Example #1
0
 /**
  *  Редактирование сообщения
  */
 public function edit($id)
 {
     if (!User::check()) {
         App::abort(403);
     }
     if (!($guest = Guestbook::find_by_id($id))) {
         App::abort('default', 'Сообщение не найдено!');
     }
     if (!User::isAdmin() && $guest->user_id != User::getUser('id')) {
         App::abort('default', 'Редактирование невозможно, вы не автор данного сообщения!');
     }
     if (!User::isAdmin() && $guest->created_at < Carbon::now()->subMinutes(10)) {
         App::abort('default', 'Редактирование невозможно, прошло более 10 мин.');
     }
     if (Request::isMethod('post')) {
         $guest->token = Request::input('token', true);
         $guest->text = Request::input('text');
         if ($guest->save()) {
             App::setFlash('success', 'Сообщение успешно изменено!');
             App::redirect('/guestbook');
         } else {
             App::setFlash('danger', $guest->getErrors());
             App::setInput($_POST);
         }
     }
     App::view('guestbook.edit', compact('guest'));
 }
Example #2
0
 function login()
 {
     //登录
     if (isset($_POST['name'])) {
         $model = new User();
         if ($model->check()) {
             //检查用户输入的用户名和密码是否有效
             setcookie('user', $_POST['name']);
             //有效则将用户信息存入cookie和session中
             $_SESSION['name'] = $model->getName();
             $_SESSION['id'] = $model->getID();
             $_SESSION['role'] = $model->getRole();
             header('location:http://' . $_SERVER['HTTP_HOST'] . '/WeiXianPin/index.php');
             //重定向到主页
             exit;
         } else {
             $error = '用户名或密码错误,请重新登录';
         }
     } else {
         $error = '';
     }
     //没有提交登录表单,自然没错
     include 'login.html.php';
     //进入登录页面并显示错误信息(如果没有则不显示)
 }
Example #3
0
 public function validate()
 {
     if ($this->token && $this->token !== $_SESSION['token']) {
         $this->errors->add('token', 'Неверный идентификатор сессии, повторите действие!');
     }
     if (!User::check() && $this->captcha !== $_SESSION['captcha']) {
         $this->errors->add('captcha', 'Неверный проверочный код');
     }
 }
Example #4
0
function login_POST()
{
    $username = _post('username');
    $password = _post('password');
    if ($user = User::check($username, $password)) {
        $user->login();
        $back_url = _get('back_url') ?: DEFAULT_LOGIN_REDIRECT_URL;
        redirect($back_url);
    } else {
        $GLOBALS['msg'] = $GLOBALS['config']['error']['info']['USERNAME_OR_PASSWORD_INCORRECT'];
    }
}
Example #5
0
 /**
  * Отправка жалобы
  */
 public function complaint()
 {
     if (!Request::ajax()) {
         App::redirect('/');
     }
     $token = Request::input('token', true);
     $relate_type = Request::input('type');
     $relate_id = Request::input('id');
     if (User::check() && $token == $_SESSION['token']) {
         $spam = Spam::first(['conditions' => ['relate_type = ? AND relate_id = ?', $relate_type, $relate_id]]);
         if ($spam) {
             exit(json_encode(['status' => 'exists']));
         }
         $spam = new Spam();
         $spam->relate_type = $relate_type;
         $spam->relate_id = $relate_id;
         $spam->user_id = User::get('id');
         if ($spam->save()) {
             exit(json_encode(['status' => 'added']));
         }
     }
     exit(json_encode(['status' => 'error']));
 }
<?php

if (\User::check()) {
    $user = \User::getUser();
}
?>
	
@extends('front.app')

@section('title')
Company Register | Programme Chameleon
@stop

@section('content')
<div id="wrapper">
	@include('front.include.header')
	<div class="common-page-wrapper">
		<div class="container">
			<h1 class="page-title lighten">
				Company Register
			</h1>
			<div class="row">
				<div class="col-md-5">
					<div id="register-form-wrapper" class="element-bottom-30">
						<form role="form" id="register-form" onsubmit="return false;" data-parsley-validate data-route="{{ route('company.postRegister') }}">
							<div class="form-group">
								<label>Company Name</label>
								<input class="form-control" name="company_name" placeholder="Company Name" required="required" type="text">
							</div>
							<div class="form-group">
								<label>Company Position</label>
Example #7
0
    $user->check($_GET['id'], 'r');
    $user->generateVcard($_GET["id"]);
} else {
    if (isset($_POST["add"])) {
        $user->check(-1, 'w', $_POST);
        // Pas de nom pas d'ajout
        if (!empty($_POST["name"]) && ($newID = $user->add($_POST))) {
            Event::log($newID, "users", 4, "setup", $_SESSION["glpiname"] . " " . $LANG['log'][20] . " " . $_POST["name"] . ".");
        }
        glpi_header($_SERVER['HTTP_REFERER']);
    } else {
        if (isset($_POST["delete"])) {
            $user->check($_POST['id'], 'w');
            $user->delete($_POST);
            Event::log(0, "users", 4, "setup", $_SESSION["glpiname"] . " " . $LANG['log'][22] . " " . $_POST["id"] . ".");
            $user->redirectToList();
        } else {
            if (isset($_POST["restore"])) {
                $user->check($_POST['id'], 'w');
                $user->restore($_POST);
                Event::log($_POST["id"], "users", 4, "setup", $_SESSION["glpiname"] . " " . $LANG['log'][23]);
                $user->redirectToList();
            } else {
                if (isset($_POST["purge"])) {
                    $user->check($_POST['id'], 'w');
                    $user->delete($_POST, 1);
                    Event::log($_POST["id"], "users", 4, "setup", $_SESSION["glpiname"] . " " . $LANG['log'][24]);
                    $user->redirectToList();
                } else {
                    if (isset($_POST["force_ldap_resynch"])) {
                        checkRight('user_authtype', 'w');
                        $user->check($_POST['id'], 'w');
Example #8
0
    if (is_object($user)) {
        $user->logout();
    }
    redirect();
}
// if user is already logged in,
// to index since we didn't provide such a link
if ($has_login) {
    redirect();
    // to index
}
$username = _post('username');
$password = _post('password');
$msg = '';
if ($by_post) {
    if (User::check($username, $password)) {
        $user = User::getByName($username);
        $user->login();
        $type = strtolower($user->type);
        ${$type} = $user->instance();
        $back_url = _get('back_url') ?: DEFAULT_LOGIN_REDIRECT_URL;
        switch ($user->type) {
            case 'SuperAdmin':
                $back_url = 'user';
                break;
            case 'Admin':
            case 'Customer':
                break;
            default:
                throw new Exception("unkonwn user type: {$user}->{$type}");
                break;
Example #9
0
 *\note the typecard can be
 *   - cred card for the debit only if j is set
 *   - deb card for the debit only if j is set
 *   - filter card for debit and credit only if j OR type is set
 *   - list of fd_id
 *
 */
$jrn = !isset($_REQUEST['j']) ? -1 : $_REQUEST['j'];
$filter_card = "";
$cn = new Database(dossier::id());
$d = $_REQUEST['e'];
$filter_card = '';
require_once 'class_user.php';
global $g_user;
$g_user = new User($cn);
$g_user->check();
$g_user->check_dossier(dossier::id());
set_language();
if ($d == 'all') {
    $filter_card = '';
} else {
    if (strpos($d, 'sql]') == true) {
        $filter_card = str_replace('[sql]', " and ", $d);
    } else {
        $filter_card = "and fd_id in ({$d})";
    }
}
if ($jrn != -1) {
    switch ($d) {
        case 'cred':
            $filter_jrn = $cn->make_list("select jrn_def_fiche_cred from jrn_def where jrn_def_id=\$1", array($jrn));
Example #10
0
 public function __construct()
 {
     if (User::check() && User::get('level') == 'banned' && Request::path() != 'logout') {
         App::abort('default', 'Вы забанены');
     }
 }
Example #11
0
 /**
  * Добавление в закладки
  */
 public function bookmark()
 {
     if (!Request::ajax()) {
         App::redirect('/');
     }
     $token = Request::input('token', true);
     $topic_id = Request::input('id');
     if (User::check() && $token == $_SESSION['token']) {
         /* Проверка темы на существование */
         if ($topic = Topic::find_by_id($topic_id)) {
             /* Добавление темы в закладки */
             if ($bookmark = Bookmark::find_by_topic_id_and_user_id($topic_id, User::get('id'))) {
                 if ($bookmark->delete()) {
                     exit(json_encode(['status' => 'deleted']));
                 }
             } else {
                 $bookmark = new Bookmark();
                 $bookmark->topic_id = $topic->id;
                 $bookmark->user_id = User::get('id');
                 $bookmark->posts = $topic->postCount();
                 if ($bookmark->save()) {
                     exit(json_encode(['status' => 'added']));
                 }
             }
         }
     }
     exit(json_encode(['status' => 'error']));
 }
Example #12
0
$douban_id = str_replace("http://api.douban.com/people/", "", $doubanInfo->id);
$uid = check_user("douban", $douban_id);
//echo $douban_id;
//echo $uid ;
if (!$uid) {
    exit;
}
$user = new User($uid);
switch ($_GET['app']) {
    case "myinfo":
        $out = json_encode($arr);
        echo $out;
        break;
    case "check":
        $word = $_POST['word'];
        echo $user->check($word);
        break;
    case "addword":
        $word = $_POST['word'];
        $is_new = $_POST['is_new'];
        $result = $user->add_word($word, $is_new);
        //$user->add_wordtodic("kiss");
        echo $result;
        break;
    case "list":
        $max = $_POST['max'];
        $page = $_POST['page'];
        $user->list_newwords($max, $page);
        break;
}
exit;
Example #13
0
 private static function outputOption($name, $value, $default, $forceSelect = false)
 {
     if ($name == User::$GENDER && !$forceSelect) {
         echo '<label for="' . $name . $value . '">' . $value . '</label>';
         echo '<input type="radio" name="' . $name . '" value="' . $value . '" id="' . $name . $value . '" ';
         User::check($default, $value);
         echo ' />';
     } else {
         User::outputCustomOption($value, $value, $default);
     }
 }
Example #14
0
 public function checkPhone()
 {
     $request = $this->getHeaderBody();
     $yzmkey = 'YZM_' . MD5($request->phoneid . $request->phone);
     //验证手机 模拟通过
     $userModel = new User();
     if ($userModel->check($request)) {
         sendMsg('PHONE USED', 1);
     }
     if ($this->mCache->get($yzmkey) != $request->code) {
         sendMsg('CHECK ERROR', 1);
     }
     //清理key
     $this->mCache->delete($yzmkey);
     $mkey = MD5($request->phoneid . $request->phone . time());
     $this->mCache->save($mkey, ['phoneid' => $request->phoneid, 'phone' => $request->phone]);
     sendMsg(['key' => $mkey]);
 }
Example #15
0
 /**
  * Скрытие текста от неавторизованных пользователей
  * @param callable $match массив элементов
  * @return string  скрытый код
  */
 public function hiddenText($match)
 {
     if (empty($match[1])) {
         $match[1] = 'Текст отсутствует';
     }
     return '<div class="hiding">
	<span class="strong">Скрытый контент:</span> ' . (User::check() ? $match[1] : 'Для просмотра необходимо авторизоваться!') . '</div>';
 }
Example #16
0
$db->connect();
$user = new User();
$mo_settings = array();
$mo_request = '';
$mo_plugin = array();
$mo_theme = '';
$mo_theme_floder = '';
$mo_theme_file = '';
mo_load_settings();
$mo_request = mo_analyze();
getPT();
if (count($mo_plugin)) {
    foreach ($mo_plugin as $plugin) {
        require_once $plugin;
    }
}
if ($mo_theme_file) {
    require_once $mo_theme_file;
}
do_action('loadPT');
// Check if logged in or trying to
if ($user->autoLogin()) {
    $user->loadAll($_SESSION['uid']);
    $user->check();
}
do_action('loadBasic');
if (defined('OUTPUT') && OUTPUT == True && $mo_theme_file) {
    call_user_func($mo_theme);
}
do_action('loadDone');
mo_write_note('The page has been processed successfully.');
     $user->check(-1, CREATE, $_POST);
     // Pas de nom pas d'ajout
     if (!empty($_POST["name"]) && ($newID = $user->add($_POST))) {
         Event::log($newID, "users", 4, "setup", sprintf(__('%1$s adds the item %2$s'), $_SESSION["glpiname"], $_POST["name"]));
         if ($_SESSION['glpibackcreated']) {
             Html::redirect($user->getFormURL() . "?id=" . $newID);
         }
     }
     Html::back();
 } else {
     if (isset($_POST["delete"])) {
         $user->check($_POST['id'], DELETE);
         $user->delete($_POST);
         Event::log($_POST["id"], "users", 4, "setup", sprintf(__('%s deletes an item'), $_SESSION["glpiname"]));
         $user->redirectToList();
     } else {
         if (isset($_POST["restore"])) {
             $user->check($_POST['id'], PURGE);
             $user->restore($_POST);
             Event::log($_POST["id"], "users", 4, "setup", sprintf(__('%s restores an item'), $_SESSION["glpiname"]));
             $user->redirectToList();
         } else {
             if (isset($_POST["purge"])) {
                 $user->check($_POST['id'], PURGE);
                 $user->delete($_POST, 1);
                 Event::log($_POST["id"], "users", 4, "setup", sprintf(__('%s purges an item'), $_SESSION["glpiname"]));
                 $user->redirectToList();
             } else {
                 if (isset($_POST["force_ldap_resynch"])) {
                     Session::checkRight('user', User::UPDATEAUTHENT);
                     $user->getFromDB($_POST["id"]);
                     AuthLdap::ldapImportUserByServerId(array('method' => AuthLDAP::IDENTIFIER_LOGIN, 'value' => $user->fields["name"]), true, $user->fields["auths_id"], true);
                     Html::back();
                 } else {
                     if (isset($_POST["update"])) {
                         $user->check($_POST['id'], UPDATE);
Example #18
0
 * - i id
 * for delete
 * - gDossier
 * - i id
 */
define('ALLOWED', 1);
require_once '../include/constant.php';
require_once NOALYSS_INCLUDE . '/class_dossier.php';
require_once NOALYSS_INCLUDE . '/class_todo_list.php';
require_once NOALYSS_INCLUDE . '/class_database.php';
require_once NOALYSS_INCLUDE . '/class_user.php';
mb_internal_encoding("UTF-8");
$cn = Dossier::connect();
global $g_user;
$g_user = new User($cn);
$g_user->check(true);
$g_user->check_dossier(Dossier::id(), true);
set_language();
ajax_disconnected('add_todo_list');
////////////////////////////////////////////////////////////////////////////////
// Display the note
////////////////////////////////////////////////////////////////////////////////
if (isset($_REQUEST['show'])) {
    $cn = new Database(dossier::id());
    $todo = new Todo_list($cn);
    $todo->set_parameter('id', $_REQUEST['id']);
    $todo->load();
    $content = $todo->display();
    header('Content-type: text/xml; charset=UTF-8');
    $dom = new DOMDocument('1.0', 'UTF-8');
    $tl_id = $dom->createElement('tl_id', $todo->get_parameter('id'));
Example #19
0
 /**
  * Загрузка фото в профиль
  */
 public function image()
 {
     if (!Request::ajax() || !User::check()) {
         App::redirect('/');
     }
     // Удаление и размер
     $image = Request::file('image');
     if ($image->isValid()) {
         $ext = $image->getClientOriginalExtension();
         if (in_array($ext, ['jpeg', 'jpg', 'png', 'gif'])) {
             $filename = uniqid(mt_rand()) . '.' . $ext;
             $user = User::get();
             $user->deleteImages();
             $img = new SimpleImage($image->getPathName());
             $img->best_fit(1280, 1280)->save('uploads/users/photos/' . $filename);
             $img->best_fit(200, 200)->save('uploads/users/thumbs/' . $filename);
             $img->thumbnail(48, 48)->save('uploads/users/avatars/' . $filename);
             $user->avatar = $filename;
             if ($user->save()) {
                 exit(json_encode(['status' => 'uploaded']));
             } else {
                 exit(json_encode(['status' => 'nosave']));
             }
         } else {
             exit(json_encode(['status' => 'invalid']));
         }
     }
 }
Example #20
0
// clear db entries that was insert by test
include 'clear_db.php';
$all_pass = true;
begin_test();
test(1, 1, 'test for 1 === 1');
begin_test();
$username = 'test_user';
$password = 'password';
$realname = '小池';
$phone = '13711231212';
$email = 'cumt.xiaochi@gmail.com';
$info = compact('username', 'password', 'realname', 'phone', 'email');
$customer = Customer::create($info);
test(1, 1, array('name' => 'register Customer, db'));
begin_test();
test(User::check($username, $password), true, array('name' => 'User::check($username, $password)'));
begin_test();
$username = 'test_admin';
$password = 'password';
$user = User::getByName('root');
$superadmin = $user->instance();
$admin = $superadmin->createAdmin(compact('username', 'password'));
$ideal_arr = array('name' => $username, 'password' => md5($password), 'type' => 'Admin');
$id = Pdb::lastInsertId();
$real_arr = Pdb::fetchRow('name, password, type', User::$table, array('id=?' => $id));
test($real_arr, $ideal_arr, array('name' => 'Super Admin create Admin, db'));
begin_test();
$prd_types = Product::types();
$info = array('name' => '唯爱心形群镶女戒_test', 'type' => reset(array_keys($prd_types)), 'material' => json_encode(array('PT950', '白18K金', '黄18K金', '红18K金')), 'rabbet_start' => '0.30', 'rabbet_end' => '0.60', 'weight' => 9, 'small_stone' => 3, 'st_weight' => 2.1, 'images' => array('400' => array('/test/static/img/i400-1.jpg', '/test/static/img/i400-2.jpg', '/test/static/img/i400-3.jpg'), 'thumb' => array('/test/static/img/i80-1.jpg', '/test/static/img/i80-2.jpg', '/test/static/img/i80-3.jpg')));
$product = Product::create($info);
test(1, 1, array('name' => 'Admin post Product, db'));