<?php require_once '_required_lme.php'; // check access rights $is_can_edit = auth_CanIEdit(); if (!$is_can_edit) { die('Hacking attempt!'); } $project_alias = isset($_POST['project_alias']) ? $_POST['project_alias'] : die('No such project!'); $map_alias = isset($_POST['map_alias']) ? $_POST['map_alias'] : die('No such map!'); // получить project_id & map_id по алиасам! $data = array('hexcol' => intval($_POST['hexcoord_col']), 'hexrow' => intval($_POST['hexcoord_row']), 'hexcoords' => $_POST['hexcoords'], 'title' => $_POST['title'], 'content' => $_POST['textdata'], 'editor' => $_POST['editor_name'], 'edit_date' => time(), 'edit_reason' => $_POST['edit_reason'], 'ip' => $_SERVER['REMOTE_ADDR'], 'project_id' => 1, 'project_alias' => $project_alias, 'map_id' => 1, 'map_alias' => $map_alias); $put_result = $db->updateHexTile($data); $dbh = null; if ($data['editor'] != '') { setcookie('kw_trpg_lme_auth_editorname', $data['editor'], time() + 60 * 60 * 24 * 7, "/{$project_alias}/"); } unsetcookie('kwlme_filemanager_storagepath'); $TEMPLATE_DATA = array('html_callback' => "/{$project_alias}/{$map_alias}", 'html_callback_timeout' => 10); $tpl_file = 'put_content.callback.html'; $html = websun_parse_template_path($TEMPLATE_DATA, $tpl_file, '$/template'); echo $html;
$html_callback = '/mysettings'; break; case 'change_password': // $password_is_correct = $auth->comparePasswords($current_uid, $_POST['auth:changepassword:current']); $auth_result = $auth->changePassword($current_uid, $_POST['auth:changepassword:current'], $_POST['auth:changepassword:new'], $_POST['auth:changepassword:again']); $html_callback = '/mysettings'; break; case 'delete_account': //@todo: check EMail match ( $_POST['auth:deleteaccount:email'] ) //@todo: проверка, не удаляем ли мы OWNER'а с проектами или рута!!! $auth_result = $auth->deleteUser($current_uid, $_POST['auth:deleteaccount:password']); if (!$auth_result['error']) { /* Удаление аккаунта еще и вызывает логаут! */ if ($auth->logout($auth->getSessionHash())) { /* И удаление кук */ unsetcookie($authconfig->__get('cookie_name')); //@todo: Не забываем: еще нужно удалить записи из таблицы `lme_user_permissions` (которой еще нет) // и вообще много где подчистить мусор. } } $html_callback = '/'; break; default: redirect('/'); break; } // $auth_result['message'] = at($auth_result, 'message', print_r($_POST, true)); $template_data = array('error_messages' => $auth_result['message'], 'html_callback_timeout' => 10, 'html_callback' => $html_callback); $tpl_file = 'auth_callbacks/auth.callback.updateprofile.html'; $html = websun_parse_template_path($template_data, $tpl_file, '$/template'); echo $html;
<?php /** * User: Arris * Date: 06.09.15, time: 16:34 */ require_once '_required_lme.php'; switch ($_POST['auth:loginaction']) { case 'login': $auth_result = $auth->login($_POST["auth:login_email"], $_POST["auth:login_password"], at($_POST, "auth:login_remember_me", 0)); if (!$auth_result['error']) { // no errors setcookie($authconfig->__get('cookie_name'), $auth_result['hash'], time() + $auth_result['expire'], "/"); unsetcookie('kw_livemap_new_registred_username'); $html_callback = '/'; } else { $html_callback = '/login'; } break; case 'resendactivation': $auth_result = $auth->resendActivation($_POST["auth:login_email"]); $html_callback = $auth_result['error'] ? '/login' : '/activateaccount'; break; default: $html_callback = '/'; break; } $template_data = array('error_messages' => $auth_result['message'], 'html_callback_timeout' => 5, 'html_callback' => $html_callback); $tpl_file = 'auth_callbacks/auth.callback.login.html'; $html = websun_parse_template_path($template_data, $tpl_file, '$/template'); echo $html;