public function action_download($cache_filename)
 {
     if (!$cache_filename) {
         return $this->action_404();
     }
     // add json extension
     $cache_filename .= '.json';
     // load data from cache if possible
     try {
         $data = Cache::get($cache_filename);
     } catch (\CacheNotFoundException $e) {
         return $this->action_404();
     }
     // cache found but empty!?
     if (!$data) {
         return $this->action_404();
     }
     $response = new Response();
     // We'll be outputting a json string
     $response->set_header('Content-Type', 'application/json');
     // It will be called downloaded.pdf
     $response->set_header('Content-Disposition', 'attachment; filename="checkins.json"');
     // Set no cache
     $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate');
     $response->set_header('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT');
     $response->set_header('Pragma', 'no-cache');
     $response->body($data);
     return $response;
 }
Example #2
0
 public function action_exportinvalidleads($data_id)
 {
     $headings = array('Dialler ID' => 'dialler_lead_id', 'Title' => 'title', 'First Name' => 'first_name', 'Last Name' => 'last_name', 'Number' => 'phone_number', 'Alt Number' => 'alt_phone', 'Status' => 'number_data');
     $headingArray = array();
     $headingCounts = array();
     $headingNames = array();
     foreach ($headings as $heading => $dbcolumn) {
         $headingCounts[] = $dbcolumn;
         $headingNames[] = $heading;
     }
     list($validLeads, $validCount, $filterCount) = \Data\Model_Data::get_leads($data_id, -1, 0, 'dialler_lead_id', 'asc', '=');
     $invalidArray = array();
     $makeArray = array();
     foreach ($validLeads as $singleLead) {
         $singleArray = array();
         foreach ($headings as $heading) {
             if ($heading == 'number_data') {
                 $allData = unserialize($singleLead[$heading]);
                 $diallerIDs = array();
                 if (isset($allData['duplicates']['data_list_ids'])) {
                     foreach ($allData['duplicates']['data_list_ids'] as $did) {
                         $diallerListIDQuery = \DB::select('dialler_id')->from('data')->where('id', $did)->execute()->as_array();
                     }
                     if (count($diallerListIDQuery) > 0) {
                         $diallerIDs[] = $diallerListIDQuery[0]['dialler_id'];
                     }
                 }
                 if (isset($allData['duplicates']['list_ids'])) {
                     foreach ($allData['duplicates']['list_ids'] as $did) {
                         $diallerIDs[] = $did;
                     }
                 }
                 $singleArray[] = count($diallerIDs) > 0 ? 'Duplicate from list(s) ' . implode("/", $diallerIDs) : 'TPS Match';
             } else {
                 $singleArray[] = $singleLead[$heading];
             }
         }
         $makeArray[] = $singleArray;
     }
     $data = implode(",", $headingNames) . "\n";
     foreach ($makeArray as $oneLine) {
         $data .= implode(",", $oneLine) . "\n";
     }
     //$data = \Format::forge($makeArray)->to_csv();
     $response = new \Response();
     $response->set_header('Content-Type', 'text/csv');
     $response->set_header('Content-Disposition', 'attachment; filename="' . $data_id . '_' . date('Ymd-Hi') . '.csv"');
     // $response->body($data);
     //return $response;
     $response->send_headers();
     echo $data;
     return "";
 }
Example #3
0
 public function action_ajax_test_ftp()
 {
     // is ajax
     if (!\Input::is_ajax()) {
         \Response::redirect(\Uri::create('admin'));
     }
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('config_global', 'config_global') == false) {
         \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
         return null;
     }
     if (\Input::method() == 'POST') {
         // get post value and test connection
         $config['hostname'] = trim(\Input::post('hostname'));
         $config['username'] = trim(\Input::post('username'));
         $config['password'] = trim(\Input::post('password'));
         $config['port'] = (int) trim(\Input::post('port'));
         $config['passive'] = trim(\Input::post('passive')) == 'true' ? true : false;
         $config['ssl_mode'] = false;
         $config['debug'] = false;
         $basepath = trim(\Input::post('basepath'));
         // connect to ftp
         $ftp = \Ftp::forge($config);
         $ftp->connect();
         $ftp->change_dir($basepath);
         $files = $ftp->list_files();
         $ftp->close();
         $output = array();
         if ($files !== false) {
             $output['form_status'] = 'success';
             $output['form_status_message'] = \Lang::get('config_ftp_connected_check_basepath_from_dir_structure_below');
             natsort($files);
             $output['list_files'] = '<ul>';
             foreach ($files as $file) {
                 $output['list_files'] .= '<li>' . $file . '</li>';
             }
             $output['list_files'] .= '</ul>';
         } else {
             // got false from list_files means cannot connect
             $output['form_status'] = 'error';
             $output['form_status_message'] = \Lang::get('config_ftp_could_not_connect_to_server');
         }
         // clear no use variables
         unset($basepath, $config, $file, $files, $ftp);
         // send out json values
         $response = new \Response();
         $response->set_header('Content-Type', 'application/json');
         $response->body(json_encode($output));
         return $response;
     }
 }
Example #4
0
 public function action_deleteAvatar()
 {
     // get account id from cookie
     $account = new \Model_Accounts();
     $cookie = $account->getAccountCookie();
     if (\Input::method() == 'POST') {
         if (!\Extension\NoCsrf::check()) {
             // validate token failed
             $output['form_status'] = 'error';
             $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
             $output['result'] = false;
         } else {
             if (!isset($cookie['account_id']) || \Model_Accounts::isMemberLogin() == false) {
                 $output['result'] = false;
             } else {
                 $output['result'] = true;
                 $account->deleteAccountAvatar($cookie['account_id']);
             }
         }
     }
     unset($account, $cookie);
     if (\Input::is_ajax()) {
         // re-generate csrf token for ajax form to set new csrf.
         $output['csrf_html'] = \Extension\NoCsrf::generate();
         $response = new \Response();
         $response->set_header('Content-Type', 'application/json');
         $response->body(json_encode($output));
         return $response;
     } else {
         if (\Input::referrer() != null && \Input::referrer() != \Uri::main()) {
             \Response::redirect(\Input::referrer());
         } else {
             \Response::redirect(\Uri::base());
         }
     }
 }
 /**
  * JSONで返答する
  *
  * $sendがtrueの時、返答して終わる
  * $sendがfalseの時、レスポンスオブジェクを返す
  *
  * @access protected
  * @param mixed $data 返答する値
  * @param bool $send 送信フラグ
  * @return Response
  * @author kobayasi
  */
 protected function responseJson($data = false, $send = false)
 {
     $response = new \Response(json_encode($data), 200);
     $response->set_header('Content-Type', 'application/json');
     if ($send) {
         $response->send(true);
         exit;
     }
     return $response;
 }
 public function responseJson($output)
 {
     $response = new \Response();
     // no cache
     $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate');
     $response->set_header('Cache-Control', 'post-check=0, pre-check=0', false);
     $response->set_header('Expires', 'Sat, 26 Jul 1997 05:00:00 GMT');
     $response->set_header('Pragma', 'no-cache');
     // content type
     $response->set_header('Content-Type', 'application/json');
     // set body
     if ($output == null) {
         $output = [];
     }
     $response->body(json_encode($output));
     return $response;
 }
Example #7
0
 /**
  * Demonstrates how HTTP basic authentication can be used
  * @return \Response
  */
 public function action_basic()
 {
     if (Input::server("PHP_AUTH_USER", null) == null) {
         $response = new Response();
         $response->set_header('WWW-Authenticate', 'Basic realm="Authenticate for eventual.org"');
         return $response;
     } else {
         $response = Response::forge("You are authenticated as " . Input::server("PHP_AUTH_USER"));
         return $response;
     }
 }
    /**
     * Out put relation json
     *
     * @access  public
     * @return  Response
     */
    public function action_relationjson($introduced_user_id)
    {
        $me = Session::get('user', null);
        $introduced_user = Model_User::find($introduced_user_id);
        $query = \DB::query('SELECT `users`.`id` as `post_user_id`, `users`.`url`, `users`.`name`, `introductions`.*,
			(`introductions`.`distance` + `introductions`.`humanity`+ `introductions`.`ability`) as goodpoint
			FROM `users`
				LEFT JOIN
					`introductions`
					ON
					`users`.`id` = `introductions`.`user_id`
					AND
					`introductions`.`introduced_user_id` = :introduced_user_id
			WHERE `users`.`id` != :introduced_user_id
			ORDER BY goodpoint desc', \DB::SELECT);
        $users = $query->bind('introduced_user_id', $introduced_user_id)->execute();
        unset($query);
        $query = \DB::query("SELECT `introductions`.*\n\t\t\tFROM `users`\n\t\t\t\tLEFT JOIN\n\t\t\t\t\t`introductions`\n\t\t\t\t\tON\n\t\t\t\t\t`users`.`id` = `introductions`.`user_id`\n\t\t\t\t\tAND\n\t\t\t\t\t`introductions`.`user_id` = " . $introduced_user_id . "\n\t\t\t\t\tAND\n\t\t\t\t\t`introductions`.`introduced_user_id` != " . $introduced_user_id . " WHERE `users`.`id` = " . $introduced_user_id, \DB::SELECT);
        $my_relations = $query->execute();
        $bond = array();
        foreach ($my_relations as $key => $intro) {
            $bond[$intro['introduced_user_id']] = (int) $intro['distance'];
        }
        $data = array();
        $data['default']['nodes'] = array();
        $data['default']['links'] = array();
        $data['default']['introductions'] = array();
        $nodes_i = 1;
        $data['default']['nodes'][] = array('name' => $introduced_user['name'], 'size' => 80, 'id' => (int) $introduced_user['id'], 'url' => $introduced_user['url'], 'nodetype' => 'person', 'fixed' => true, 'x' => 600, 'y' => 350);
        $links = array();
        foreach ($users as $key => $user) {
            if (empty($user['id'])) {
                continue;
            }
            $nodes_i++;
            $links[(int) $user['user_id']] = $nodes_i;
            $data['default']['nodes'][] = array('name' => $user['name'], 'size' => 80, 'id' => (int) $user['user_id'], 'url' => $user['url'], 'nodetype' => 'person');
            $bondStrength = !empty($bond[(int) $user['user_id']]) ? $bond[(int) $user['user_id']] : 0;
            $bondStrength = $bondStrength + (int) $user['distance'];
            if ($bondStrength >= 10) {
                $bondType = 3;
            } elseif ($bondStrength >= 7) {
                $bondType = 2;
            } else {
                $bondType = 1;
            }
            $data['default']['links'][] = array('source' => $nodes_i - 1, 'target' => 0, 'bondType' => $bondType, 'text' => $user['feature'], 'id' => 1000 + $user['id']);
        }
        foreach ($users as $key => $user) {
            if (empty($user['id'])) {
                continue;
            }
            $nodes_i++;
            $bondType = !empty($bond[(int) $user['introduced_user_id']]) ? (int) $user['introduced_user_id'] : 0;
            $bondType = $bondType + (int) $user['distance'];
            $data['default']['nodes'][] = array('name' => '紹介', 'size' => 150, 'id' => (int) $user['user_id'] + 1000, 'introduced' => array('feature' => $user['feature'], 'charm' => $user['charm'], 'skilfull' => $user['skillfull']), 'nodetype' => 'introduced');
            $data['default']['introductions'][] = array('id' => (int) $user['user_id'] + 1000, 'div' => $this->intro_dl($user), 'bondType' => $bondType);
            $data['default']['links'][] = array('source' => $nodes_i - 1, 'target' => $links[(int) $user['user_id']] - 1, 'bondType' => 0, 'text' => '', 'id' => 10000 + $user['id']);
        }
        $response = new Response();
        $response->set_header('Content-type', 'application/json');
        $response->send_headers();
        return Response::forge(View::forge('user/relationjson', array('data' => $data)));
    }
Example #9
0
 /**
  * Handler for HTTP Digest Authentication
  *
  * @return array A key/value array of the username => value and password => value
  */
 private function _http_digest(\Response $response)
 {
     $realm = $this->config['http_authenticatable']['realm'];
     $data = array('nonce' => null, 'nc' => null, 'cnonce' => null, 'qop' => null, 'username' => null, 'uri' => null, 'response' => null);
     foreach (explode(',', \Input::server('PHP_AUTH_DIGEST')) as $string) {
         $parts = explode('=', trim($string), 2) + array('', '');
         $data[$parts[0]] = trim($parts[1], '"');
     }
     $users = $this->config['http_authenticatable']['users'];
     $password = !empty($users[$data['username']]) ? $users[$data['username']] : null;
     $A1 = md5("{$data['username']}:{$realm}:{$password}");
     $A2 = "{$data['nonce']}:{$data['nc']}:{$data['cnonce']}:{$data['qop']}";
     $A3 = md5(\Input::server('REQUEST_METHOD') . ':' . $data['uri']);
     $hash = md5("{$A1}:{$A2}:{$A3}");
     if (!$data['username'] || $hash !== $data['response']) {
         $nonce = uniqid();
         $opaque = md5($realm);
         $header_value = "Digest realm=\"{$realm}\",qop=\"auth\", nonce=\"{$nonce}\",opaque=\"{$opaque}\"";
         $response->set_header('WWW-Authenticate', $header_value);
         $response->send(true);
         exit;
     }
     return array('username' => $data['username'], 'password' => $password);
 }
Example #10
0
 public function action_reset($account_id = '')
 {
     // set redirect url
     $redirect = $this->getAndSetSubmitRedirection();
     // ajax request only
     if (!\Input::is_ajax()) {
         \Response::redirect($redirect);
     }
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_user_perm') == false) {
         \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
         return null;
     }
     // method post only
     if (\Input::method() != 'POST') {
         return null;
     }
     // if account id not set
     if (!is_numeric($account_id)) {
         $cookie_account = \Model_Accounts::forge()->getAccountCookie('admin');
         $account_id = 0;
         if (isset($cookie_account['account_id'])) {
             $account_id = $cookie_account['account_id'];
         }
         unset($cookie_account);
     }
     $output['account_id'] = $account_id;
     // check target account
     $account_check_result = $this->checkAccountData($account_id);
     $output['account_check_result'] = is_object($account_check_result) || is_array($account_check_result) ? true : $account_check_result;
     unset($account_check_result);
     if (!\Extension\NoCsrf::check()) {
         $output['result'] = false;
     } else {
         if ($output['account_check_result'] === true) {
             $result = \Model_AccountPermission::resetPermission($account_id);
             $output['result'] = $result;
         } else {
             $output['result'] = false;
         }
     }
     $response = new \Response();
     $response->set_header('Content-Type', 'application/json');
     $response->body(json_encode($output));
     return $response;
 }
 public function action_reset()
 {
     // set redirect url
     $redirect = $this->getAndSetSubmitRedirection();
     // ajax request only
     if (!\Input::is_ajax()) {
         \Response::redirect($redirect);
     }
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_level_perm') == false) {
         \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
         return null;
     }
     // method post only
     if (\Input::method() != 'POST') {
         return null;
     }
     if (!\Extension\NoCsrf::check()) {
         $output['result'] = false;
     } else {
         $result = \Model_AccountLevelPermission::resetPermission();
         $output['result'] = $result;
     }
     $response = new \Response();
     $response->set_header('Content-Type', 'application/json');
     $response->body(json_encode($output));
     return $response;
 }
Example #12
0
 /**
  * redirect to url that contain language
  * example:
  * http://localhost/ -> http://localhost/en
  * http://localhost/page -> http://localhost/en/page
  *
  * @author Vee Winch.
  * @license MIT
  * @link http://rundiz.com The author's website.
  * @package Fuel Start
  */
 public function redirectLanguageUri()
 {
     $locales = \Config::get('locales');
     $default_lang = \Config::get('language');
     if (is_array($locales) && !empty($locales)) {
         if (!count($this->segments)) {
             // current uri is in root web. the url is http://domain.tld/fuelphp_root_web/
             $need_redirect = true;
             // redirect to http://domain.tld/fuelphp_root_web/{lang}
             $redirect_url = $default_lang;
         } else {
             // current url is in dir or /lang
             $uri_exp = explode('/', \Input::uri());
             // the \Input::uri will return uri segments with / at the start. when explode it, the first array might be null.
             // check that first array of exploded uri is not null.
             if (isset($uri_exp[0]) && $uri_exp[0] != null) {
                 $first_uri = $uri_exp[0];
             } elseif (isset($uri_exp[1])) {
                 $first_uri = $uri_exp[1];
             } else {
                 // in case that \Input::uri with exploded / is not array or something wrong.
                 $first_uri = $default_lang;
             }
             // if first uri is NOT in locales.
             if (!array_key_exists($first_uri, $locales)) {
                 // first uri segment is not lang. the url is http://domain.tld/fuelphp_root_web/page
                 $need_redirect = true;
                 // redirect to http://domain.tld/fuelphp_root_web/{lang}/page
                 $redirect_url = $default_lang . '/' . implode('/', $this->segments);
             }
         }
         // if need to redirect.
         if (isset($need_redirect) && $need_redirect === true) {
             // set no cache header.
             $response = new Response();
             $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate');
             $response->set_header('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT');
             $response->set_header('Pragma', 'no-cache');
             $response->send_headers();
             // clean vars.
             unset($default_lang, $first_uri, $locales, $need_redirect);
             // go! redirect. (do not use fuelphp redirect because it generate error 404 in home page)
             $redirect_url = self::createNL($redirect_url);
             // use redirect manually.
             $response->set_status(301);
             $response->set_header('Location', $redirect_url);
             $response->send(true);
             exit;
         }
         // clean vars.
         unset($default_lang, $locales);
     }
     // clean vars.
     unset($default_lang, $locales);
 }
Example #13
0
 public function action_accountMultisite()
 {
     $act = trim(\Input::post('act'));
     $output = [];
     if (strtolower(\Fuel\Core\Input::method()) == 'post') {
         if ($act == 'createmaintable') {
             $create_table = \Fuel\Core\DBUtil::create_table('testmultisiteaccount', ['id' => ['constraint' => 11, 'type' => 'int', 'auto_increment' => true], 'account_id' => ['constraint' => 11, 'type' => 'int', 'null' => true, 'comment' => 'refer to accounts.account_id'], 'actdate' => ['type' => 'bigint', 'null' => true, 'comment' => 'date/time of record date.']], ['id'], true);
             $output['create_table_result'] = $create_table;
             $output['result'] = true;
         } elseif ($act == 'insertdemodata') {
             // get accounts that is not guest
             $account_result = \DB::select('account_id')->as_object()->from('accounts')->where('account_id', '!=', '0')->execute();
             // get all sites from site table
             $sites_result = \DB::select('site_id')->as_object()->from('sites')->execute();
             $output['tables_data'] = [];
             if ($sites_result != null) {
                 foreach ($sites_result as $site) {
                     if ($site->site_id == '1') {
                         $test_table = 'testmultisiteaccount';
                     } else {
                         $test_table = $site->site_id . '_testmultisiteaccount';
                     }
                     if (\DBUtil::table_exists($test_table)) {
                         \DBUtil::truncate_table($test_table);
                         if ($account_result != null) {
                             foreach ($account_result as $account) {
                                 \DB::insert($test_table)->set(['account_id' => $account->account_id, 'actdate' => time()])->execute();
                             }
                             // endforeach; $account_result
                         }
                         // endif; $account_result
                         // finished insert get data from this table.
                         $this_table_result = \DB::select()->as_object('stdClass')->from($test_table)->limit(10)->order_by('id', 'DESC')->execute()->as_array();
                         $output['tables_data'][$test_table] = $this_table_result;
                         unset($this_table_result);
                     }
                     unset($test_table);
                 }
                 // endforeach; $sites_result
                 $output['result'] = true;
             }
             // endif; $sites_result
             unset($account, $account_result, $site, $sites_result);
         } elseif ($act == 'loaddemodata') {
             // get all sites from site table
             $sites_result = \DB::select('site_id')->as_object()->from('sites')->execute();
             $output['tables_data'] = [];
             if ($sites_result != null) {
                 foreach ($sites_result as $site) {
                     if ($site->site_id == '1') {
                         $test_table = 'testmultisiteaccount';
                     } else {
                         $test_table = $site->site_id . '_testmultisiteaccount';
                     }
                     if (\DBUtil::table_exists($test_table)) {
                         $this_table_result = \DB::select()->as_object('stdClass')->from($test_table)->limit(10)->order_by('id', 'DESC')->execute()->as_array();
                         $output['tables_data'][$test_table] = $this_table_result;
                         unset($this_table_result);
                     }
                 }
                 // endforeach; $sites_result
                 $output['result'] = true;
             }
             // endif; $sites_result
             unset($site, $sites_result);
         } elseif ($act == 'droptable') {
             // get all sites from site table
             $sites_result = \DB::select('site_id')->as_object()->from('sites')->execute();
             if ($sites_result != null) {
                 foreach ($sites_result as $site) {
                     if ($site->site_id == '1') {
                         $test_table = 'testmultisiteaccount';
                     } else {
                         $test_table = $site->site_id . '_testmultisiteaccount';
                     }
                     if (\DBUtil::table_exists($test_table)) {
                         \DBUtil::drop_table($test_table);
                     }
                 }
                 // endforeach; $sites_result
                 $output['result'] = true;
             }
             // endif; $sites_result
             unset($site, $sites_result);
         }
         // endif; $act
         if (\Input::is_ajax()) {
             $response = new \Response();
             // no cache
             $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate');
             $response->set_header('Cache-Control', 'post-check=0, pre-check=0', false);
             $response->set_header('Expires', 'Sat, 26 Jul 1997 05:00:00 GMT');
             $response->set_header('Pragma', 'no-cache');
             // content type
             $response->set_header('Content-Type', 'application/json');
             // set body
             if ($output == null) {
                 $output = [];
             }
             $response->body(json_encode($output));
             return $response;
         }
     }
     // <head> output -------------------------------------------
     $output['page_title'] = $this->generateTitle('Test module plugin');
     // <head> output -------------------------------------------
     // breadcrumb -------------------------------------------------------------------------------------------------
     $page_breadcrumb = [];
     $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
     $page_breadcrumb[1] = ['name' => 'Test module plugin', 'url' => \Uri::create('testmod/admin/index')];
     $page_breadcrumb[2] = ['name' => 'Test delete account on multisite table', 'url' => \Uri::main()];
     $output['page_breadcrumb'] = $page_breadcrumb;
     unset($page_breadcrumb);
     // breadcrumb -------------------------------------------------------------------------------------------------
     return $this->generatePage('admin/templates/index/accountMultisite_v', $output, false);
 }
Example #14
0
 public function action_ajaxsort()
 {
     // set redirect url
     $redirect = $this->getAndSetSubmitRedirection();
     // if not ajax
     if (!\Input::is_ajax()) {
         \Response::redirect($redirect);
     }
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('accountlv_perm', 'accountlv_sort_perm') == false) {
         \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
         return null;
     }
     $output['result'] = false;
     if (\Input::method() == 'POST') {
         $lvg_ids = \Input::post('listItem');
         if (is_array($lvg_ids)) {
             $level_priority = 3;
             foreach ($lvg_ids as $level_group_id) {
                 $alg = \Model_AccountLevelGroup::find($level_group_id);
                 $alg->level_priority = $level_priority;
                 $alg->save();
                 $level_priority++;
             }
             $output['result'] = true;
             if (\Session::get_flash('form_status', null, false) == null) {
                 \Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved')));
             }
         }
         unset($alg, $lvg_ids, $level_group_id, $level_priority);
     }
     $response = new \Response();
     $response->set_header('Content-Type', 'application/json');
     $response->body(json_encode($output));
     return $response;
 }
Example #15
0
 public function action_delete_avatar()
 {
     if (!\Input::is_ajax()) {
         \Response::redirect(\Uri::create('admin/account'));
     }
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_edit_perm') == false) {
         return false;
     }
     $account_id = (int) trim(\Input::post('account_id'));
     // if editing guest.
     if ($account_id == '0') {
         return false;
     }
     // load language
     \Lang::load('account');
     // get target user data
     $row = \Model_Accounts::find($account_id);
     if ($row == null) {
         return false;
     }
     // set target user levels
     foreach ($row->account_level as $lvl) {
         $output['level_group_id'][] = $lvl->level_group_id;
     }
     // check that this user can edit?
     if (\Model_Accounts::forge()->canIAddEditAccount($output['level_group_id']) == false) {
         // no
         $output = array('form_status' => 'error', 'form_status_message' => \Lang::get('account_you_cannot_edit_account_that_contain_role_higher_than_yours'));
         $output['result'] = false;
     } else {
         // yes
         unset($output);
         // delete avatar
         \Model_Accounts::forge()->deleteAccountAvatar($account_id);
         $output['result'] = true;
     }
     $response = new \Response();
     $response->set_header('Content-Type', 'application/json');
     $response->body(json_encode($output));
     return $response;
 }
Example #16
0
 public function action_index()
 {
     // load language
     \Lang::load('admin');
     \Lang::load('account');
     // load config from db.
     $cfg_values = array('member_max_login_fail', 'member_login_fail_wait_time');
     $config = Model_Config::getvalues($cfg_values);
     $output['config'] = $config;
     unset($cfg_values);
     // set active theme for admin. this controller is not based on admin controller, then it is require to set to admin theme.
     $theme = \Theme::instance();
     $theme->active($this->theme_system_name);
     // set login redirect
     if (\Input::get('rdr') != null) {
         $output['go_to'] = urlencode(\Input::get('rdr'));
     } else {
         $output['go_to'] = urlencode(\Uri::create('admin'));
     }
     // read flash message for display errors. this is REQUIRED if you coding the check login with simultaneous login detection on.
     // this is REQUIRED in login page. because failed 'is login' check will redirect to here.
     $form_status = \Session::get_flash('form_status');
     if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
         $output['form_status'] = $form_status['form_status'];
         $output['form_status_message'] = $form_status['form_status_message'];
     }
     unset($form_status);
     // count login fail and show captcha.
     if (\Session::get('login_all_fail_count', '0') >= $this->login_fail_time_show_captcha || \Session::get('show_captcha', false) === true) {
         $output['show_captcha'] = true;
         // if last time login failed is over wait time, reset it
         if ((time() - \Session::get('login_all_fail_time', time())) / 60 > $config['member_login_fail_wait_time']['value']) {
             // reset captcha requirement and wait time.
             \Session::set('login_all_fail_count', \Session::get('login_all_fail_count') - ($this->login_fail_time_show_captcha + 1));
             // do not reset this, just reduce to fail time show captcha+1. doing this to prevent brute force attack.
             \Session::delete('login_all_fail_time');
             \Session::delete('show_captcha');
         }
     }
     // browser check
     $output['browser_check'] = $this->browserCheck();
     // if form submitted --------------------------------------------------------------------------------------------
     if (\Input::method() == 'POST') {
         // store data for login
         $data['account_identity'] = trim(\Input::post('account_identity'));
         if (strpos($data['account_identity'], '@') === false) {
             $data['account_username'] = $data['account_identity'];
         } else {
             $data['account_email'] = $data['account_identity'];
         }
         $data['account_password'] = trim(\Input::post('account_password'));
         // validate form.
         $validate = \Validation::forge();
         // check username or email required
         $validate->add('account_identity', \Lang::get('account_username_or_email'), array(), array('required'));
         $validate->add('account_password', \Lang::get('account_password'), array(), array('required'));
         if (!\Extension\NoCsrf::check()) {
             // validate token failed
             $output['form_status'] = 'error';
             $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token');
             $output['input_csrf_token'] = \Extension\NoCsrf::generate();
         } elseif (!$validate->run()) {
             // validate failed
             $output['form_status'] = 'error';
             $output['form_status_message'] = $validate->show_errors();
             if (\Input::is_ajax()) {
                 $response = new \Response();
                 $response->set_header('Content-Type', 'application/json');
                 $response->body(json_encode($output));
                 return $response;
             }
         } else {
             // count login failed and wait if it was exceed max failed allowed.
             if (\Session::get('login_all_fail_count', '0') > $config['member_max_login_fail']['value'] && (time() - \Session::get('login_all_fail_time', time())) / 60 <= $config['member_login_fail_wait_time']['value']) {
                 // continuous login failed over max fail limit.
                 $result = Lang::get('account_login_failed_too_many', array('wait_minute' => $config['member_login_fail_wait_time']['value'], 'wait_til_time' => date('d F Y H:i:s', time() + $config['member_login_fail_wait_time']['value'] * 60)));
             } else {
                 // not reach maximum limit
                 // check if show captcha
                 if (isset($output['show_captcha']) && $output['show_captcha'] === true) {
                     include APPPATH . 'vendor' . DS . 'securimage' . DS . 'securimage.php';
                     $securimage = new \Securimage();
                     if ($securimage->check(\Input::post('captcha')) == false) {
                         $result = \Lang::get('account_wrong_captcha_code');
                     }
                 }
                 // try to login. ---------------------------------------------
                 if (!isset($result) || isset($result) && $result == null) {
                     $result = \Model_Accounts::adminLogin($data);
                 }
             }
             // check login result ----------------------------------------------
             if ($result === true) {
                 // success
                 $all_fail_count = 0;
                 \Session::delete('login_all_fail_count');
                 \Session::delete('login_all_fail_time');
                 \Session::delete('show_captcha');
                 if (\Input::is_ajax()) {
                     $output['login_status'] = true;
                     $output['form_status'] = 'success';
                     $output['form_status_message'] = \Lang::get('account_login_success');
                     if (!isset($output['go_to'])) {
                         $output['go_to'] = \Uri::main();
                     } else {
                         $output['go_to'] = urldecode($output['go_to']);
                     }
                     $response = new \Response();
                     $response->set_header('Content-Type', 'application/json');
                     $response->body(json_encode($output));
                     return $response;
                 } else {
                     if (isset($output['go_to'])) {
                         \Response::redirect(urldecode($output['go_to']));
                     } else {
                         \Response::redirect(\Uri::base());
                     }
                 }
             } else {
                 // failed
                 $all_fail_count = \Session::get('login_all_fail_count', '0') + 1;
                 \Session::set('login_all_fail_count', $all_fail_count);
                 \Session::set('login_all_fail_time', time());
                 // if login fail count more than or equal to fail time show captcha
                 if ($all_fail_count >= $this->login_fail_time_show_captcha) {
                     $output['show_captcha'] = true;
                     \Session::set('show_captcha', true);
                 }
                 $output['form_status'] = 'error';
                 $output['form_status_message'] = $result;
                 if (\Input::is_ajax()) {
                     $response = new \Response();
                     $response->set_header('Content-Type', 'application/json');
                     $response->body(json_encode($output));
                     return $response;
                 }
             }
         }
         // re-populate form
         $output['account_identity'] = $data['account_identity'];
     }
     // <head> output ----------------------------------------------------------------------------------------------
     $output['page_title'] = $this->generateTitle(\Lang::get('account_login'));
     $output['page_meta'][] = '<meta name="robots" content="noindex, nofollow" />';
     // <head> output ----------------------------------------------------------------------------------------------
     // breadcrumb -------------------------------------------------------------------------------------------------
     $page_breadcrumb = [];
     $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
     $page_breadcrumb[1] = ['name' => \Lang::get('account_login'), 'url' => \Uri::create('admin/login')];
     $output['page_breadcrumb'] = $page_breadcrumb;
     unset($page_breadcrumb);
     // breadcrumb -------------------------------------------------------------------------------------------------
     if (\Input::is_ajax()) {
         $response = new \Response();
         $response->set_header('Content-Type', 'application/json');
         $response->body(json_encode($output));
         return $response;
     } else {
         return $theme->view('admin/templates/login/index_v', $output, false);
     }
 }
Example #17
0
 /**
  * Forced download of the attached file
  * @param type $id
  * @return \Response
  * @throws HttpNotFoundException
  */
 public function action_poster($id = null)
 {
     //if the event request is not valid, return a 404 error
     if (is_null($id)) {
         throw new HttpNotFoundException();
     }
     $event = Model_Orm_Event::find($id);
     if (is_null($event)) {
         throw new HttpNotFoundException();
     }
     if ($event->poster != null) {
         //the files are found in subfolder of APPPATH, named "files"
         //DS stands for "Directory Separator"
         //Since we know it's a PDF file, we force PDF mime type.
         $response = new Response();
         $response->set_header('Content-Type', 'application/pdf');
         $response->set_header('Content-Disposition', 'attachment; filename="' . $event->poster . '"');
         $response->body = file_get_contents(APPPATH . "files" . DS . $event->poster);
         return $response;
     } else {
         //no poster file for the current document!
         throw new HttpNotFoundException();
     }
 }
Example #18
0
 public function action_list_reports($campaign_id)
 {
     $full_details = Controller_Reports::list_reports($campaign_id, TRUE);
     $stats = array();
     foreach ($full_details as $full) {
         $stats[] = '"' . implode($full, '","') . '"';
     }
     $response = new Response(implode($stats, "\n"));
     $response->set_header('Content-Type', 'text/csv');
     $response->set_header('Content-Disposition', 'attachment; filename="full_stats_' . $campaign_id . '.csv"');
     $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate');
     $response->set_header('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT');
     $response->set_header('Pragma', 'no-cache');
     return $response;
 }
Example #19
0
File: http.php Project: jaz303/zing
 public static function redirect($absolute_url, $permanent = false)
 {
     $response = new Response();
     $response->set_status($permanent ? Constants::MOVED_PERMANENTLY : Constants::MOVED_TEMPORARILY);
     $response->set_header('Location', $absolute_url);
     return $response;
 }