public function dispatch($action) { if (!empty($_GET['wid']) and !empty($_GET['hash'])) { if (isset($_GET['hash']) && !$this->validateUser($_GET['wid'], $_GET['hash'])) { $result = new ResultObj(false, '', 'Invalid User Hash:' . $_GET['hash']); echo $result->toJson(); exit; } //get hash and compare with $_GET['hahs'] //if(OK) setMyCookie('ugg_wid1', $_GET['wid'], time() + 86400); } else { if (!empty($_GET['wid'])) { $wid = getCookie('ugg_wid1'); if (!empty($wid) and $wid != $_GET['wid']) { //echo $wid;exit; //return $this->authAction(); } } } /*//check login status $user = $this->getCurrentUser(); if(!$user->isLoggedIn()) { $data['success'] = false; $data['error_code'] = 101; $data['message'] = "请登入"; echo json_encode($data); return false; }*/ return $this->{$action}(); }
public function loginUser() { $o = new SaeTOAuthV2(WB_AKEY, WB_SKEY); $code = getQuery('code'); if (isset($code)) { $keys = array(); $keys['code'] = $code; $keys['redirect_uri'] = WB_CALLBACK_URL; try { $tokenData = $o->getAccessToken('code', $keys); } catch (OAuthException $e) { } } if ($tokenData) { $token = $tokenData['access_token']; $userData = $this->loadData($token); $data['uid'] = $this->userID; $data['nick'] = $this->userName; $data['pictureBig'] = $this->pictureBig; $data['pictureSmall'] = $this->pictureSmall; $data['access_token'] = $token; $data['mobile'] = $this->mobile; setMyCookie('weiboAuthToken', $data); //setcookie( 'weibojs_'.$o->client_id, http_build_query($tokenData)); return true; } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>UGG</title> </head> <body> <script type="text/javascript"> window.close(); </script> </body> </html> <?php } }
public function passwordResetAction() { if (isset(Request::getUri()[0])) { $model = new PageModel(); if ($model->recoveryHashExist(Request::getUri()[0])) { $this->view->success = false; if (isPost()) { $post = allPost(); if (isset($post['email']) && isset($post['password']) && isset($post['password2'])) { if ($post['password'] == $post['password2']) { if (checkLenght($post['password'], 6, 20)) { if ($model->recoveryHashExist(Request::getUri()[0], $post['email'])) { if ($model->resetPassword($post['email'], $post['password'])) { $this->view->msg = "You have successfully changed password."; $this->view->success = true; $message = "Dear,<br/>Your account password at <a href=\"" . SITE_URL . "\">" . SITE_NAME . "</a> was changed.<br/>" . "New password is " . $post['password'] . "<br/>" . "Please do not share him!" . "<br/><br/>" . "Thanks for using our service,<br/>" . "Best regards,<br/>Administration."; $headers = "MIME-Version: 1.0\r\n" . "Content-type: text/html; charset=utf-8\r\n"; if (mail($post['email'], "Password Reset", $message, $headers)) { $this->view->msg .= " Notification about password reset was sent to your email."; } } else { $this->view->msg = "Something wrong. Please try again later."; } } else { $this->view->msg = "Wrong email. Please check entered data"; } } else { $this->view->msg = "Allowed password length may be from 6 to 20 characters."; } } else { $this->view->msg = "Passwords aren't similar! Try again"; } } else { $this->view->msg = "You must fill all fields! Try again"; } } $model->deleteOldRecovery(); $this->view->langPars = true; $this->view->hash = Request::getUri()[0]; $this->view->title = Lang::translate("PASSWORD_RESET_TITLE"); } else { setMyCookie('error', "Wrong password recovery code.", time() + 5); redirect(url('page', 'recovery')); } } else { redirect(url()); } }
function createXexecRedemptionExport($post) { global $db; setMyCookie($post, 'crukRed'); $CSVMaster = "<table>"; $sqlWhere = getRedeemSQL($post["EmpNum"]); $dateSQL = getRedeemDates($post, "bo."); $sql = "SELECT *\n \t\t\tFROM tblbasket b, tblbasketorders bo, tblempall a\n \t\t\tWHERE b.orderID IS NOT NULL \n\t\t\tAND b.orderID = bo.id \n\t\t\tAND b.EmpNum = a.EmpNum \n\t\t\t" . $sqlWhere . $dateSQL . " ORDER BY bo.id DESC"; $stmt = $db->prepare($sql); $stmt->execute(); $CSVLine .= "<tr>"; if ($post["NomineeID"] == "yes") { $CSVLine .= "<td>Nominee ID</td>"; } if ($post["Nominee"] == "yes") { $CSVLine .= "<td>Nominee</td>"; } if ($post["Department"] == "yes") { $CSVLine .= "<td>Department</td>"; } if ($post["NomGrade"] == "yes") { $CSVLine .= "<td>Grade</td>"; } if ($post["RedeemDate"] == "yes") { $CSVLine .= "<td>Redeem Date</td>"; } if ($post["TransCode"] == "yes") { $CSVLine .= "<td>Order Ref</td>"; } if ($post["ProdCat"] == "yes") { $CSVLine .= "<td>Product Category</td>"; } if ($post["Product"] == "yes") { $CSVLine .= "<td>Product</td>"; } if ($post["AmountSpent"] == "yes") { $CSVLine .= "<td>Amount Spent</td>"; } if ($post["CurrentBalance"] == "yes") { $CSVLine .= "<td>Current Balance</td>"; } $CSVLine .= "<td>Address 1</td>"; $CSVLine .= "<td>Address 2</td>"; $CSVLine .= "<td>Town</td>"; $CSVLine .= "<td>Postcode</td>"; $CSVLine .= "</tr>"; $CSVMaster .= $CSVLine; while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $CSVLine = "<tr>"; $dbline = $row; $Nominee = getUser($dbline["EmpNum"]); $EmpAwards = getAvailable($dbline["EmpNum"]); $ProdData = getProductByID($dbline["prID"]); $CCTrans = getCCTransaction($dbline["orderID"]); $prodCat = getProductCategory($ProdData["subID"]); // We check each field and then add it to the CSV if ($post["NomineeID"] == "yes") { $CSVLine .= "<td>" . $dbline["EmpNum"] . "</td>"; } if ($post["Nominee"] == "yes") { $CSVLine .= "<td>" . Trim($Nominee->Fname) . " " . Trim($Nominee->Sname) . "</td>"; } if ($post["Department"] == "yes") { $CSVLine .= "<td>" . Trim($Nominee->Department) . "</td>"; } if ($post["NomGrade"] == "yes") { $CSVLine .= "<td>" . Trim($Nominee->Grade) . "</td>"; } if ($post["RedeemDate"] == "yes") { $CSVLine .= "<td>" . $dbline["date"] . "</td>"; } if ($post["TransCode"] == "yes") { $CSVLine .= "<td>CR" . $dbline["orderID"] . "</td>"; } if ($post["ProdCat"] == "yes") { $CSVLine .= "<td>" . Trim($prodCat["label"]) . "</td>"; } if ($post["Product"] == "yes") { $CSVLine .= "<td>" . Trim($ProdData["aTitle"]) . "</td>"; } $totalprice = floatval($dbline["totalPrice"]) + floatval($CCTrans->Amount); if ($post["AmountSpent"] == "yes") { $CSVLine .= "<td>" . Trim($totalprice) . "</td>"; } if ($post["CurrentBalance"] == "yes") { $CSVLine .= "<td>" . $EmpAwards . "</td>"; } $CSVLine .= "<td>" . Trim($dbline["address1"]) . "</td>"; $CSVLine .= "<td>" . Trim($dbline["address2"]) . "</td>"; $CSVLine .= "<td>" . Trim($dbline["town"]) . "</td>"; $CSVLine .= "<td>" . Trim($dbline["postcode"]) . "</td>"; $CSVLine .= "</tr>"; $CSVMaster .= $CSVLine; } $CSVMaster .= $CSVLine . "</table>"; return $CSVMaster; }
function user_logged_in() { if (isset($GLOBALS['cook']) and trim($GLOBALS['cook']) != '') { $c = explode('|', $GLOBALS['cook']); } else { $c = getMyCookie(); } $username = $c[0]; $userpassword = $c[1]; $exptime = $c[2] + 0; $returned = FALSE; $resetCookie = FALSE; if ($username == '') { $returned = FALSE; return; } $GLOBALS['user_usr'] = $username; $pasttime = $exptime - time(); if (strlen($GLOBALS['admin_pwd']) == 32) { $user_pwd_cmp = $GLOBALS['admin_pwd']; } else { $user_pwd_cmp = writeUserPwd($GLOBALS['admin_pwd']); } if (isset($GLOBALS['loginsCase']) and $GLOBALS['loginsCase']) { $caseComp1 = $GLOBALS['caseComp'] . '('; $caseComp2 = ')'; $usernameSql = strtolower($username); } else { $caseComp1 = ''; $caseComp2 = ''; $usernameSql = $username; } if (($username == $GLOBALS['admin_usr'] or isset($GLOBALS['loginsCase']) and $GLOBALS['loginsCase'] and strtolower($username) == strtolower($GLOBALS['admin_usr'])) and $userpassword == $user_pwd_cmp) { //if ($username==$GLOBALS['admin_usr'] and $userpassword==$GLOBALS['admin_pwd']) { $returned = TRUE; $GLOBALS['logged_user'] = 0; $GLOBALS['logged_admin'] = 1; $GLOBALS['user_id'] = 1; if ($row = db_simpleSelect(0, $GLOBALS['Tu'], $GLOBALS['dbUserSheme']['user_sorttopics'][1] . ',' . $GLOBALS['dbUserSheme']['language'][1] . ', ' . $GLOBALS['dbUserSheme']['num_posts'][1], $GLOBALS['dbUserId'], '=', 1)) { $GLOBALS['user_sort'] = $row[0]; } $GLOBALS['langu'] = $row[1]; $GLOBALS['user_num_posts'] = $row[2]; $username = $GLOBALS['admin_usr']; if ($pasttime <= $GLOBALS['cookie_renew']) { // if expiration time of cookie is less than defined in setup, we redefine it below $resetCookie = TRUE; } } elseif ($row = db_simpleSelect(0, $GLOBALS['Tu'], $GLOBALS['dbUserId'] . ',' . $GLOBALS['dbUserSheme']['user_sorttopics'][1] . ',' . $GLOBALS['dbUserSheme']['language'][1] . ',' . $GLOBALS['dbUserAct'] . ',' . $GLOBALS['dbUserSheme']['user_password'][1] . ', ' . $GLOBALS['dbUserSheme']['username'][1] . ', ' . $GLOBALS['dbUserSheme']['num_posts'][1], $caseComp1 . $GLOBALS['dbUserSheme']['username'][1] . $caseComp2, '=', $usernameSql, '', 1)) { if ($row[4] == $userpassword) { $returned = TRUE; $GLOBALS['user_id'] = $row[0]; $GLOBALS['user_sort'] = $row[1]; $GLOBALS['logged_user'] = 1; $GLOBALS['logged_admin'] = 0; $GLOBALS['langu'] = $row[2]; $GLOBALS['user_activity'] = $row[3]; $username = $row[5]; $GLOBALS['user_num_posts'] = $row[6]; if ($pasttime <= $GLOBALS['cookie_renew']) { $resetCookie = TRUE; } } else { /* Preventing hijack */ $username = ''; $GLOBALS['user_usr'] = $username; } } else { $returned = FALSE; if ($pasttime <= $GLOBALS['cookie_renew']) { $userpassword = ''; $resetCookie = TRUE; } } if ($resetCookie) { deleteMyCookie(); setMyCookie($username, $userpassword, $GLOBALS['cookieexptime']); } return $returned; }
} if (!isset($_POST['adminpwd'])) { $_POST['adminpwd'] = ''; } if (strlen($admin_pwd) == 32) { $encodePass = FALSE; $comparePass = writeUserPwd($_POST['adminpwd']); } else { $encodePass = TRUE; $comparePass = $_POST['adminpwd']; } //echo $comparePass; if ($_POST['adminusr'] == $admin_usr and $comparePass == $admin_pwd) { $cook = $admin_usr . '|' . $comparePass . '|' . $cookieexptime; deleteMyCookie(); setMyCookie($admin_usr, $admin_pwd, $cookieexptime, $encodePass); if (isset($metaLocation)) { $meta_relocate = "{$main_url}/{$bb_admin}"; echo ParseTpl(makeUp($metaLocation)); exit; } else { header("Location: {$main_url}/{$bb_admin}"); } } else { $warning = $l_incorrect_login; } } // if mode=login, for preventing login checkout // if mode=login, for preventing login checkout default: $user_id = 0;
$user_usr = $l_anonymous; break; } } } if ($fake == 0) { if (isset($disallowNamesIndex) and is_array($disallowNamesIndex)) { foreach ($disallowNamesIndex as $dn) { if (substr_count(strtolower($user_usr), strtolower($dn)) > 0) { include $pathToFiles . "lang/{$lang}.php"; $user_usr = $l_anonymous; break; } } } } if (isset($_COOKIE[$cookiename])) { $cookievalue = explode("|", $_COOKIE[$cookiename]); $user_usrOLD = $cookievalue[0]; } else { $user_usrOLD = ''; } if ($user_usr != $user_usrOLD) { // We don't need to set a cookie if the same 'anonymous name' specified $cook = $user_usr . '||' . $cookieexptime; deleteMyCookie(); setMyCookie($user_usr, '', $cookieexptime); } } } }
<?php include_once 'lib/functions.php'; $cookieValue = checkCookieExists("info"); $cookieValue = getCookieData($cookieValue); $userName = $cookieValue['userName']; $authKey = $cookieValue['authKey']; $software = $cookieValue['software']; $auth = new RackAuth($userName, $authKey); @$auth->auth(); $lastHTTPCode = Request::getLastHTTPCode(); $lastErrorMessage = Request::getLastError(); if ($lastHTTPCode == 204) { $apiAuthInfo = array('XAuthToken' => $auth->getXAuthToken(), 'XStorageToken' => $auth->getXStorageToken(), 'XStorageUrl' => $auth->getXStorageUrl(), 'XServerManagementUrl' => $auth->getXServerManagementUrl(), 'XCDNManagementUrl' => $auth->getXCDNManagementUrl()); $cookieContent = makeCookie($apiAuthInfo); setMyCookie("apidetails", $cookieContent, 3600); } include 'header2.php'; ob_start(); if ($software == "magento") { print "<p>Since you have chosen Magento, you may want to choose a size larger than 4Gb.</p>"; } if ($debug) { echo "<p>HTTPCode: {$lastHTTPCode}<br>\nErrorMessage: {$lastErrorMessage}</p>\n"; } if ($lastHTTPCode == (401 | 403)) { print "There seems to be a problem with your authentication info. Please <a href=\"/\">try again</a>."; include 'footer2.php'; exit(1); } if ($lastHTTPCode == 413) {
$flavorID = $_POST['flavorID']; settype($imageID, "integer"); settype($flavorID, "integer"); $newServer = $cloudServers->createServer($serverName, $imageID, $flavorID, array("Description" => "Deployed by http://deployitron.com")); $lastHTTPCode = Request::getLastHTTPCode(); $lastErrorMessage = Request::getLastError(); if ($lastHTTPCode != 202) { include 'header2.php'; print "There was a problem creating the image. Maybe you should try a different image name. Please <a href=\"javascript: history.go(-1)\">try again</a>."; include 'footer.php'; exit(1); } $newServer = object2array($newServer); $serverInfo = array('serverID' => $newServer['server']['id'], 'serverPwd' => $newServer['server']['adminPass'], 'serverAddresses' => $newServer['server']['addresses']); $cookieContent = makeCookie($serverInfo); setMyCookie("serverdetails", $cookieContent, 3600); // Add info to the DB for analysis require_once 'MDB2.php'; $dsn = "mysql://{$dbuser}:{$dbpasswd}@{$dbhost}/{$dbname}"; $options = array('persistent' => true); $mdb2 =& MDB2::factory($dsn, $options); $userName = md5($userName); $sql = "SELECT * FROM user_info WHERE username='******'"; $result = $mdb2->query($sql); $data = $result->fetchAll(); $result->free(); $data = $mdb2->queryAll($sql); if (empty($data)) { $sql = "INSERT INTO user_info (username,count) VALUES (\"{$userName}\",1);"; $statement = $mdb2->prepare($sql); $statement->execute($data);
exit; } else { header("Location: {$main_url}/{$bb_admin}"); } case 'login': if ($mode == 'login') { if (isset($_POST['adminusr']) and $_POST['adminusr'] == $admin_usr and isset($_POST['adminpwd']) and $_POST['adminpwd'] == $admin_pwd) { $cook = $admin_usr . '|' . md5($admin_pwd) . '|' . $cookieexptime; if ($useSessions) { if (!session_is_registered('minimalistBBSession')) { session_register('minimalistBBSession'); } $_SESSION['minimalistBBSession'] = $cook; } deleteMyCookie(); setMyCookie($admin_usr, $admin_pwd, $cookieexptime); if (isset($metaLocation)) { $meta_relocate = "{$main_url}/{$bb_admin}"; echo ParseTpl(makeUp($metaLocation)); exit; } else { header("Location: {$main_url}/{$bb_admin}"); } } else { $warning = $l_incorrect_login; } } // if mode=login, for preventing login checkout // if mode=login, for preventing login checkout default: $user_id = 0;
$sub = explode('<<', $sub[1]); $emailMsg = trim($sub[1]); $sub = $sub[0]; sendMail(${$dbUserSheme['user_email'][2]}, $sub, $emailMsg, $reply_to_email, $reply_to_email); } if ($emailadmin == 1 and $genEmailDisable != 1) { $emailMsg = ParseTpl(makeUp('email_admin_userregister_' . $langOrig)); $sub = explode('SUBJECT>>', $emailMsg); $sub = explode('<<', $sub[1]); $emailMsg = trim($sub[1]); $sub = $sub[0]; sendMail($admin_email, $sub, $emailMsg, ${$dbUserSheme['user_email'][2]}, $reply_to_email); } /* Auto Sign-in */ deleteMyCookie(); setMyCookie($username, $passwd, $cookieexptime); setCSRFCheckCookie(); $title .= $l_userRegistered; $errorMSG = $l_thankYouReg; $correctErr = $l_goToLogin; $tpl = makeUp('main_warning'); } else { $title .= $l_itseemserror; $errorMSG = $l_itseemserror; $correctErr = $backErrorLink; $tpl = makeUp('main_warning'); } } else { $action = 'register'; if (file_exists($pluginsFile)) { include $pluginsFile;
<?php include_once 'lib/functions.php'; $userName = $_POST['username']; $authKey = $_POST['authkey']; $software = $_POST['software']; if (!preg_match('/^[a-z][0-9a-z]{2,15}$/', $userName)) { include 'header.php'; print "There seems to be a problem with your username. Please <a href=\"javascript: history.go(-1)\">try again</a>."; include 'footer2.php'; exit(1); } if (strlen($authKey) != 32) { include 'header.php'; print "There seems to be a problem with your authkey. Please <a href=\"javascript: history.go(-1)\">try again</a>."; include 'footer2.php'; exit(1); } if (empty($software)) { include 'header.php'; print "You must choose a software package to install. Please <a href=\"javascript: history.go(-1)\">try again</a>."; include 'footer2.php'; exit(1); } $info = array('userName' => $userName, 'authKey' => $authKey, 'software' => $software); $cookieContent = makeCookie($info); setMyCookie("info", $cookieContent, 3600); header('Location: http://' . $_SERVER['SERVER_NAME'] . '/info.php');
function user_logged_in() { if (isset($GLOBALS['cook']) and trim($GLOBALS['cook']) != '') { $c = explode('|', $GLOBALS['cook']); } elseif (isset($_SESSION['minimalistBBSession'])) { $c = explode('|', $_SESSION['minimalistBBSession']); } else { $c = getMyCookie(); } $username = $c[0]; $userpassword = $c[1]; $exptime = $c[2]; $returned = FALSE; $resetCookie = FALSE; if ($username == '') { $returned = FALSE; return; } $GLOBALS['user_usr'] = $username; $pasttime = $exptime - time(); if ($username == $GLOBALS['admin_usr'] and $userpassword == md5($GLOBALS['admin_pwd'])) { $returned = TRUE; $GLOBALS['logged_user'] = 0; $GLOBALS['logged_admin'] = 1; $GLOBALS['user_id'] = 1; if ($row = db_simpleSelect(0, $GLOBALS['Tu'], $GLOBALS['dbUserSheme']['user_sorttopics'][1] . ',' . $GLOBALS['dbUserSheme']['language'][1], $GLOBALS['dbUserId'], '=', 1)) { $GLOBALS['user_sort'] = $row[0]; } $GLOBALS['langu'] = $row[1]; if ($pasttime <= $GLOBALS['cookie_renew']) { // if expiration time of cookie is less than defined in setup, we redefine it below $resetCookie = TRUE; } } elseif ($userpassword != '' and $row = db_simpleSelect(0, $GLOBALS['Tu'], $GLOBALS['dbUserId'] . ',' . $GLOBALS['dbUserSheme']['user_sorttopics'][1] . ',' . $GLOBALS['dbUserSheme']['language'][1] . ',' . $GLOBALS['dbUserAct'], $GLOBALS['dbUserId'], '=', $GLOBALS['USER']->user_id, '', 1)) { $returned = TRUE; $GLOBALS['user_id'] = $row[0]; $GLOBALS['user_sort'] = $row[1]; $GLOBALS['logged_user'] = 1; $GLOBALS['logged_admin'] = 0; $GLOBALS['langu'] = $row[2]; $GLOBALS['user_activity'] = $row[3]; //modify based on geograph user status global $USER; if ($USER->hasPerm('admin')) { $GLOBALS['logged_user'] = 0; $GLOBALS['logged_admin'] = 1; } if ($pasttime <= $GLOBALS['cookie_renew']) { $resetCookie = TRUE; } } else { $returned = FALSE; if ($pasttime <= $GLOBALS['cookie_renew']) { $userpassword = ''; $resetCookie = TRUE; } } if ($resetCookie) { deleteMyCookie(); setMyCookie($username, $userpassword, $GLOBALS['cookieexptime']); } return $returned; }