Example #1
0
/**
 * Initialize the appropriate session handler.
 * @param string Session ID
 */
function session_init( $p_session_id=null ) {
	global $g_session, $g_session_handler;

	switch( utf8_strtolower( $g_session_handler ) ) {
		case 'php':
			$g_session = new MantisPHPSession( $p_session_id );
			break;

		case 'adodb':

			# Not yet implemented
		case 'memcached':

			# Not yet implemented
		default:
			trigger_error( ERROR_SESSION_HANDLER_INVALID, ERROR );
			break;
	}

	if ( ON == config_get_global( 'session_validation' ) && session_get( 'secure_session', false ) ) {
		session_validate( $g_session );
	}
}
  that it was quite a problem to find a single translation
  based on a mistake observed on the site.
  This problem led to Translation by Search,
  where different Search Providers allowed to search for a given translation,
  and receive methods to edit it.
  Since Translation by Search and it's Search Providers worked in
  a stable and modular way, I decided to rewrite these Search Providers
  into Translation Providers, which also allow for paging in addition to the usual search procedure.
  In addition to the now completely modular, unified approach to translation,
  the site also got a new JavaScript interface, which uses the methods supplied by this file.
*/
require_once 'translationClass.php';
//
chdir('..');
require_once 'common.php';
session_validate() or Config::error('403 Forbidden');
session_mayTranslate() or Config::error('403 Forbidden');
//Actions:
switch ($_GET['action']) {
    /**
      @param $_GET['TranslationName']
      @param $_GET['BrowserMatch']
      @param $_GET['ImagePath']
      @param $_GET['RfcLanguage']
      @param $_GET['Active']
      @returns TranslationId
    */
    case 'createTranslation':
        Translation::createTranslation($_GET['TranslationName'], $_GET['BrowserMatch'], $_GET['ImagePath'], $_GET['RfcLanguage'], $_GET['Active']);
        header('Location: ' . $_SERVER['HTTP_REFERER'], 302);
        break;
<?php

require_once 'common.php';
require_once 'query/translationClass.php';
/*Login check and procedure*/
if (!session_validate($dbConnection)) {
    header('LOCATION: index.php');
}
if (!session_mayTranslate($dbConnection)) {
    header('LOCATION: index.php');
}
?>
<!DOCTYPE HTML>
<html>
  <?php 
$title = "The new translation…";
$jsFiles = array('extern/jquery.dataTables.js', 'dataTables.js');
require_once 'head.php';
?>
  <body>
    <?php 
require_once 'topmenu.php';
$action = array_key_exists('action', $_GET) ? $_GET['action'] : '';
switch ($action) {
    case 'translation':
        require_once 'translation/translation.php';
        break;
    case 'search':
        require_once 'translation/search.php';
        break;
    case 'missing':
Example #4
0
require_once '../query/cacheProvider.php';
if (php_sapi_name() === 'cli') {
    //Translating $argv to $_GET,$_POST:
    if (count($argv) > 1) {
        $action = $argv[1];
        switch ($action) {
            case 'import':
                if (count($argv) <= 2) {
                    die('Usage: php -f ' . $argv[0] . " import <file>\n");
                }
                $file = file_get_contents($argv[2]);
                break;
        }
    }
} else {
    $allowed = session_validate() && session_mayEdit();
    if (!$allowed) {
        //Special case for action=export:
        if (array_key_exists('ch1', $_GET) && array_key_exists('ch2', $_GET)) {
            $db = Config::getConnection();
            $login = $dbConnection->escape_string($_GET['ch1']);
            $hash = $dbConnection->escape_string($_GET['ch2']);
            $q = "SELECT AccessEdit FROM Edit_Users" . " WHERE Login = '******' AND Hash = '{$hash}'";
            if ($r = $db->query($q)->fetch_row()) {
                $allowed = $r[0] == 1;
            }
            unset($db, $login, $hash, $q, $r);
        }
        if (!$allowed) {
            Config::error('403 Forbidden');
            die('403 Forbidden');
Example #5
0
                $hash = md5($_POST['new']);
            }
            $uid = session_getUid();
            $q = "UPDATE Edit_Users SET Hash = '{$hash}' WHERE UserId = {$uid}";
            $dbConnection->query($q);
            session_destroy();
            header('LOCATION: index.php');
        } else {
            Config::error('Invalid session!');
        }
        break;
    case 'meanings':
        require_once 'meanings.php';
        break;
    default:
        if (session_validate()) {
            if (session_mayEdit()) {
                header('LOCATION: userAccount.php');
            } else {
                header('LOCATION: translate.php');
            }
        } else {
            ?>
        <!DOCTYPE HTML>
        <html><?php 
            $title = "Login to perform administration tasks.";
            require_once 'head.php';
            ?>
<body><?php 
            unset($loginMessage);
            require_once 'loginForm.php';
Example #6
0
<?php

session_start();
if (isset($_SESSION) && empty($_SESSION)) {
    header("location:../");
    die;
}
session_validate($_SESSION['session_type']);
function session_validate($session_type)
{
    require_once '../classes/db.class.php';
    $conn = new db();
    $dbcon = $conn->dbConnect();
    $i = 0;
    $sql = "SELECT team_id FROM amz_teams";
    $result = $conn->runsql($sql, $dbcon);
    while ($result_row = mysqli_fetch_object($result)) {
        $user_team_id[] = $result_row->team_id;
        $i++;
    }
    if ($session_type == "sda") {
        define("USER_ID", $_SESSION['sda_id'], TRUE);
        define("USER_NAME", $_SESSION['sda_name'], TRUE);
        define("USER_FIRST_NAME", $_SESSION['sda_first_name'], TRUE);
        define("USER_MAIL", $_SESSION['sda_mail'], TRUE);
        define("USER_TEAMS", json_encode($_SESSION['team_id']), TRUE);
        define("USER_TOT_TEAMS", $_SESSION['sda_team_count'], TRUE);
    } elseif ($session_type == "manager") {
        define("USER_ID", $_SESSION['manager_id'], TRUE);
        define("USER_NAME", $_SESSION['manager_name'], TRUE);
        define("USER_FIRST_NAME", $_SESSION['manager_first_name'], TRUE);