/**
 * Processes loading of this sample code through a web browser.
 *
 * @return void
 */
function runWWWVersion()
{
    session_start();
    // Note that all calls to endHTML() below end script execution!
    // Check to make sure that the user has set a password.
    $p = LOGIN_PASSWORD;
    if (empty($p)) {
        startHTML(false);
        displayPasswordNotSetNotice();
        endHTML();
    }
    // Grab any login credentials that might be waiting in the request
    if (!empty($_POST['password'])) {
        if ($_POST['password'] == LOGIN_PASSWORD) {
            $_SESSION['authenticated'] = 'true';
        } else {
            // Invalid password. Stop and display a login screen.
            startHTML(false);
            requestUserLogin("Incorrect password.");
            endHTML();
        }
    }
    // If the user isn't authenticated, display a login screen
    if (!isset($_SESSION['authenticated'])) {
        startHTML(false);
        requestUserLogin();
        endHTML();
    }
    // Try to login. If login fails, log the user out and display an
    // error message.
    try {
        $client = getClientLoginHttpClient(GAPPS_USERNAME . '@' . GAPPS_DOMAIN, GAPPS_PASSWORD);
        $gapps = new Zend_Gdata_Gapps($client, GAPPS_DOMAIN);
    } catch (Zend_Gdata_App_AuthException $e) {
        session_destroy();
        startHTML(false);
        displayAuthenticationFailedNotice();
        endHTML();
    }
    // Success! We're logged in.
    // First we check for commands that can be submitted either though
    // POST or GET (they don't make any changes).
    if (!empty($_REQUEST['command'])) {
        switch ($_REQUEST['command']) {
            case 'retrieveUser':
                startHTML();
                retrieveUser($gapps, true, $_REQUEST['user']);
                endHTML(true);
            case 'retrieveAllUsers':
                startHTML();
                retrieveAllUsers($gapps, true);
                endHTML(true);
            case 'retrieveNickname':
                startHTML();
                retrieveNickname($gapps, true, $_REQUEST['nickname']);
                endHTML(true);
            case 'retrieveNicknames':
                startHTML();
                retrieveNicknames($gapps, true, $_REQUEST['user']);
                endHTML(true);
            case 'retrieveAllNicknames':
                startHTML();
                retrieveAllNicknames($gapps, true);
                endHTML(true);
            case 'retrieveEmailLists':
                startHTML();
                retrieveEmailLists($gapps, true, $_REQUEST['recipient']);
                endHTML(true);
            case 'retrieveAllEmailLists':
                startHTML();
                retrieveAllEmailLists($gapps, true);
                endHTML(true);
            case 'retrieveAllRecipients':
                startHTML();
                retrieveAllRecipients($gapps, true, $_REQUEST['emailList']);
                endHTML(true);
        }
    }
    // Now we handle the potentially destructive commands, which have to
    // be submitted by POST only.
    if (!empty($_POST['command'])) {
        switch ($_POST['command']) {
            case 'createUser':
                startHTML();
                createUser($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName'], $_POST['pass']);
                endHTML(true);
            case 'updateUserName':
                startHTML();
                updateUserName($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName']);
                endHTML(true);
            case 'updateUserPassword':
                startHTML();
                updateUserPassword($gapps, true, $_POST['user'], $_POST['pass']);
                endHTML(true);
            case 'setUserSuspended':
                if ($_POST['mode'] == 'suspend') {
                    startHTML();
                    suspendUser($gapps, true, $_POST['user']);
                    endHTML(true);
                } elseif ($_POST['mode'] == 'restore') {
                    startHTML();
                    restoreUser($gapps, true, $_POST['user']);
                    endHTML(true);
                } else {
                    header('HTTP/1.1 400 Bad Request');
                    startHTML();
                    echo "<h2>Invalid mode.</h2>\n";
                    echo "<p>Please check your request and try again.</p>";
                    endHTML(true);
                }
            case 'setUserAdmin':
                if ($_POST['mode'] == 'issue') {
                    startHTML();
                    giveUserAdminRights($gapps, true, $_POST['user']);
                    endHTML(true);
                } elseif ($_POST['mode'] == 'revoke') {
                    startHTML();
                    revokeUserAdminRights($gapps, true, $_POST['user']);
                    endHTML(true);
                } else {
                    header('HTTP/1.1 400 Bad Request');
                    startHTML();
                    echo "<h2>Invalid mode.</h2>\n";
                    echo "<p>Please check your request and try again.</p>";
                    endHTML(true);
                }
            case 'setForceChangePassword':
                if ($_POST['mode'] == 'set') {
                    startHTML();
                    setUserMustChangePassword($gapps, true, $_POST['user']);
                    endHTML(true);
                } elseif ($_POST['mode'] == 'clear') {
                    startHTML();
                    clearUserMustChangePassword($gapps, true, $_POST['user']);
                    endHTML(true);
                } else {
                    header('HTTP/1.1 400 Bad Request');
                    startHTML();
                    echo "<h2>Invalid mode.</h2>\n";
                    echo "<p>Please check your request and try again.</p>";
                    endHTML(true);
                }
            case 'deleteUser':
                startHTML();
                deleteUser($gapps, true, $_POST['user']);
                endHTML(true);
            case 'createNickname':
                startHTML();
                createNickname($gapps, true, $_POST['user'], $_POST['nickname']);
                endHTML(true);
            case 'deleteNickname':
                startHTML();
                deleteNickname($gapps, true, $_POST['nickname']);
                endHTML(true);
            case 'createEmailList':
                startHTML();
                createEmailList($gapps, true, $_POST['emailList']);
                endHTML(true);
            case 'deleteEmailList':
                startHTML();
                deleteEmailList($gapps, true, $_POST['emailList']);
                endHTML(true);
            case 'modifySubscription':
                if ($_POST['mode'] == 'subscribe') {
                    startHTML();
                    addRecipientToEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']);
                    endHTML(true);
                } elseif ($_POST['mode'] == 'unsubscribe') {
                    startHTML();
                    removeRecipientFromEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']);
                    endHTML(true);
                } else {
                    header('HTTP/1.1 400 Bad Request');
                    startHTML();
                    echo "<h2>Invalid mode.</h2>\n";
                    echo "<p>Please check your request and try again.</p>";
                    endHTML(true);
                }
        }
    }
    // Check for an invalid command. If so, display an error and exit.
    if (!empty($_REQUEST['command'])) {
        header('HTTP/1.1 400 Bad Request');
        startHTML();
        echo "<h2>Invalid command.</h2>\n";
        echo "<p>Please check your request and try again.</p>";
        endHTML(true);
    }
    // If a menu parameter is available, display a submenu.
    if (!empty($_REQUEST['menu'])) {
        switch ($_REQUEST['menu']) {
            case 'user':
                startHTML();
                displayUserMenu();
                endHTML();
            case 'nickname':
                startHTML();
                displayNicknameMenu();
                endHTML();
            case 'emailList':
                startHTML();
                displayEmailListMenu();
                endHTML();
            case 'logout':
                startHTML(false);
                logout();
                endHTML();
            default:
                header('HTTP/1.1 400 Bad Request');
                startHTML();
                echo "<h2>Invalid menu selection.</h2>\n";
                echo "<p>Please check your request and try again.</p>";
                endHTML(true);
        }
    }
    // If we get this far, that means there's nothing to do. Display
    // the main menu.
    // If no command was issued and no menu was selected, display the
    // main menu.
    startHTML();
    displayMenu();
    endHTML();
}
Example #2
0
<?php

include '../includes/includes.inc';
include '../includes/startApplication.php';
//include('../includes/functions/verifyviewer.inc');
$user = restoreUser();
if ($user != null && $user->checkPermissions(1, 1)) {
    // falls Admin-Rechte
    $isAdmin = 1;
} else {
    $isAdmin = 0;
    if ($user != null && $user->checkPermissions(0, 0, 0, 1, 1)) {
        // wenn ORDERER
        redirectURI("/orderer/index.php");
    }
    if ($user != null && $user->checkPermissions(0, 0, 1)) {
        // wenn USER
        redirectURI("/user/index.php");
    }
}
$LOG = new Log();
$tpl = new TemplateEngine("template/viewProduct.html", "template/frame.html", $lang["viewer_viewProduct"]);
$LOG->write('3', 'viewer/viewProduct.php');
$pID = $_GET['pID'];
$tpl->assign('ID', $pID);
//Produktdaten
$product_query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM products\n\t\t\t\tWHERE products_id = " . $pID . "\n\t\t\t\tAND deleted = 0\n\t\t\t\tORDER BY sort_order, name\n\t\t\t\t");
$product = DB_fetchArray($product_query);
$tpl->assign('name', $product['name']);
$tpl->assign('description', $product['description']);
//$tpl->assign('sort_order',$product['sort_order']);
Example #3
0
 *
 * All Drupal code is released under the GNU General Public License.
 * See COPYRIGHT.txt and LICENSE.txt.
 */
/**
 * Root directory of Drupal installation.
 */
define('DRUPAL_ROOT', getcwd());
/*For some reason the server could not derive well the scheme of the url and returned something like ://<host>
 * in Ubuntu, giving such a malformed base url and resulting in an identical path to the base_url and thereby
 * an empty base_root. It is not sure whether this exists also in non-ajax calls, but it seemed better to derive the
 * very basic globals the same for both ajax and non-ajax. So we derive the scheme based on the HTTPS server var and
 * our own path derivation in initial.php.
 * 
 *  COPY THIS FILE TO THE ROOT OF THE INSTALLATION, REPLACING THE DRUPAL INDEX!
 */
include DRUPAL_ROOT . '/initial.php';
//Needed to derive the _WEB_URL which will be '' or '/vals'
$scheme = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' ? 'https' : 'http';
$base_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . _WEB_URL;
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
$vals_soc_pretend_possible = defined('_DEBUG') && _DEBUG && (Users::isAdmin() || defined('_VALS_SOC_TEST_ENV') && _VALS_SOC_TEST_ENV);
if (Users::isAdmin() || $vals_soc_pretend_possible) {
    list($u, $o_state) = pretendUser();
}
menu_execute_active_handler();
if ($vals_soc_pretend_possible) {
    restoreUser($u, $o_state);
}
//////// EDIT THE FILE UNDER THE ROOT IF YOU HAVE ALREADY INSTALLED THE APPLICATION