if (Validate::pass()) { // Check if the form was submitted (to continue to the next page) if (Form::submitted("install-server-config")) { header("Location: /install/config-site"); exit; } Alert::success("Server Config", "Your server is properly configured!"); } // Installation Header require dirname(ROUTE_SECOND_PATH) . "/includes/install_header.php"; // Run Global Script require dirname(ROUTE_SECOND_PATH) . "/includes/install_global.php"; // Display the Header require HEADER_PATH; echo ' <form class="uniform" action="/install/config-server" method="post">' . Form::prepare("install-server-config"); echo ' <h3>Update Your Server Configurations:</h3> <p>Config File: ' . SYS_PATH . '/environment.php</p> <p style="margin-top:12px;">Make sure the following variables are set appropriately:</p> <p> <style> .left-tb-col { width:220px; font-weight:bold; text-align:right; padding-right:10px; } </style> <table border="0" cellpadding="4" cellspacing="0"> <tr> <td class="left-tb-col">Environment:</td> <td>' . (ENVIRONMENT ? ENVIRONMENT : '<span style="color:red;">Must assign a valid Environment</span>') . '</td> </tr> <tr>
// Save the site handshake $_SESSION['login']['handshake'] = Security_Hash::random(30, 62); // Prepare Custom Data $customData = array("handshake" => $_SESSION['login']['handshake'], "handle" => $_POST['handle'], "email" => $_POST['email'], "password" => $_POST['password'], "tos" => isset($_POST['tos'])); // Create a query string with valid packet data $queryStringPacket = API_PacketEncrypt::queryString($customData, $apiData['site_key']); // Redirect to Auth's Registration Page header("Location: " . $apiData['site_url'] . "/register-process?" . $queryStringPacket); exit; } } // Prepare Values if (!isset($_POST['handle'])) { $_POST['handle'] = ""; } if (!isset($_POST['email'])) { $_POST['email'] = ""; } // Display the Header require HEADER_PATH; // Display the Registration Form echo ' <form class="uniform" action="/register" method="post">' . Form::prepare(SITE_HANDLE . "-register-form") . ' <p><input type="text" name="handle" value="' . $_POST['handle'] . '" placeholder="Username . . ." autocomplete="off" tabindex="10" autofocus /></p> <p><input type="text" name="email" value="' . $_POST['email'] . '" placeholder="Email . . ." autocomplete="off" tabindex="15" /></p> <p><input type="password" name="password" value="" placeholder="Password . . ." autocomplete="off" tabindex="20" /></p> <p><input type="checkbox" name="tos" ' . (isset($_POST['tos']) ? 'checked' : '') . ' tabindex="30" target="_new" /> I agree to the <a href="/tos">Terms of Service</a></p> <p><input class="button" type="submit" name="submit" value="Sign Up" tabindex="30" /></p> </form>'; // Display the Footer require FOOTER_PATH;
Validate::password($_POST['password']); // If the Form Validation Passed if (Validate::pass()) { // Retrieve the Site Key $apiData = API_Data::get("auth"); // Save the site handshake $_SESSION['login']['handshake'] = Security_Hash::random(30, 62); // Prepare Custom Data $customData = array("handshake" => $_SESSION['login']['handshake'], "handle" => $_POST['handle'], "password" => $_POST['password']); // Create a query string with valid packet data $queryStringPacket = API_PacketEncrypt::queryString($customData, $apiData['site_key']); // Redirect to Auth's Login Page (get credentials and return) header("Location: " . $apiData['site_url'] . "/login-process?" . $queryStringPacket); exit; } } // Prepare Values if (!isset($_POST['handle'])) { $_POST['handle'] = ""; } // Display the Header require HEADER_PATH; // Display the Login Form echo ' <form class="uniform" action="/login-form" method="post">' . Form::prepare(SITE_HANDLE . "-login-form") . ' <p><input type="text" name="handle" value="' . $_POST['handle'] . '" placeholder="Username . . ." autocomplete="off" tabindex="10" autofocus /></p> <p><input type="password" name="password" value="" placeholder="Password . . ." autocomplete="off" tabindex="20" /></p> <p><input class="button" type="submit" name="submit" value="Login with UniFaction" tabindex="30" /></p> </form>'; // Display the Footer require FOOTER_PATH;
if (isset($_SESSION['name'])) { echo ' <a href="blog_main.php?action=article" >我的文章</a> <a href="blog_main.php?action=warticle">写文章</a> <a href="blog_main.php?action=zhuxiao">退出登陆</a>'; } ?> </div> </div> <div id="content_main"> <?php if (empty($_GET['s']) && !isset($_GET['submit3'])) { error_reporting(E_ALL & ~E_NOTICE); $f = new Form("blog_main.php?page1=" . $page . "&kind=" . $kind); $f->prepare(); echo $f; } else { echo new checkone($_GET['s']); } ?> <div id="yi"> <ul> <?php for ($i = 1; $i <= $_SESSION['number']; $i++) { echo "<li><a href='blog.php?page=" . $i . "'>" . $i . "</a>"; } ?> </ul> </div>
<?php // Run Permissions require SYS_PATH . "/controller/includes/admin_perm.php"; // Make sure that only management or higher is allowed if (Me::$clearance < 7) { header("Location: /admin"); exit; } if (Form::submitted("email-send-admin")) { Validate::email($_POST['email']); Validate::input("Subject", $_POST['title'], 1, 22); Validate::text("Message", $_POST['message'], 1, 3500); if (Validate::pass()) { Email_Send::standard($_POST['email'], $_POST['title'], $_POST['message']); Alert::saveSuccess("Email Sent", "You have successfully sent an email to " . $_POST['email']); header("Location: /admin/Email/Email List"); exit; } } // Run Header require SYS_PATH . "/controller/includes/admin_header.php"; echo ' <form action="/admin/Email/Send Email" method="post">' . Form::prepare("email-send-admin") . ' <p>Email: <input type="text" name="email" value="" /></p> <p>Subject: <input type="text" name="title" value="" maxlength="22" /></p> <p>Message: <textarea name="message"></textarea></p> <p><input type="submit" name="submit" value="Send Email" /></p> </form>'; // Display the Footer require SYS_PATH . "/controller/includes/admin_footer.php";
$_POST['method'] = Sanitize::variable($_POST['method']); $_POST['run_cycle'] = Sanitize::number($_POST['run_cycle'], 0); $_POST['date_start'] = Sanitize::number($_POST['date_start'], 0); $_POST['date_end'] = Sanitize::number($_POST['date_end'], 0); // Sanitize Parameters for ($a = 0; $a <= 3; $a++) { $_POST['args'][$a] = isset($_POST['args'][$a]) ? Sanitize::text($_POST['args'][$a]) : ""; } } // Run Header require SYS_PATH . "/controller/includes/admin_header.php"; // Get Navigation Entry echo ' <h2 style="margin-top:20px;">' . ($editID ? 'Edit' : 'Create New') . ' Cron Task</h2> <form class="uniform" action="/admin/cron/custom-task" method="post">' . Form::prepare("cron-custom") . ' <p>Title: <input type="text" name="title" value="' . $_POST['title'] . '" maxlength="22" /> (only useful to humans)</p> <p>Method: <input type="text" name="method" value="' . $_POST['method'] . '" maxlength="22" /> (the MyTasks:: or Task:: method to call)</p> <p>Parameters: <br /><input type="text" name="args[0]" value="' . htmlspecialchars($_POST['args'][0]) . '" maxlength="250" /> (leave empty for unused) <br /><input type="text" name="args[1]" value="' . htmlspecialchars($_POST['args'][1]) . '" maxlength="250" /> (leave empty for unused) <br /><input type="text" name="args[2]" value="' . htmlspecialchars($_POST['args'][2]) . '" maxlength="250" /> (leave empty for unused) <br /><input type="text" name="args[3]" value="' . htmlspecialchars($_POST['args'][3]) . '" maxlength="250" /> (leave empty for unused) </p> <p>Run Cycle: <input type="text" name="run_cycle" value="' . $_POST['run_cycle'] . '" maxlength="8" /> (number of seconds until we should re-run the script)</p> <p>Start Time: <input type="text" name="date_start" value="' . $_POST['date_start'] . '" maxlength="8" /> (number of seconds until we should re-run the script)</p> <p>End Time: <input type="text" name="date_end" value="' . $_POST['date_end'] . '" maxlength="8" /> (0 runs once, < start time runs forever)</p> <p><input type="submit" name="submit" value="' . ($editID ? 'Edit' : 'Create New') . ' Task" /></p> ' . ($editID ? '<input type="hidden" name="id" value="' . ($editID + 0) . '" />' : '') . ' </form>'; // Display the Footer
<?php // Form Submission if (Form::submitted("ban-user-uni6")) { // Check if all of the input you sent is valid: Validate::variable("Handle", $_POST['handle'], 1, 22); // Final Validation Test if (Validate::pass()) { $uniID = User::getIDByHandle($_POST['handle']); if (Database::query("UPDATE users SET clearance=? WHERE uni_id=? LIMIT 1", array(-3, $uniID))) { Alert::success("Ban Success", "You have successfully banned " . $_POST['handle']); } } } // Run Header require SYS_PATH . "/controller/includes/admin_header.php"; // Display the Editing Form echo ' <h3>Permanently Ban Which User?</h3> <form class="uniform" action="/admin/User/Ban User" method="post">' . Form::prepare("ban-user-uni6") . ' <p> <strong>Handle:</strong><br /> <input type="text" name="handle" value="" style="width:200px;" maxlength="22" /> </p> <p><input type="submit" name="submit" value="Ban User" /></p> </form>'; // Display the Footer require SYS_PATH . "/controller/includes/admin_footer.php";
} else { Alert::error("DB Admin", "The `" . $dbName . "` database does not exist, or you do not have administrative privileges."); } } // If everything is successful: if (Validate::pass()) { // Check if the form was submitted (to continue to the next page) if (Form::submitted("install-db-connect")) { header("Location: /install/classes-core"); exit; } } // Run Global Script require dirname(ROUTE_SECOND_PATH) . "/includes/install_global.php"; // Display the Header require HEADER_PATH; echo Alert::display(); echo ' <form class="uniform" action="/install/config-database" method="post">' . Form::prepare("install-db-connect"); echo ' <h3>Update Your Database Configurations:</h3> <p>Config File: ' . PUBLIC_PATH . '/index.php</p> <p>You are working with the `<span style="font-weight:bold;">' . $dbName . '</span>` database.</p>'; if (Validate::pass()) { echo ' <p><input type="submit" name="submit" value="Continue to Next Step" /></p>'; } echo ' </form>'; // Display the Footer require FOOTER_PATH;
Alert::saveSuccess("Admin Chosen", "You have designated @" . $_POST['handle'] . " as the admin of your site."); header("Location: /install/config-app"); exit; } else { Alert::error("Handle Invalid", "That user handle does not exist on UniFaction."); } } } else { $_POST['handle'] = isset($_POST['handle']) ? Sanitize::variable($_POST['handle']) : ""; } // Run Global Script require PARENT_APP_PATH . "/includes/install_global.php"; // Display the Header require HEADER_PATH; echo ' <form class="uniform" action="/install/connect-handle" method="post">' . Form::prepare("install-connect-handle"); // Display the Page echo ' <h1>Installation: Site Admin</h1> <h3>Step #1 - Connect Your UniFaction Handle</h3> <p>Your desired UniFaction handle (one of your profiles) will be set as the administrator of this site, allowing that handle to access the admin functions. Note: you will need to verify that you own the handle.</p> <p>If you don\'t have a UniFaction handle, you can set up a UniFaction account <a href="http://unifaction.com/sign-up">here</a>. The sign-up will prompt you to create a handle once you\'ve logged in for the first time.</p> <p>Your UniFaction Handle: <input type="text" name="handle" value="' . htmlspecialchars($_POST['handle']) . '" maxlength="22" autocomplete="off" tabindex="10" autofocus /> (e.g. "@joesmith1")<p> <p><input type="submit" name="submit" value="Continue" /></p>'; echo ' </form>'; // Display the Footer
Database::endTransaction(false); Alert::error("Process Error", "An error has occurred while processing this registration.", 1); } } } else { $_POST['email'] = isset($_POST['email']) ? Sanitize::email($_POST['email']) : ""; $_POST['password'] = isset($_POST['password']) ? Sanitize::safeword($_POST['password']) : ""; $_POST['handle'] = isset($_POST['handle']) ? Sanitize::variable($_POST['handle']) : ""; $_POST['display_name'] = isset($_POST['display_name']) ? Sanitize::safeword($_POST['display_name'], ' ') : ""; } // Run Header require SYS_PATH . "/controller/includes/admin_header.php"; // Display the Editing Form echo ' <h3>Add a New User</h3> <form class="uniform" action="/admin/AppAccount/Add User" method="post">' . Form::prepare("add-user-uni6") . ' <p> <strong>Profile Handle:</strong><br /> <input type="text" name="handle" value="' . $_POST['handle'] . '" style="width:200px;" maxlength="22" /> </p> <p> <strong>Profile Display Name:</strong><br /> <input type="text" name="display_name" value="' . $_POST['display_name'] . '" style="width:200px;" maxlength="32" /> </p> <p> <strong>Password:</strong><br /> <input type="password" name="password" value="' . $_POST['password'] . '" style="width:95;" maxlength="100" /> </p>