function login($user, $pass)
{
global $session;
if (!valid_passwd($pass) || valid_user($user, $pass, $privilege)) {
$session['user'] = $user;
$session['privilege'] = $privilege;
echo "&end";
} else {
echo "¬found";
}
}
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else {
echo "Connection successful.";
}
try {
if (!valid_user($user)) {
throw new Exception('That is not a valid email address.
Please go back and try again.');
}
if ($_POST['password'] != $_POST['password2']) {
throw new Exception('The passwords you entered do not match -
please go back and try again.');
}
if ($_POST['password'] < 6 || $_POST['password'] > 15) {
throw new Exception('The password you entered does not meet
the required length or is too long');
}
function _try_login($username, $password)
{
global $wefactapiurl, $wefactapikey;
if (!valid_user($username)) {
return false;
}
$do_local_auth = true;
if (isset($wefactapiurl) && isset($wefactapikey)) {
$wefact = do_wefact_auth($username, $password);
if (false === $wefact) {
return false;
}
if (-1 !== $wefact) {
$do_local_auth = false;
}
}
if ($do_local_auth && !do_db_auth($username, $password)) {
return false;
}
$user = get_user_info($username);
if (!$user) {
return false;
} else {
_set_current_user($username, (bool) $user['isadmin']);
if (session_id()) {
session_unset();
session_destroy();
}
session_start() or die('session failure: could not start session');
session_regenerate_id(true) or die('session failure: regenerated id failed');
session_unset();
$_SESSION['username'] = $username;
# requires session:
_check_csrf_token($user);
return true;
}
}
function add_db_zone($zonename, $ownername)
{
if (valid_user($ownername) === false) {
jtable_respond(null, 'error', "{$ownername} is not a valid username");
}
if (!_valid_label($zonename)) {
jtable_respond(null, 'error', "{$zonename} is not a valid zonename");
}
if (is_apiuser() && !user_exists($ownername)) {
add_user($ownername);
}
$db = get_db();
$q = $db->prepare("INSERT OR REPLACE INTO zones (zone, owner) VALUES (?, (SELECT id FROM users WHERE emailaddress = ?))");
$q->bindValue(1, $zonename, SQLITE3_TEXT);
$q->bindValue(2, $ownername, SQLITE3_TEXT);
$q->execute();
$db->close();
}
function get_project(&$response)
{
// Make sure we have a projectid.
if (!isset($_REQUEST['project'])) {
$response['error'] = 'No projectid specified';
http_response_code(400);
return false;
}
if (!is_array($_REQUEST['project'])) {
$_REQUEST['project'] = json_decode($_REQUEST['project'], true);
}
if (!isset($_REQUEST['project']['Id'])) {
$response['error'] = 'No projectid specified';
http_response_code(400);
return false;
}
$projectid = $_REQUEST['project']['Id'];
if (!is_numeric($projectid) || $projectid < 1) {
$response['error'] = 'No projectid specified';
http_response_code(400);
return false;
}
// Make sure the project exists.
$Project = new Project();
$Project->Id = $projectid;
if (!$Project->Exists()) {
$response['error'] = 'This project does not exist.';
http_response_code(400);
return false;
}
// Make sure we have an authenticated user that has access to this project.
if (!valid_user($reponse, $projectid)) {
return false;
}
return $Project;
}
<?php
include "fhd_config.php";
include "includes/header.php";
include "includes/all-nav.php";
include "includes/ez_sql_core.php";
include "includes/ez_sql_mysqli.php";
include "includes/functions.php";
$db = new ezSQL_mysqli(db_user, db_password, db_name, db_host);
$queryadd = "";
$colspan = 2;
if ($user_level == 1) {
$queryadd = " AND call_user = {$user_id}";
$colspan = 1;
}
if (isset($_GET['user_id'])) {
$queryadd = " AND call_user = "******"SELECT call_id,call_date,call_first_name,call_last_name,call_request,call_department,call_device from site_calls WHERE (call_status = 0) $queryadd order by call_id desc;";
$myquery = "SELECT call_id,call_date,call_first_name,call_last_name,call_request,call_department,call_device from site_calls WHERE (call_status = 0) order by call_id desc;";
$site_calls = $db->get_results($myquery);
$num = $db->num_rows;
//$db->debug();
echo "<h4><i class='fa fa-tags'></i> Laporan Masalah <small>[ {$num} ]</small></h4>";
if ($num > 0) {
?>
<table class="<?php
echo $table_style_1;
?>
" style='width: auto;'>
<tr>
}
$user_pending = 0;
if (isset($_POST['user_pending'])) {
$user_pending_value = $db->escape($_POST['user_pending']);
if ($user_pending_value == 1) {
$user_pending = 1;
}
}
$db->query("UPDATE site_users SET {$user_password_set} user_email='{$user_email}',user_name='{$user_name}',user_phone='{$user_phone}',user_address='{$user_address}',user_city='{$user_city}',user_state='{$user_state}',user_zip='{$user_zip}',user_country='{$user_country}',user_level={$user_level},user_msg_send={$user_msg_send},user_protect_edit={$user_protect_edit},user_pending={$user_pending} where user_id = {$url_user_id};");
$actionstatus = "<div class=\"alert alert-success\" style=\"max-width: 250px;\">\n <button type=\"button\" class=\"close\" data-dismiss=\"alert\">×</button>\n User Update Successful.\n </div>";
//$db->debug();
}
}
//</UPDATE>
if (isset($_REQUEST['url_user_id'])) {
$url_user_id = valid_user($_REQUEST['url_user_id']);
$site_users = $db->get_row("SELECT user_login,user_password,user_name,user_address,user_city,user_state,user_zip,user_country,user_phone,user_email,user_msg_send,user_protect_edit,user_pending,user_level FROM site_users WHERE (user_id = {$url_user_id}) limit 1;");
$user_msg_send = $site_users->user_msg_send;
$user_protect_edit = $site_users->user_protect_edit;
$user_pending = $site_users->user_pending;
}
$nacl = md5(AUTH_KEY . $db->get_var("select last_login from site_users where user_id = {$user_id};"));
echo $actionstatus;
?>
<p><a href="fhd_users.php">Users</a></p>
<form action="fhd_edit_user.php" method="post" class="form-horizontal">
<table class="<?php
echo $table_style_2;
?>
}
if (user_exists($emailaddress)) {
jtable_respond(null, 'error', 'User already exists');
}
if (add_user($emailaddress, $isadmin, $password)) {
$result = array('emailaddress' => $emailaddress, 'isadmin' => $isadmin);
jtable_respond($result, 'single');
} else {
jtable_respond(null, 'error', 'Could not create user');
}
break;
case "update":
$emailaddress = isset($_POST['emailaddress']) ? $_POST['emailaddress'] : '';
$isadmin = isset($_POST['isadmin']) ? $_POST['isadmin'] : '0';
$password = isset($_POST['password']) ? $_POST['password'] : '';
if (!valid_user($emailaddress)) {
jtable_respond(null, 'error', "Please only use ^[a-z0-9@_.-]+\$ for usernames");
}
if (!user_exists($emailaddress)) {
jtable_respond(null, 'error', 'Cannot update not existing user');
}
if (update_user($emailaddress, $isadmin, $password)) {
$result = array('emailaddress' => $emailaddress, 'isadmin' => $isadmin);
jtable_respond($result, 'single');
} else {
jtable_respond(null, 'error', 'Could not update user');
}
break;
case "delete":
if (delete_user($_POST['id']) !== FALSE) {
jtable_respond(null, 'delete');
function get_real_rcontent($ResultadoExtendido, $rcontent_original, $bookid)
{
global $DB;
log_to_file("Forzar Guardar");
$rcontentoriginalid = $ResultadoExtendido->idContenidoLMS;
log_to_file('Original rcontenid:' . $rcontentoriginalid);
// Search UNIT
$unit = false;
if (isset($ResultadoExtendido->idUnidad) && !empty($ResultadoExtendido->idUnidad)) {
$unit = rcommon_unit::get_from_code($ResultadoExtendido->idUnidad, $bookid);
}
if (!$unit) {
// No unit provided, the real rcontent is the original
return false;
}
log_to_file('unit:' . $unit->code . '-' . $unit->id);
// Search ACTIVITY
$activity = false;
if (isset($ResultadoExtendido->idActividad) && !empty($ResultadoExtendido->idActividad)) {
$activity = rcommon_activity::get_from_code($ResultadoExtendido->idActividad, $unit->id, $bookid);
}
if ($activity) {
log_to_file('activity:' . $activity->code . '-' . $activity->id);
if ($rcontent_original->unitid == $unit->id && $rcontent_original->activityid == $activity->id) {
// Unit and activity match, the real rcontent is the original
return $rcontent_original;
}
} else {
if ($rcontent_original->unitid == $unit->id) {
// Unit match but No activity provided, the real rcontent is the original
return $rcontent_original;
}
}
$rcontents = false;
// ALL OK Searching for real Rcontent with activity
if ($activity) {
$rcontents = $DB->get_records('rcontent', array('bookid' => $bookid, 'unitid' => $unit->id, 'activityid' => $activity->id), 'id');
}
// Not found with activity Searching for real Rcontent without activity
if (!$rcontents) {
$rcontents = $DB->get_records('rcontent', array('bookid' => $bookid, 'unitid' => $unit->id), 'id');
}
// Something found, validating data
if ($rcontents) {
//Filter only the Rcontets with user access
$filtered_rcontents = array();
foreach ($rcontents as $rcontent) {
if (valid_user($ResultadoExtendido->idUsuario, $rcontent->course)) {
$cm = get_coursemodule_from_instance('rcontent', $rcontent->id, $rcontent->course);
$contextmodule = context_module::instance($cm->id);
if (has_capability('mod/rcontent:savetrack', $contextmodule, $ResultadoExtendido->idUsuario)) {
$filtered_rcontents[] = $rcontent;
}
}
}
if ($filtered_rcontents) {
if (count($filtered_rcontents) == 1) {
// Only one record, OK!
return array_shift($filtered_rcontents);
} else {
log_to_file('Warning, more than one valid rcontent found');
// More than one, try courses first
foreach ($rcontents as $rcontent) {
if ($rcontent->course == $rcontent_original->course) {
// First with the same course
log_to_file('Returned the first with the same course');
return $rcontent;
}
}
log_to_file('All rcontents found outside the original course, returning the first');
return array_shift($rcontents);
}
}
}
// Not found, no need to save nothing
return false;
}
