public function salvar()
{
if (!Session::hasPermission('usuario', Session::EXCLUIR)) {
Router::redirect('home');
}
$cols = array();
$values = array();
$ident = Request::get('ident');
$ident = $ident == "0" ? false : $ident;
$j = array();
// resposta
global $db;
$exists = $db->query("select * from user where email='" . Request::post('email') . "'", true);
if (!$ident && count($exists) > 0) {
$j['status'] = 'danger';
$j['message'] = 'O usuário já existe';
echo json_encode($j);
return;
}
foreach ($_POST as $key => $value) {
if ($key == 'active') {
$value = 1;
}
if (preg_match("/\\=/", $value)) {
$refs = explode("&", $value);
$rcol = array();
$rval = array();
foreach ($refs as $ref) {
$r = explode("=", $ref);
array_push($rcol, $r[0]);
array_push($rval, $r[1]);
}
$query = "delete from user_module where user_id=" . $rval[0] . " and module_id=" . $rval[1] . ";";
$db->query($query, true);
$query = "insert into user_module (" . implode(",", $rcol) . ") values ('" . implode("','", $rval) . "');";
$db->query($query);
continue;
}
array_push($cols, $key);
array_push($values, $value);
}
if (!Request::post('active')) {
array_push($cols, 'active');
array_push($values, 0);
}
if (!$ident) {
// neurosoft
array_push($cols, "password");
array_push($values, Session::password("neurosoft"));
// neurosoft
array_push($cols, "token");
array_push($values, Session::token(Request::post('email') . "neurosoft"));
}
if ($ident) {
$query = "update user set ";
$sets = array();
for ($i = 0; $i < count($cols); $i++) {
array_push($sets, $cols[$i] . "='" . $values[$i] . "'");
}
$query .= implode(",", $sets) . " where id=" . $ident;
} else {
$query = "insert into user (" . implode(",", $cols) . ") values ('" . implode("','", $values) . "');";
}
$result = $db->query($query);
if ($result) {
$j['status'] = 'success';
$j['message'] = 'Usuário salvo com êxito.';
$returningId = $ident ? "" : "editar/" . $result;
$j['redirect'] = "/" . APP_DIR . "usuario/" . $returningId;
} else {
$j['status'] = 'danger';
$j['message'] = 'O sistema não pode salvar o usuário. Contate o administrador.';
}
echo json_encode($j);
}
public static function auth($email, $passwd)
{
$ret = array();
$erros = array();
if ($email && $passwd) {
if (!preg_match(FormHelper::EMAIL, $email)) {
$err = array();
$err['field'] = "email";
$err['message'] = "Digite um <strong>E-mail</strong> válido.";
array_push($erros, $err);
}
if (!preg_match(FormHelper::NOT_EMPTY, $passwd)) {
$err = array();
$err['field'] = "password";
$err['message'] = "Digite uma <strong>Senha</strong> para logar.";
array_push($erros, $err);
}
if (count($erros) == 0) {
global $db;
$session_id = Session::getId();
$passwd = Session::password($passwd);
$query = "select id,name,email,token from user where email='{$email}' and password='******' and active=1 and deleted=0";
$user = $db->query($query, true, PDO::FETCH_CLASS);
if (count($user) > 0) {
$session = array('id' => $user->id, 'name' => $user->name, 'email' => $user->email, 'token' => $user->token);
$_SESSION[$session_id] = $session;
$query = "update user set lastlogin='******'Y-m-d H:i:s') . "' where id=" . $user->id;
$db->query($query);
$ret['status'] = 'success';
$ret['message'] = 'Login realizado, a página será redirecionada.';
$ret['redirect'] = "/" . APP_DIR . "home/index";
} else {
Session::destroy();
$ret = array();
$ret['status'] = 'danger';
$ret['message'] = 'Login ou senha inválidos.';
}
} else {
$ret['status'] = 'error';
$ret['message'] = "Há erros no formulário";
$ret['details'] = $erros;
}
echo json_encode($ret);
}
}
<?php
require_once "lib/base.inc.php";
$s = new Session(false);
$title = $s->web->name . " Password reset tool.";
if (isset($_POST["enter"]) == true) {
$user = $_POST["user"];
$email = $_POST["email"];
if ($s->password($email) > 0) {
$hecho = true;
$s->user->role = "DDDDD";
} else {
$notification = new Notification("Error", "Email not found.");
}
}
include "parts/header.php";
//echo md5('pass');
//echo $debug;
include "pages/password.php";
include "parts/footer.php";
public function salvar()
{
$j = array();
$id = Request::get('ident');
$email = Request::post('email');
$senha = Request::post('senha');
$novasenha = Request::post('novasenha');
$repetir = Request::post('repetir');
$erros = array();
if (!preg_match(FormHelper::EMAIL, $email)) {
array_push($erros, 'email');
$j['status'] = "danger";
$j['message'] = "Digite um <strong>E-mail</strong> válido.";
}
if (isset($senha)) {
if (strlen($novasenha) < 4) {
array_push($erros, "senha");
$j['status'] = 'danger';
$j['message'] = 'A <strong>senha</strong> deve ter ao menos 4 caracteres.';
$j['focus'] = "#senha";
} else {
if ($novasenha != $repetir && preg_match(FormHelper::NOT_EMPTY, $novasenha)) {
array_push($erros, 'repetir');
$j['status'] = 'danger';
$j['message'] = 'Repita a senha para alterá-la.';
$j['focus'] = "#repetir";
} else {
if (!isset($novasenha)) {
array_push($erros, 'novasenha');
$j['status'] = 'danger';
$j['message'] = 'Caso queira alterar uma senha, você deve digitar uma nova.';
$j['focus'] = "#novasenha";
}
}
}
}
global $db;
$u = $db->query("select email from user where email='{$email}'");
$c = $db->query("select email from user where id={$id} and email='{$email}'");
$s = $db->query("select email from user where email='{$email}' and password='******'");
if (isset($senha) && count($s) == 0) {
array_push($erros, "senha");
$j['status'] = 'danger';
$j['message'] = 'A <strong>senha</strong> não confere.';
$j['focus'] = "#senha";
}
if (count($c) == 0 && count($u) > 0) {
array($erros, 'email');
$j['status'] = "danger";
$j['message'] = "<strong>E-mail</strong> já existe.";
}
if (count($erros) == 0) {
global $db;
$cols = array();
array_push($cols, "email='" . $email . "'");
if (isset($novasenha)) {
array_push($cols, "password='******'");
array_push($cols, "token='" . Session::token($email . $novasenha) . "'");
}
$query = "update user set " . implode($cols, ",") . " where id=" . $id;
$db->query($query);
$j['status'] = 'success';
$j['message'] = 'Usuário alterado com êxito.';
} else {
if (!isset($j['status'])) {
$j['status'] = 'success';
$j['message'] = 'Não houveram alterações.';
}
}
echo json_encode($j);
}
