public function testUserRoles()
{
$app = new Users();
$app->ds->loadMock('users', APP_ROOT . 'data/users.txt');
$app->login('*****@*****.**', '1234');
$this->assertEquals($_SESSION["user_roles"], 2);
$app->logout();
$this->assertEquals($_SESSION["user_roles"], null);
}
/**
* Sandbox main function
*/
public static function main()
{
// Get users table
Users::$users = new Table('users');
// Logout
if (Uri::segment(1) == 'logout') {
Users::logout();
}
}
public function __construct($userId = 0)
{
$this->_db = DB::instance();
if (empty($userId)) {
if (Session::exists(Config::get('session/loggedId'))) {
if ($this->setData(Session::get(Config::get('session/loggedId')))) {
$this->_loggedIn = true;
} else {
Users::logout();
}
}
} else {
$this->setData($userId);
}
}
public function testUserRoles()
{
$app = new Users();
$data = new data_source_mysqli();
$data->config = self::$config;
$data->connect("");
$app->ds = $data;
$data->index_field = "user_id";
$app->login('*****@*****.**', '1234');
$this->assertEquals($_SESSION["user_roles"], 2);
$app->logout();
$this->assertEquals($_SESSION["user_roles"], null);
}
/**
* Tests fetching user's data by calling ::userData with UID argument
*
* (currently it's hardcoded to always return admin's data, since there are no other users)
*/
public function testUserDataMethodWithUID()
{
Users::logout();
$this->assertEquals(self::userData(), Users::userData(0));
Users::login('radex', 'qwerty');
$this->assertEquals(self::userData(), Users::userData(1));
}
public function logout()
{
Users::logout();
return Response::redirect($this->admin_url . '/login');
}
<?php
session_start();
include_once 'functions.php';
$user = new Users();
$id = $_SESSION['id'];
if (!$user->session()) {
header('Location: index.php');
}
if ($_GET['q'] == "logout") {
$user->logout();
header('Location: index.php');
}
?>
<h1>Welcome to RubyCMS!</h1>
<p>Although RubyCMS is in pre-alpha development will continue till the developer feels like the CMS is fully complete.
So expect a lot of bugs and please report any bugs to the developer. If you want to logout just click the link below.
Thanks for using RubyCMS, come back any time you want!</p>
<a href="?q=logout">Logout</a>
function signOutAction()
{
global $site;
Users::logout();
$site->redirectTo($site->urlTo('/experiments/norm-user'));
}
/**
* Logs the user out and redirects them to the home page.
*/
function cc_logout()
{
Users::logout();
cc_redirect("", true);
exit;
}
function logout_action()
{
Users::logout();
SiteRedirect();
}
<?php
/**
* Created by PhpStorm.
* User: renan
* Date: 07/09/15
* Time: 19:17
*/
header('Content-Type: text/html; charset=utf8');
define('DS', DIRECTORY_SEPARATOR);
define('ROOT', dirname(__DIR__));
include ROOT . DS . 'config/Config.php';
include ROOT . DS . 'src/Users.php';
$users = new Users(new Config());
$users->logout();
public function logout()
{
$user = new Users();
$user->logout();
header("Location: " . SITE_URL . "/login");
}
public function index()
{
Users::logout();
Redirect::to(ROOT_URL . 'admincp');
}
<?php
include_once 'class/user.php';
$obj = new Users();
$obj->table = 'users';
$obj->connect();
if (isset($_GET['logout'])) {
echo $obj->logout();
}
echo $obj->display_logout();
function BasePage()
{
@session_start();
if (function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc() || ini_get('magic_quotes_sybase')) {
foreach ($_GET as $k => $v) {
$_GET[$k] = is_array($v) ? array_map("stripslashes", $v) : stripslashes($v);
}
foreach ($_POST as $k => $v) {
$_POST[$k] = is_array($v) ? array_map("stripslashes", $v) : stripslashes($v);
}
foreach ($_REQUEST as $k => $v) {
$_REQUEST[$k] = is_array($v) ? array_map("stripslashes", $v) : stripslashes($v);
}
foreach ($_COOKIE as $k => $v) {
$_COOKIE[$k] = is_array($v) ? array_map("stripslashes", $v) : stripslashes($v);
}
}
// set site variable
$s = new Sites();
$this->site = $s->get();
$this->smarty = new Smarty();
if ($this->site->style != "default") {
$this->smarty->addTemplateDir(WWW_DIR . 'templates/' . $this->site->style . '/views/frontend', 'style_frontend');
}
$this->smarty->addTemplateDir(WWW_DIR . 'templates/default/views/frontend', 'frontend');
$this->smarty->setCompileDir(SMARTY_DIR . 'templates_c' . DIRECTORY_SEPARATOR);
$this->smarty->setConfigDir(SMARTY_DIR . 'configs' . DIRECTORY_SEPARATOR);
$this->smarty->setCacheDir(SMARTY_DIR . 'cache' . DIRECTORY_SEPARATOR);
$this->smarty->error_reporting = E_ALL - E_NOTICE;
$this->secure_connection = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443;
if (file_exists(WWW_DIR . 'templates/' . $this->site->style . '/theme.php')) {
require_once WWW_DIR . 'templates/' . $this->site->style . '/theme.php';
}
$this->smarty->assign('themevars', isset($themevars) ? $themevars : null);
$servername = null;
if (defined('EXTERNAL_PROXY_IP') && defined('EXTERNAL_HOST_NAME') && isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] == EXTERNAL_PROXY_IP) {
$servername = EXTERNAL_HOST_NAME;
} elseif (isset($_SERVER["SERVER_NAME"])) {
$servername = $_SERVER["SERVER_NAME"];
}
if ($servername != "") {
$this->serverurl = ($this->secure_connection ? "https://" : "http://") . $servername . ($_SERVER["SERVER_PORT"] != "80" && $_SERVER["SERVER_PORT"] != "443" ? ":" . $_SERVER["SERVER_PORT"] : "") . WWW_TOP . '/';
$this->smarty->assign('serverroot', $this->serverurl);
}
$this->page = isset($_GET['page']) ? $_GET['page'] : 'content';
$users = new Users();
if ($users->isLoggedIn()) {
$this->userdata = $users->getById($users->currentUserId());
//
// user can still be logged in but have been disabled by admin, so if they are, log them off
//
if ($this->userdata["role"] == Users::ROLE_DISABLED) {
$users->logout();
$this->show403();
}
$this->userdata["categoryexclusions"] = $users->getCategoryExclusion($users->currentUserId());
//update lastlogin every 15 mins
if (strtotime($this->userdata['now']) - 900 > strtotime($this->userdata['lastlogin'])) {
$users->updateSiteAccessed($this->userdata['ID']);
}
$this->smarty->assign('userdata', $this->userdata);
$this->smarty->assign('loggedin', "true");
if (!empty($this->userdata['nzbvortex_api_key']) && !empty($this->userdata['nzbvortex_server_url'])) {
$this->smarty->assign('weHasVortex', true);
}
$sab = new SABnzbd($this);
if ($sab->integrated !== false && $sab->url != '' && $sab->apikey != '') {
$this->smarty->assign('sabintegrated', $sab->integrated);
$this->smarty->assign('sabapikeytype', $sab->apikeytype);
}
$nzbget = new NZBGet($this);
if ($nzbget->integrated !== false && $nzbget->url != '') {
$this->smarty->assign('nzbgetintegrated', $nzbget->integrated);
}
if ($this->userdata["role"] == Users::ROLE_ADMIN) {
$this->smarty->assign('isadmin', "true");
}
if ($this->userdata["hideads"] == "1") {
$this->site->adheader = "";
$this->site->adbrowse = "";
$this->site->addetail = "";
}
$this->floodCheck($this->userdata["role"]);
} else {
$this->smarty->assign('isadmin', "false");
$this->smarty->assign('loggedin', "false");
$this->floodCheck();
}
$this->smarty->assign('site', $this->site);
$this->smarty->assign('page', $this);
}
/**
* Use with caution! This bypasses authentication.
* This functionality should not be exposed externally.
* @method setLoggedInUser
* @static
* @param {Users_User|string} $user The user object or user id
*/
static function setLoggedInUser($user = null)
{
if (!$user) {
return Users::logout();
}
if (is_string($user)) {
$user = Users_User::fetch($user);
}
if (isset($_SESSION['Users']['loggedInUser']['id'])) {
if ($user->id == $_SESSION['Users']['loggedInUser']['id']) {
// This user is already the logged-in user.
return;
}
}
if ($sessionId = Q_Session::id()) {
// Change the session id to prevent session fixation attacks
$sessionId = Q_Session::regenerateId(true);
}
// Store the new information in the session
$snf = Q_Config::get('Q', 'session', 'nonceField', 'nonce');
$_SESSION['Users']['loggedInUser']['id'] = $user->id;
Q_Session::setNonce(true);
$user->sessionCount = isset($user->sessionCount) ? $user->sessionCount + 1 : 1;
// Do we need to update it?
if (Q_Config::get('Users', 'setLoggedInUser', 'updateSessionKey', true)) {
/**
* @event Users/setLoggedInUser/updateSessionKey {before}
* @param {Users_User} user
*/
Q::event('Users/setLoggedInUser/updateSessionKey', compact('user'), 'before');
$user->sessionId = $sessionId;
$user->save();
// update sessionId in user
/**
* @event Users/setLoggedInUser/updateSessionKey {after}
* @param {Users_User} user
*/
Q::event('Users/setLoggedInUser/updateSessionKey', compact('user'), 'after');
}
$votes = Users_Vote::select('*')->where(array('userId' => $user->id, 'forType' => 'Users/hinted'))->fetchDbRows(null, null, 'forId');
// Cache already shown hints in the session.
// The consistency of this mechanism across sessions is not perfect, i.e.
// the same hint may repeat in multiple concurrent sessions, but it's ok.
$_SESSION['Users']['hinted'] = array_keys($votes);
/**
* @event Users/setLoggedInUser {after}
* @param {Users_User} user
*/
Q::event('Users/setLoggedInUser', compact('user'), 'after');
self::$loggedOut = false;
}
function createPage($smarty)
{
if (!Users::loggedIn()) {
Redirect::to('?page=login');
}
if (Input::exists()) {
if (Input::get('action') === 'logout') {
if (Users::loggedIn()) {
Users::logout();
Notifications::addSuccess('You have been logged out!');
Redirect::to('?page=login');
}
}
if (Input::get('action') === 'update_info') {
$validation = new Validate();
$validation->check($_POST, Config::get('validation/user_info'));
if ($validation->passed()) {
$data = array('name' => Input::get('name'), 'student_id' => Input::get('sid'), 'email' => Input::get('email'), 'phone' => Phone::formatNumber(Input::get('phone')));
if (Users::currentUser()->update($data)) {
Notifications::addSuccess('User information updated!');
} else {
Notifications::addError('Could not update user information.');
}
} else {
Notifications::addValidationFail($validation->getErrors());
}
}
if (Input::get('action') === 'update_pass') {
$validation = new Validate();
$validation->check($_POST, array_merge(Config::get('validation/set_password'), array('password_current' => array('name' => 'Current Password', 'required' => true, 'max' => 72))));
if ($validation->passed()) {
if (Hash::checkPassword(Input::get('password_current'), Users::currentData()->password)) {
if (Users::currentUser()->update(array('password' => Hash::hashPassword(Input::get('password'))))) {
Notifications::addSuccess('Password changed!');
} else {
Notifications::addError('Could not change password.');
}
} else {
Notifications::addValidationFail('Invalid current password.');
}
} else {
Notifications::addValidationFail($validation->getErrors());
}
}
if (Input::get('action') === 'update_googleAuth') {
$validation = new Validate();
$validation->check($_POST, array('authcode' => array('name' => 'Authorisation Code', 'required' => true)));
if ($validation->passed()) {
if (Calendar::setCredentials(Input::get('authcode'))) {
Notifications::addSuccess('Google Calendar API authorized!');
} else {
Notifications::addValidationFail('Could not authorize Google Calendar API.');
}
} else {
Notifications::addValidationFail($validation->getErrors());
}
}
if (Input::get('action') === 'update_calendarAssignmentsId') {
$validation = new Validate();
$validation->check($_POST, array('calid-ass' => array('name' => 'Assignments Calendar ID', 'required' => false), 'calid-ex' => array('name' => 'Exams Calendar ID', 'required' => false)));
if ($validation->passed()) {
$data = array('calendar_assignments' => Input::get('calid-ass'), 'calendar_exams' => Input::get('calid-ex'));
if (Users::currentUser()->update($data)) {
Notifications::addSuccess('Calendar ID\'s updated!');
} else {
Notifications::addValidationFail('Could not update calendar ID\'s.');
}
} else {
Notifications::addValidationFail($validation->getErrors());
}
}
if (Input::get('action') === 'delete_googleAuth') {
Calendar::deleteCredentials();
}
if (Input::get('action') === 'update_calendarAssignments' && Users::isEditor()) {
$assignments = DB::instance()->get(Users::safeSid() . "_assignments")->results();
foreach ($assignments as $assignment) {
Calendar::updateAssignment($assignment->id);
}
}
if (Input::get('action') === 'create_database') {
if (!UserTables::hasTables()) {
UserTables::createTables();
if (Users::isGuest()) {
Users::currentUser()->update(array('permission_group' => '2'));
}
}
}
}
if (!Calendar::isReady()) {
$smarty->assign('authUrl', Calendar::getAuthUrl());
}
$smarty->assign('authCode', Input::get('authcode'));
$smarty->assign('calid_ass', Users::currentData()->calendar_assignments);
$smarty->assign('calid_ex', Users::currentData()->calendar_exams);
$smarty->assign('name', Users::currentData()->name);
$smarty->assign('sid', Users::currentData()->student_id);
$smarty->assign('email', Users::currentData()->email);
$smarty->assign('phone', Users::currentData()->phone);
return $smarty;
}
/**
* Logs the user out.
*/
public static function logout()
{
Users::logout();
cc_redirect(TH_PUB_ROOT);
exit;
}
<?php
require_once "../include/users.php";
require_once "../include/functions.php";
session_start();
require_login();
Users::logout();
http_redirect("/");
public function logout()
{
$user = new Users();
$user->logout();
header('Location: Home');
}
