedirect("menu");
         return false;
     }
     //	Not logged in
     // 	redirect to Login
     //	Save current URL in session
     Security::saveRedirectURL();
     redirectToLogin();
     return false;
 }
Example #2
0
function checkAuth()
{
    $user = getUser();
    if ($user) {
        return $user;
    }
    redirectToLogin();
}
Example #3
0
<?php

$timeStart = microtime(true);
session_start();
ob_start();
if (empty($_SESSION)) {
    exit(header("Location: ../../index.php"));
}
require_once $_SESSION['File_Root'] . '/Kernel/Include.php';
require_once $_SESSION['File_Root'] . '/HTML/Header.php';
require_once 'Functions/SQL.php';
redirectToLogin($accountID, $linkRoot);
$battle = findBattle($bdd, $characterID);
$magicID = htmlspecialchars(addslashes($_POST['magicID']));
$magic = newMagic($bdd, $magicID);
?>

<div class="panel panel-warning">
	<div class="panel-heading">
		<img src="<?php 
echo $monsterPicture;
?>
" alt="">
	</div>
	<div class="panel-body">
	<?php 
if ($characterMP >= $magic->getMPCost()) {
    $magicEffect = round($magic->getEffect() + $characterMagic / 100);
    if ($totalDamageMonster <= 0) {
        $totalDamageMonster = 0;
    }
Example #4
0
<?php

@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
require_once "include/dbcommon.php";
add_nocache_headers();
require_once "include/CompanyMaster_variables.php";
require_once "classes/searchcontrol.php";
require_once "classes/advancedsearchcontrol.php";
require_once "classes/panelsearchcontrol.php";
require_once "classes/searchclause.php";
if (!isLogged()) {
    Security::saveRedirectURL();
    redirectToLogin();
}
$cname = postvalue("cname");
$rname = postvalue("rname");
$accessGranted = CheckTablePermissions($strTableName, "S");
if (!$accessGranted) {
    HeaderRedirect("menu");
}
$layout = new TLayout("search5", "CityBlueWave", "MobileBlueWave");
$layout->version = 2;
$layout->blocks["top"] = array();
$layout->containers["fields"] = array();
$layout->container_properties["fields"] = array();
$layout->containers["fields"][] = array("name" => "srchheader", "block" => "searchheader", "substyle" => 2);
$layout->containers["fields"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1);
$layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1);
$layout->containers["fields"][] = array("name" => "srchbuttons", "block" => "searchbuttons", "substyle" => 2);
$layout->skins["fields"] = "fields";
Example #5
0
 /**
  * @param String table
  */
 public static function processAddPageSecurity($table)
 {
     //	user has necessary permissions
     if (Security::checkPagePermissions($table, "A")) {
         return true;
     }
     // display entered data. Give the user chance to relogin. Do nothing for now.
     if (postvalue("a") == "added") {
         return true;
     }
     //	page can not be displayed. Redirect or return error
     //	return error if the page is requested by AJAX
     $pageMode = AddPage::readAddModeFromRequest();
     if ($pageMode != ADD_SIMPLE) {
         Security::sendPermissionError();
         return false;
     }
     // The user is logged in but lacks necessary permissions
     // redirect to List page or Menu.
     if (isLogged() && !isLoggedAsGuest()) {
         Security::redirectToList($table);
         return false;
     }
     redirectToLogin();
     return false;
 }
Example #6
0
            if (count($arrayGUIs) == 1) {
                if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") {
                    $myURL = "Location: https://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']) . "/index.php?" . strip_tags(SID) . "&gui_id=" . $arrayGUIs[0];
                } else {
                    $myURL = "Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['SCRIPT_NAME']) . "/index.php?" . strip_tags(SID) . "&gui_id=" . $arrayGUIs[0];
                }
                # remove name and password from url, because url params are parsed later and written in javascript
                $cleanUrl = preg_replace("/name=[^&]*&/", "", $_SERVER["QUERY_STRING"]);
                $cleanUrl = preg_replace("/password=[^&]*&/", "", $cleanUrl);
                $myURL .= "&" . $cleanUrl;
                header($myURL);
                die;
            } else {
                require_once dirname(__FILE__) . "/../php/mb_listGUIs.php";
                mb_listGUIs($arrayGUIs);
            }
        }
    } else {
        Mapbender::session()->kill();
        $sql_set_cnt = "UPDATE mb_user SET mb_user_login_count = (mb_user_login_count + 1) WHERE mb_user_name = \$1";
        $v = array($name);
        $t = array('s');
        db_prep_query($sql_set_cnt, $v, $t);
        redirectToLogin($name);
    }
}
?>
</div>
</body>
</html>
Example #7
0
 public static function processEditPageSecurity($table)
 {
     //	user has necessary permissions
     if (Security::checkPagePermissions($table, "E")) {
         return true;
     }
     // display entered data. Give the user chance to relogin. Do nothing for now.
     if (postvalue("a") == "edited") {
         return true;
     }
     //	page can not be displayed. Redirect or return error
     $pageMode = EditPage::readEditModeFromRequest();
     //	return error if the page is requested by AJAX
     if ($pageMode != EDIT_SIMPLE) {
         Security::sendPermissionError();
         return false;
     }
     // The user is logged in but lacks necessary permissions
     // redirect to List page or Menu.
     if (isLogged() && !isLoggedAsGuest()) {
         Security::redirectToList($table);
         return false;
     }
     //	Not logged in
     // 	redirect to Login
     //	Save current URL in session
     $keyParams = array();
     $i = 1;
     while (postvalue("editid" . $i)) {
         $keyParams[] = "editid" . $i . "=" . rawurlencode(postvalue("editid" . $i));
         $i++;
     }
     $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . implode("&", $keyParams);
     redirectToLogin();
     return false;
 }
Example #8
0
 public static function processListPageSecurity($table)
 {
     //	user has necessary permissions
     if (Security::checkPagePermissions($table, "S")) {
         return true;
     }
     $mode = ListPage::readListModeFromRequest();
     //	check special permissions like lookup mode
     if ($mode == LIST_LOOKUP && ListPage::checkLookupPermissions($table)) {
         return true;
     }
     //	page can not be displayed. Redirect or return error
     //	return error if the page is requested by AJAX
     if ($mode != LIST_SIMPLE) {
         Security::sendPermissionError();
         return false;
     }
     // The user is logged in but lacks necessary permissions
     // redirect to List page or Menu.
     if (isLogged() && !isLoggedAsGuest()) {
         HeaderRedirect("menu");
         return false;
     }
     //	Not logged in
     // 	redirect to Login
     //	Current URL is already saved in session
     redirectToLogin();
     return false;
 }
Example #9
0
function requireUserAccount()
{
    global $PAGE;
    if (!isUserLoggedIn()) {
        logIt($PAGE . " only allows users - force login", "DEBUG");
        redirectToLogin();
    } elseif (isUserSuspended()) {
        logIt("Redirecting suspended account to profile.php", "DEBUG");
        $msg = "Your account has been suspended.  You will be unable to access the site until this is resolved.";
        logout($msg);
    }
    return;
}