function checkLogin($user, $hashed_pass, $uid = 0) { global $dbName, $adminloggedIn, $loggedIn, $cookie, $warn, $step, $failImg, $lang; global $tempData, $userName, $fullname, $password, $userId, $userToken, $pageData, $groupData, $userOptions, $userIds; global $fb, $hardDemo; if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) { //Is admin Login? $statement = $db->prepare("SELECT * FROM Settings"); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Error while checking login/cookie information. Settings Database opened OK but statement execution failed."); } $tempData = $statement->fetchAll(); if (strcasecmp($user, $tempData[0]['admin']) == 0 && $hashed_pass === md5(decrypt($tempData[0]['adminpass']))) { $adminloggedIn = true; $cookie = base64_encode("{$user}:" . $hashed_pass); setcookie('FBMPGPLogin', $cookie); if (isset($_GET['logs'])) { showLogs(); } elseif (isset($_GET['rg']) && !$hardDemo) { //This refresh is used for Admin Token Install authRedirect(); } elseif (isset($_GET['users'])) { require_once 'includes/showusers.php'; } elseif (isset($_GET['crons'])) { require_once 'includes/showcrons.php'; } elseif (isset($_GET['clogs'])) { if (file_exists($dbName . '-logs.db')) { unlink($dbName . '-logs.db'); } header("Location: ./?logs"); exit; } else { showHTML(include_once 'includes/admin.php', $lang['Admin Panel']); } } } else { showHTML("{$failImg} Failed to open settings database while checking login information. Exiting..."); } if ($db = new PDO('sqlite:' . $dbName . '-users.db')) { $statement = $db->prepare("SELECT COUNT(*) FROM FB WHERE username = \"{$user}\""); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Error while checking login/cookie information. Users Database opened OK but statement execution failed."); } if ($statement->fetchColumn() > 0) { if ($uid) { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\" AND userid = \"{$uid}\""); } else { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\""); } if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Users Database query failed while checking login information"); } $tempData = $statement->fetchAll(); if (!$tempData) { $warn = $lang['User does not exist']; showLogin(); } $userName = $tempData[0]['username']; $password = decrypt($tempData[0]['password']); $userToken = $tempData[0]['usertoken']; $fullname = $tempData[0]['fullname']; $pageData = $tempData[0]['pagedata']; $groupData = $tempData[0]['groupdata']; $userId = $tempData[0]['userid']; $userOptions = readOptions($tempData[0]['useroptions']); $userOptions = checkUserOptions($userOptions); $userOptions['lastActive'] = time(); saveUserOptions(); if ($uid) { $statement = $db->prepare("SELECT * FROM FB WHERE username = \"{$user}\""); if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Users Database query failed while checking id information"); } $tempData = $statement->fetchAll(); } foreach ($tempData as $s) { $userIds[$s['fullname']] = $s['userid']; } } } else { showHTML("{$failImg} Failed to open users database while checking login information. Exiting..."); } if (strcasecmp($user, $userName) != 0 || $hashed_pass != md5($password)) { if (isset($_POST['un'])) { $warn = $lang['Incorrect login info']; } showLogin(); } $cookie = base64_encode("{$userName}:" . md5($password)); $loggedIn = true; }
* @package DOCman15 * @copyright Copyright (C) 2003 - 2012 Johan Janssens. All rights reserved. * @license GNU GPLv2 <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> * @link http://www.joomladocman.org */ defined('_JEXEC') or die('Restricted access'); include_once dirname(__FILE__) . DS . 'logs.html.php'; require_once $_DOCMAN->getPath('classes', 'mambots'); JArrayHelper::toInteger($cid); switch ($task) { case "remove": removeLog($cid); break; case "show": default: showLogs($option); } function showLogs($option) { global $sectionid; $database = JFactory::getDBO(); $mainframe = JFactory::getApplication(); // request $limit = $mainframe->getUserStateFromRequest("viewlistlimit", 'limit', 10); $limitstart = $mainframe->getUserStateFromRequest("view{$option}{$sectionid}limitstart", 'limitstart', 0); $search = $mainframe->getUserStateFromRequest("search{$option}{$sectionid}", 'search', ''); $search = $database->getEscaped(trim(strtolower($search))); $wheres = array(); $wheres2 = array(); // get the total number of records $query = "SELECT count(*)" . "\n FROM #__docman_log";
if (!$xoopsSecurity->check()) { redirectMsg('logs.php?item=' . $item, __('Session token not valid!', 'dtransport'), RMMSG_ERROR); } $db = XoopsDatabaseFactory::getDatabaseConnection(); $sql = "DELETE FROM " . $db->prefix("dtrans_logs") . " WHERE id_log IN(" . implode(",", $ids) . ");"; if ($db->queryF($sql)) { redirectMsg('logs.php?item=' . $item, __('Item logs deleted successfully!', 'dtransport'), RMMSG_SUCCESS); } else { redirectMsg('logs.php?item=' . $item, __('Logs could not be deleted!', 'dtransport') . '<br />' . $db->error(), RMMSG_ERROR); } } $action = rmc_server_var($_REQUEST, 'action', ''); switch ($action) { case 'new': dt_form_logs(); break; case 'edit': dt_form_logs(1); break; case 'save': dt_save_log(); break; case 'saveedit': dt_save_log(1); break; case 'delete': dt_delete_log(); break; default: showLogs(); }