Example #1
0
function checkLogin($user, $hashed_pass, $uid = 0)
{
    global $dbName, $adminloggedIn, $loggedIn, $cookie, $warn, $step, $failImg, $lang;
    global $tempData, $userName, $fullname, $password, $userId, $userToken, $pageData, $groupData, $userOptions, $userIds;
    global $fb, $hardDemo;
    if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) {
        //Is admin Login?
        $statement = $db->prepare("SELECT * FROM Settings");
        if ($statement) {
            $statement->execute();
        } else {
            showHTML("{$failImg} Error while checking login/cookie information. Settings Database opened OK but statement execution failed.");
        }
        $tempData = $statement->fetchAll();
        if (strcasecmp($user, $tempData[0]['admin']) == 0 && $hashed_pass === md5(decrypt($tempData[0]['adminpass']))) {
            $adminloggedIn = true;
            $cookie = base64_encode("{$user}:" . $hashed_pass);
            setcookie('FBMPGPLogin', $cookie);
            if (isset($_GET['logs'])) {
                showLogs();
            } elseif (isset($_GET['rg']) && !$hardDemo) {
                //This refresh is used for Admin Token Install
                authRedirect();
            } elseif (isset($_GET['users'])) {
                require_once 'includes/showusers.php';
            } elseif (isset($_GET['crons'])) {
                require_once 'includes/showcrons.php';
            } elseif (isset($_GET['clogs'])) {
                if (file_exists($dbName . '-logs.db')) {
                    unlink($dbName . '-logs.db');
                }
                header("Location: ./?logs");
                exit;
            } else {
                showHTML(include_once 'includes/admin.php', $lang['Admin Panel']);
            }
        }
    } else {
        showHTML("{$failImg} Failed to open settings database while checking login information. Exiting...");
    }
    if ($db = new PDO('sqlite:' . $dbName . '-users.db')) {
        $statement = $db->prepare("SELECT COUNT(*) FROM FB WHERE username = \"{$user}\"");
        if ($statement) {
            $statement->execute();
        } else {
            showHTML("{$failImg} Error while checking login/cookie information. Users Database opened OK but statement execution failed.");
        }
        if ($statement->fetchColumn() > 0) {
            if ($uid) {
                $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\" AND userid = \"{$uid}\"");
            } else {
                $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\"");
            }
            if ($statement) {
                $statement->execute();
            } else {
                showHTML("{$failImg} Users Database query failed while checking login information");
            }
            $tempData = $statement->fetchAll();
            if (!$tempData) {
                $warn = $lang['User does not exist'];
                showLogin();
            }
            $userName = $tempData[0]['username'];
            $password = decrypt($tempData[0]['password']);
            $userToken = $tempData[0]['usertoken'];
            $fullname = $tempData[0]['fullname'];
            $pageData = $tempData[0]['pagedata'];
            $groupData = $tempData[0]['groupdata'];
            $userId = $tempData[0]['userid'];
            $userOptions = readOptions($tempData[0]['useroptions']);
            $userOptions = checkUserOptions($userOptions);
            $userOptions['lastActive'] = time();
            saveUserOptions();
            if ($uid) {
                $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\"");
                if ($statement) {
                    $statement->execute();
                } else {
                    showHTML("{$failImg} Users Database query failed while checking id information");
                }
                $tempData = $statement->fetchAll();
            }
            foreach ($tempData as $s) {
                $userIds[$s['fullname']] = $s['userid'];
            }
        }
    } else {
        showHTML("{$failImg} Failed to open users database while checking login information. Exiting...");
    }
    if (strcasecmp($user, $userName) != 0 || $hashed_pass != md5($password)) {
        if (isset($_POST['un'])) {
            $warn = $lang['Incorrect login info'];
        }
        showLogin();
    }
    $cookie = base64_encode("{$userName}:" . md5($password));
    $loggedIn = true;
}
Example #2
0
 * @package		DOCman15
 * @copyright	Copyright (C) 2003 - 2012 Johan Janssens. All rights reserved.
 * @license		GNU GPLv2 <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
 * @link     	http://www.joomladocman.org
 */
defined('_JEXEC') or die('Restricted access');
include_once dirname(__FILE__) . DS . 'logs.html.php';
require_once $_DOCMAN->getPath('classes', 'mambots');
JArrayHelper::toInteger($cid);
switch ($task) {
    case "remove":
        removeLog($cid);
        break;
    case "show":
    default:
        showLogs($option);
}
function showLogs($option)
{
    global $sectionid;
    $database = JFactory::getDBO();
    $mainframe = JFactory::getApplication();
    // request
    $limit = $mainframe->getUserStateFromRequest("viewlistlimit", 'limit', 10);
    $limitstart = $mainframe->getUserStateFromRequest("view{$option}{$sectionid}limitstart", 'limitstart', 0);
    $search = $mainframe->getUserStateFromRequest("search{$option}{$sectionid}", 'search', '');
    $search = $database->getEscaped(trim(strtolower($search)));
    $wheres = array();
    $wheres2 = array();
    // get the total number of records
    $query = "SELECT count(*)" . "\n FROM #__docman_log";
Example #3
0
    if (!$xoopsSecurity->check()) {
        redirectMsg('logs.php?item=' . $item, __('Session token not valid!', 'dtransport'), RMMSG_ERROR);
    }
    $db = XoopsDatabaseFactory::getDatabaseConnection();
    $sql = "DELETE FROM " . $db->prefix("dtrans_logs") . " WHERE id_log IN(" . implode(",", $ids) . ");";
    if ($db->queryF($sql)) {
        redirectMsg('logs.php?item=' . $item, __('Item logs deleted successfully!', 'dtransport'), RMMSG_SUCCESS);
    } else {
        redirectMsg('logs.php?item=' . $item, __('Logs could not be deleted!', 'dtransport') . '<br />' . $db->error(), RMMSG_ERROR);
    }
}
$action = rmc_server_var($_REQUEST, 'action', '');
switch ($action) {
    case 'new':
        dt_form_logs();
        break;
    case 'edit':
        dt_form_logs(1);
        break;
    case 'save':
        dt_save_log();
        break;
    case 'saveedit':
        dt_save_log(1);
        break;
    case 'delete':
        dt_delete_log();
        break;
    default:
        showLogs();
}