/** * Validate that the given username and password are valid * * @param string $user Username * @param string $pass Password * @param boolean $isMd5 Flag to indicate whether incoming password * is plaintext or md5 * * @return boolean */ public function validate($user, $userPass, $isMd5 = false, CI_Input $input = null) { $ret = $this->getUserByUsername($user); // make sure we're using an md5 format, passwords are hashed md5s (yes, really) $pass = $isMd5 ? $userPass : md5($userPass); // did we get a row and do the passwords match? if (isset($ret[0])) { if (password_verify($pass, $ret[0]->password)) { return true; } else { // may be the password in the database was stored when CI's // global_xss_filtering was set to true. We can only test for // this if the password passed in was not md5'd. if (false === $isMd5) { $pass = $input->xss_clean($userPass); $pass = md5($pass); if (password_verify($pass, $ret[0]->password)) { // it was! Let's store the actually $userPass $password = password_hash(md5($userPass), PASSWORD_DEFAULT); $this->db->where('username', $user); $this->db->update('user', array('password' => $password)); return true; } } } } return false; }
public function index() { $this->load->view('layout/header'); $error = $this->session->flashdata('message'); $this->load->view('element/message', ['success' => $error]); $filter = $this->input->get(['from', 'till', 'groups']); $from = $filter['from'] ?: date('Y-m-01', strtotime('-1 month')); $till = $filter['till'] ?: date('Y-m-t'); $responseData = []; $step = 500; $offset = 0; do { $response = $this->moneyzaurus->transactionsList($offset, $step, $from, $till, null, null, null); if ($response['code'] == 200 && $response['data']['success']) { $count = $response['data']['count']; $responseData = array_merge($responseData, $response['data']['data']); $offset += $step; } else { break; } } while ($count >= $step); $filterGroups = $filter['groups'] ?: []; $data = $this->prepareChartData($responseData, $filterGroups, $from, $till); $this->load->view('page/chart', ['data' => $data, 'from' => $from, 'till' => $till]); $this->load->view('layout/footer'); }
public function __construct() { parent::__construct(); $this->load->model('user_model'); $this->load->helper('url_helper'); $input = new CI_Input(); $this->params = array_merge($input->get(), $input->post()); $this->checkLogin(); }
function employee_login(CI_Input $input) { $ci = get_instance(); $ci->load->model('Employees'); $result = $ci->Employees->employee_login($input->post('employeenumber'), $input->post('password')); if (isset($result) && count($result) != 0) { $ci->session->set_userdata(array('employeenumber' => $result[0]->EmployeeNumber, 'campaignid' => $result[0]->Campaignid, 'department' => $result[0]->Department, 'positionid' => $result[0]->PositionID)); employee_redirect($result[0]->Department); } else { return "Employee is either inactive or does not exist."; } }
public function __construct() { parent::__construct(); //$this->load = load_class('Loader', 'core'); //$this->load->initialize(); $this->load->model('user_model'); //$/this->load->helper('url_helper'); //$this->user_model = new User_Model(); //load_class(''); $input = new CI_Input(); $this->params = array_merge($input->get(), $input->post()); }
private function processResponseData(array $response) { if (!$this->input->is_ajax_request()) { redirect('/'); } $this->output->set_content_type('application/json'); if ($response['code'] == 200) { if ($response['data']['success']) { $this->output->set_output(json_encode($response['data']['data'])); } } }
public function index() { $items = $this->input->post('items'); $data = $this->vaola->prepareData($items); try { $this->vaola->sync($data); $message = 'Saved'; } catch (\Exception $exc) { $message = $exc->getMessage(); } $args = ['message' => $message, 'boxes' => count($data)]; $this->load->view('layout/header.php'); $this->load->view('page/save', $args); $this->load->view('layout/footer.php'); }
public function index() { $this->load->view('layout/header'); $error = $this->session->flashdata('message'); $this->load->view('element/message', ['success' => $error]); $offset = 0; $limit = 100; $filter = $this->input->get(['item', 'group', 'price', 'from', 'till']); $response = $this->moneyzaurus->transactionsList($offset, $limit, $filter['from'], $filter['till'], $filter['item'], $filter['group'], $filter['price'] * 100); if ($response['code'] == 200) { if ($response['data']['success']) { $this->load->view('page/data', ['count' => $response['data']['count'], 'data' => $response['data']['data'], 'filter' => $filter]); } } $this->load->view('layout/footer'); }
function MY_Controller() { parent::Controller(); //当前用户信息初始化 $this->load->library('User', null, 'userLib'); $userInfo = $this->userLib->getUserInfo(); $this->user = $userInfo; if (!$this->user) { showError($this->userLib->error, '/'); } /* if (in_array($this->user['userId'], array(694,3767,3868))) { showError('测试账号禁止进去正式地址'); } */ //加载菜单,全局使用 $this->load->library('Navbar', $this->user); $this->navbarList = $this->navbar->getNavbarList(); //公告内容 $this->load->model('HelperNoticeModel'); $this->viewData['noticeData'] = $this->HelperNoticeModel->getLatest($this->user['userRole']); if ($this->viewData['noticeData']) { $this->navbarList[] = array('Help', 'noticeCheck', 'title' => '公告'); } //当前选中菜单默认为当前控制器 $this->navbarFocus = $this->input->get('c'); //当前默认选中的菜单项 $this->navChildFocus = $this->input->get('c') . '_' . $this->input->get('m'); //当前主题 $this->theme = $this->config->item('theme'); //加载认证类,全局可以调用 $this->load->library('Auth', $this->user); //面包屑导航 $this->viewData['breadcrumb'][] = array('url' => printUrl('Main', 'index'), 'title' => '首页'); //加载时段模型 $this->load->model('timeUnitModel'); }
function post($index = '', $xss_clean = FALSE) { if($index === '') return ($_SERVER['REQUEST_METHOD'] === 'POST'); return parent::post($index, $xss_clean); }
function post($index = '', $xss_clean = FALSE) { if ($index === '') { $return = $_POST ? TRUE : FALSE; return $return; } return parent::post($index, $xss_clean); }
public function post($index = null, $xss_clean = TRUE) { if (!$xss_clean) { //if asked for raw post data -eg. post('key', false)-, return raw data. Use with caution. return $this->_POST_RAW[$index]; } return parent::post($index, $xss_clean); }
/** * @param null $index * @param bool $xss_clean * @param null $default_value * @return array|null|string */ function get($index = NULL, $xss_clean = FALSE, $default_value = NULL) { $ret_val = parent::get($index, $xss_clean); if ($ret_val === false && isset($default_value)) { $ret_val = $default_value; } return $ret_val; }
public function register() { $data = $this->input->post(['email', 'password']); $response = $this->moneyzaurus->userRegister($data['email'], $data['password']); if ($response['code'] == 200) { if (!$response['data']['success']) { $this->session->set_flashdata('message', $response['data']['message']); redirect(''); } $message = sprintf('Hi %s', $response['data']['data']['email']); $this->session->set_flashdata('message', $message); if ($this->loginCustomer($data['email'], $data['password'])) { redirect('/transaction'); } } redirect(''); }
public function post($index = NULL, $xss_clean = NULL, $default_value = NULL) { $value = parent::post($index, $xss_clean); if (empty($value) && $default_value !== NULL) { $value = $default_value; } return $value; }
public function ajax($function) { if (!$this->input->is_ajax_request() || !method_exists($this, $function)) { show_404(); return false; } $this->{$function}(); return true; }
function post($index = '', $xss_clean = FALSE) { // this will be true if post() is called without arguments if ($index === '') { return $_SERVER['REQUEST_METHOD'] === 'POST'; } // otherwise do as normally return parent::post($index, $xss_clean); }
function __construct() { parent::CI_Input(); /* allow $_GET */ $pos = strrpos($_SERVER['REQUEST_URI'], '?'); $qry = is_int($pos) ? substr($_SERVER['REQUEST_URI'], ++$pos) : ''; parse_str($qry, $_GET); /* allow $_GET */ }
public function post($index = null, $xss_clean = TRUE) { if (!$xss_clean) { // if asked for raw post data (eg. post('key', false) ) return the raw data. // this is required for raw password strings that we need to output to the command line // escaping these strings when they have unusual characters will break the funciton return $this->_POST_RAW[$index]; } return parent::post($index, $xss_clean); }
function MY_Input() { parent::__construct(); if ($this->server('REQUEST_METHOD') == 'DELETE') { parse_str(file_get_contents('php://input'), $this->delete); $this->delete = $this->_clean_input_data($this->delete); } elseif ($this->server('REQUEST_METHOD') == 'PUT') { parse_str(file_get_contents('php://input'), $this->put); $this->put = $this->_clean_input_data($this->put); } }
private function getAllTransactions($months) { $filter = $this->input->get(['from', 'till', 'groups']); $from = $filter['from'] ?: date('Y-m-01', strtotime('-' . (int) $months . ' month')); $till = $filter['till'] ?: date('Y-m-t'); $responseData = []; $step = 500; $offset = 0; do { $response = $this->moneyzaurus->transactionsList($offset, $step, $from, $till, null, null, null); if ($response['code'] == 200 && $response['data']['success']) { $count = $response['data']['count']; $responseData = array_merge($responseData, $response['data']['data']); $offset += $step; } else { break; } } while ($count >= $step); return $responseData; }
/** * @param $object * @param $fieldNames */ protected function setStringDataFromPost(&$object, $fieldNames) { if (isset($this->ModelName) && !is_null($this->ModelName) && $this->ModelName !== '') { if (is_array($fieldNames) && count($fieldNames) > 0) { foreach ($fieldNames as $fieldName) { if (class_exists($this->ModelName) && property_exists($this->ModelName, $fieldName)) { $value = addslashes($this->security->xss_clean($this->input->post(strtolower($fieldName)))); $object->{'set' . $fieldName}($value); } } } } }
public function declineConnection() { $id = $this->input->post('id'); $response = $this->moneyzaurus->connectionReject($id); if ($response['code'] == 200) { if (!$response['data']['success']) { $this->session->set_flashdata('message', $response['data']['message']); } else { $this->session->set_flashdata('message', 'Connection rejected'); } } redirect('/profile'); }
public function delete() { $id = $this->input->get('id'); $response = $this->moneyzaurus->transactionsRemove($id); if ($response['code'] == 200) { if (!$response['data']['success']) { $this->session->set_flashdata('message', $response['data']['message']); } else { $this->session->set_flashdata('message', 'Deleted'); } } redirect('/data'); }
public function __construct() { parent::__construct(); $this->raw = file_get_contents('php://input'); if (!empty($this->raw)) { if ($this->request_method() == 'DELETE') { $this->delete = $this->_sanitize_request($this->raw); } else { if ($this->request_method() == 'put') { $this->put = $this->_sanitize_request($this->raw); } } } }
function _sanitize_globals() { $ignore_csrf = config_item('csrf_ignore'); if (is_array($ignore_csrf) && count($ignore_csrf)) { global $URI; $haystack = $URI->uri_string(); foreach ($ignore_csrf as $needle) { if (strlen($haystack) >= strlen($needle) && substr($haystack, 0, strlen($needle)) == $needle) { $this->_enable_csrf = FALSE; break; } } } parent::_sanitize_globals(); }
/** * Added one condition from send $ajax_data parameter to page, if in page there $ajax_data, loaded script. * This condition was added because script called 2 times, and will now be called 1 times * @param boolean $ajax_data * @return rendering page * @author Max Kavelin */ protected function render($template = 'main') { $is_admin = $this->ion_auth->is_admin(); $uinfo = $this->users_model->getUsersData($this->ion_auth->get_user_id()); if ($is_admin) { $this->data['is_admin'] = true; } else { $this->load->model('users_model'); if (!empty($uinfo[0]->is_supplier)) { $this->data['is_supplier'] = true; } else { $this->data['is_supplier'] = false; } } $this->data['user_email'] = $uinfo[0]->email; //save the controller and action names in session if ($this->save_previous_url) { $this->session->set_flashdata('previous_controller_name', $this->previous_controller_name); $this->session->set_flashdata('previous_action_name', $this->previous_action_name); } else { $this->session->set_flashdata('previous_controller_name', $this->controller_name); $this->session->set_flashdata('previous_action_name', $this->action_name); } // difference old render and new render function is this condition if ($this->input->get("ajax", false) == true) { $this->data['ajax_data'] = true; //send parameter ajax_data to view page } $view_path = $this->controller_name . '/' . $this->action_name . '.php'; //set the path off the view if (file_exists(APPPATH . 'views/' . $view_path)) { $this->data['content'] .= $this->load->view($view_path, $this->data, true); //load the view } if ($this->input->get("ajax", false) == true) { $this->load->view("layouts/ajax.tpl.php", $this->data); //load the template } else { $this->load->view("layouts/{$template}.tpl.php", $this->data); //load the template } }
/** * parse query string and json in query string */ function get($index = NULL, $xss_clean = FALSE) { $get = parent::get($index, $xss_clean); if (is_array($get)) { array_walk($get, function (&$value) { if (!is_string($value)) { throw new Exception('URI params should be string, JSON is supported.', 400); } $decoded = json_decode($value, JSON_OBJECT_AS_ARRAY); !is_null($decoded) && ($value = $decoded); }); } else { $decoded = json_decode($get, JSON_OBJECT_AS_ARRAY); !is_null($decoded) && ($get = $decoded); } if (is_null($index) && $get === false) { $get = array(); } return $get; }
/** * 继承post方法,处理post数组 * 现可如下访问: * $this->input->post('submit/newcase') */ function post($index = NULL, $xss_clean = FALSE) { if (is_null($index)) { return parent::post($index, $xss_clean); } else { if (parent::post($index, $xss_clean) !== false) { return parent::post($index, $xss_clean); } $index_array = explode('/', $index); $post = parent::post($index_array[0], $xss_clean); for ($i = 1; $i < count($index_array); $i++) { if (isset($post[$index_array[$i]])) { $post = $post[$index_array[$i]]; } else { return false; } } return $post; } }
function MY_Controller() { parent::Controller(); $this->load->model('timeUnitModel'); $this->load->library('User', null, 'userLib'); $this->user = $this->userLib->getUserInfo(); if (!$this->user) { showError($this->userLib->error, '/'); } //加载菜单,全局使用 $this->load->library('Navbar', $this->user); $this->navbarList = $this->navbar->getNavbarList(); //当前选中菜单默认为当前控制器 $this->navbarFocus = $_GET['c'] . '_' . $_GET['m']; //当前默认选中的菜单项 $this->navChildFocus = $this->input->get('c') . '_' . $this->input->get('m'); //当前主题 $this->theme = $this->config->item('theme'); //加载认证类,全局可以调用 $this->load->library('Auth', $this->user); //面包屑导航 $this->viewData['breadcrumb'][] = array('url' => printUrl('Main', 'index'), 'title' => '首页'); }