Example #1
0
 public function update($id)
 {
     $usuario = authentication::user_info();
     $update = authentication::user_info($id);
     $level = $usuario['_usuarios__level'];
     $this->load->view("update", "Editar Usuário ", array("usuario" => $usuario, "form" => $this->form_update($id, $level)));
 }
Example #2
0
 public function __construct()
 {
     // Grab local path
     $local_path = dirname(__FILE__);
     // Set Authentication Data Source
     $this->auth_data_source = strtolower($_SESSION['auth_data_source']);
     // Set login status to false by default
     $this->status = false;
     // Include necessary classes
     require_once $_SESSION['frame_path'] . '/core/data_access/data_trans.class.php';
     require_once $local_path . '/nav.class.php';
     require_once $local_path . '/xml_nav.class.php';
     require_once $local_path . '/authentication.class.php';
     require_once $local_path . '/module_list.class.php';
     //****************************************************
     // Build Array NAVs
     //****************************************************
     // User Modules
     $modules_dir = isset($_SESSION['modules_dir']) ? $_SESSION['modules_dir'] : 'modules';
     $modules_path = $_SESSION['file_path'] . '/' . $modules_dir;
     if (file_exists($modules_path) && is_dir($modules_path)) {
         $nav = new nav($modules_path);
     }
     $_SESSION['menu_array'] = isset($nav) ? $nav->export() : array();
     $_SESSION['menu_array2'] = isset($nav) ? $nav->export2() : array();
     //**************************************
     // Authenticate
     //**************************************
     $authen = new authentication();
     //**************************************
     // Authentication Success
     //**************************************
     if ($authen->status()) {
         // Build XML Nav
         $module_xml = new xml_nav($_SESSION['menu_array']);
         $_SESSION['menu_xml'] = $module_xml->export();
         // Login Success
         $this->status = true;
     } else {
         $this->fail_login('1');
     }
 }
 public static function validateLogin($email, $password)
 {
     if ($user = user::find(array('email' => $email))) {
         if (authentication::verify($password, $user["password"])) {
             return true;
         } else {
             return false;
         }
     } else {
         return false;
     }
 }
Example #4
0
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<?php 
//Common
require_once '../includes/config.php';
require_once '../includes/util.php';
require_once '../admin/common/include/alert.php';
//======================================
$Util = new Util();
$alert = new alert();
require_once '../admin/class/login/authentication.php';
$auth = new authentication();
$hostname = $Util->getServerName();
?>
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US"> 

    <head>
        <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
        <meta charset="UTF-8" />
        <meta name="description" content="" />
        <meta name="keywords" content="" />
        <meta name="author" content="" />
        <link rel="stylesheet" href="<?php 
echo $hostname . '/admin/common';
?>
/css/reset.css" />
        <link rel="stylesheet" href="<?php 
echo $hostname . '/admin/common';
?>
/css/grid.css" />
        <link rel="stylesheet" href="<?php 
echo $hostname . '/admin/common';
<table class="cmstable" cellspacing="0" cellpadding="0">
  <tr>
    <td class="cmscontent" rowspan="3" valign="top">
		    <?php 
if (!$txtUID) {
    $txtUID = $user;
}
// wenn die übergebene UID nicht gleich dem
// angemeldetem Benutzer ist, muss das Passwort
// angegeben werden
if ($txtUID != $user && !$txtPassword) {
    $error = 1;
} else {
    if ($txtUID && $txtPassword) {
        // Passwort pruefen
        $auth = new authentication();
        if ($auth->checkpassword($txtUID, $txtPassword)) {
            $error = 0;
        } else {
            $error = 2;
        }
    } else {
        $error = 0;
    }
}
// ändern oder eintragen einer mac adresse
if (!$error) {
    if (isset($txtMAC) && $txtMAC != "") {
        $sql_query = "SELECT DISTINCT vorname, nachname \n\t\t\t\t\tFROM campus.vw_benutzer WHERE uid=" . $db->db_add_param($txtUID) . " LIMIT 1";
        if ($result = $db->db_query($sql_query)) {
            if ($row = $db->db_fetch_object($result)) {
Example #6
0
<?php

/*
 * PRIMARY SYSTEM MECHANISM
 * Module loader, URL request grabber, Function load mechanism
 */
// CORE MODULE LOAD MECHANISMS --->
require_once 'src/core/controller/microframework.php';
$ObjFramework = new MicroFramework();
require_once 'src/core/controller/firewall.php';
$ObjFirewall = new firewall();
require_once 'src/core/security/authentication.php';
$ObjAuth = new authentication();
require_once 'src/core/controller/akonga.php';
$ObjAkonga = new akonga();
// <-- END CORE LOAD MECHANISMS
// Run Firewall Checks before hitting authentication
if ($myApp['firewall'] == "on") {
    if ($ObjFirewall->runIPcheck() != true) {
        // Your IP address is not in the approved range or implicit speicification
        require_once 'web/core/security/ipviolation.php';
        exit;
    }
}
// Run an authentication maintain check
$authcheck = $ObjAuth->maintainauth();
// Pull the correct folder and file from the page request
if ($_POST['x'] != "") {
    // posting values to a specific function
    $a = db::escapechars(trim($_POST['x']));
    // module
Example #7
0
$stg = new studiengang();
$stg->getAll('typ, kurzbz', false);
$stg_arr = array();
foreach ($stg->result as $row) {
    $stg_arr[$row->studiengang_kz] = $row->kuerzel;
}
echo '
	<form accept-charset="UTF-8" name="search" method="GET">
  		Bitte Suchbegriff eingeben: 
  		<input type="text" name="searchstr" size="30" value="' . $db->convert_html_chars($searchstr) . '">
  		<input type="submit" value="Suchen">
  	</form>';
if ($searchstr != '') {
    $qry = "SELECT person_id FROM public.tbl_person WHERE person_id in(\n\t\t\tSELECT distinct person_id FROM public.tbl_person LEFT JOIN public.tbl_benutzer USING(person_id) WHERE\n\t\t\tnachname ~* '" . $db->db_escape($searchstr) . "' OR \n\t\t\tvorname ~* '" . $db->db_escape($searchstr) . "' OR\n\t\t\talias ~* '" . $db->db_escape($searchstr) . "' OR\n\t\t\tCOALESCE(nachname,'') || ' ' || COALESCE(vorname,'') = '" . $db->db_escape($searchstr) . "' OR \n\t\t\tCOALESCE(vorname,'') || ' ' || COALESCE(nachname,'') = '" . $db->db_escape($searchstr) . "' OR \n\t\t\tuid ~* '" . $db->db_escape($searchstr) . "'\n\t\t\t) ORDER BY nachname, vorname;";
    if ($result = $db->db_query($qry)) {
        $auth = new authentication();
        echo $db->db_num_rows($result) . ' Person(en) gefunden<br><br>';
        echo '<table>';
        echo '<tr class="liste" align="center">';
        echo "<td colspan='5'><b>Person</b></td>";
        echo "<td colspan='4'><b>Benutzer</b></td>";
        echo "<td colspan='4'><b>Mitarbeiter</b></td>";
        echo "<td colspan='4'><b>Student</b></td>";
        echo '</tr>';
        echo '<tr class="liste" align="center">';
        echo "<td><b>Nachname</b></td>";
        echo "<td><b>Vorname</b></td>";
        echo "<td><b>Gebdatum</b></td>";
        echo "<td><b>updateAmUm</b></td>";
        echo "<td><b>updateVon</b></td>";
        echo "<td><b>Status</b></td>";
 function do_authentication()
 {
     $filename = basename($_SERVER['SCRIPT_FILENAME']);
     $PHP_SELF = $_SERVER['PHP_SELF'];
     if (!$_SESSION['nickname']) {
         if (!isset($this->nickname)) {
             authentication::login_form();
             exit;
         } else {
             $_SESSION['userpassword'] = $this->userpassword;
             $_SESSION['nickname'] = $this->nickname;
         }
         $nickname = iconv('utf-8', 'windows-1251', $this->nickname);
         $userpassword = iconv('utf-8', 'windows-1251', $this->userpassword);
         $ObjDb = new connect_db();
         $link_id = $ObjDb->db_connect();
         $query = "SELECT * FROM {$this->user_tablename} WHERE nickname = '{$nickname}' AND userpassword = '******'";
         $result = mysql_query($query);
         $query_data = mysql_fetch_assoc($result);
         $user_id = $query_data['user_id'];
         $_SESSION['user_id'] = $user_id;
         if (!mysql_num_rows($result)) {
             $_SESSION['nickname'] = null;
             $_SESSION['userpassword'] = null;
             $_SESSION['user_id'] = null;
             return 1;
         } else {
             $query = "SELECT user_id FROM {$this->access_log_tablename} WHERE page = '{$filename}'\n        AND user_id = '{$user_id}'";
             $result = mysql_query($query);
             if (!mysql_num_rows($result)) {
                 $query = "INSERT INTO {$this->access_log_tablename} VALUES ('{$filename}', '{$user_id}', 1, NULL)";
             } else {
                 $query = "UPDATE {$this->access_log_tablename} SET visitcount = visitcount + 1, accessdate = NULL \n        \tWHERE page = '{$filename}' AND user_id = '{$user_id}'";
             }
             mysql_query($query);
             $num_rows = mysql_affected_rows($link_id);
             if ($num_rows != 1) {
                 die(sql_error());
             }
         }
         $ObjDb->db_close();
     } elseif ($_SESSION['nickname'] && $_SESSION['userpassword']) {
         $nickname = $_SESSION['nickname'];
         $filename = basename($_SERVER['SCRIPT_FILENAME']);
         $ObjDb = new connect_db($this->dbhost, $this->dbusername, $this->dbuserpassword, $this->dbname);
         $link_id = $ObjDb->db_connect();
         $nickname = iconv('utf-8', 'windows-1251', $nickname);
         $query = "select user_id from users where nickname='{$nickname}'";
         $result = mysql_query($query);
         $query_data = mysql_fetch_assoc($result);
         $user_id = $query_data['user_id'];
         $nickname = iconv('windows-1251', 'utf-8', $nickname);
         $query = "SELECT user_id FROM {$this->access_log_tablename} WHERE page = '{$filename}' AND user_id = '{$user_id}'";
         $result = mysql_query($query);
         if (!mysql_num_rows($result)) {
             $query = "INSERT INTO {$this->access_log_tablename} VALUES ('{$filename}', '{$user_id}', 1, NULL)";
         } else {
             $query = "UPDATE {$this->access_log_tablename} SET visitcount = visitcount + 1, accessdate = NULL \n        WHERE page = '{$filename}' AND user_id = '{$user_id}'";
         }
         mysql_query($query);
         $num_rows = mysql_affected_rows($link_id);
         if ($num_rows != 1) {
             die(sql_error());
         }
         $ObjDb->db_close();
     }
 }
Example #9
0
            self::error_message(mysql_error());
        }
        $query = "UPDATE {$this->user_tablename} SET email = '{$this->email}' WHERE user_id = '{$this->user_id}'";
        $result = mysql_query($query);
        if (!$result) {
            self::error_message(mysql_error());
        }
        $query = "COMMIT;";
        $result = mysql_query($query);
        if (!$result) {
            self::error_message(mysql_error());
        }
        $ObjDb->db_close();
        echo 'Email успешно изменен.';
    }
    function error_message($msg)
    {
        $str = "Error: {$msg}";
        echo $str;
        exit;
    }
}
include_once "../../libraries/authentication.class.php";
$authentication = new authentication();
$auth = $authentication->do_authentication();
if ($auth == 1) {
    die("Аутентификация не пройдена!");
}
$obj = new PassEmailSaver();
$obj->save_pass();
$obj->save_email();
Example #10
0
?>
/plugins/validator/js/languages/jquery.validationEngine-en.js"></script>
<script type="text/javascript" src="<?php 
echo $hostname . "/admin/common";
?>
/plugins/validator/js/jquery.validationEngine.js"></script>
<script type="text/javascript" src="<?php 
echo $hostname . "/admin/common";
?>
/plugins/gvchart/jquery.gvChart-1.0.1.min.js"></script>
<script type="text/javascript" src="<?php 
echo $hostname . "/admin/common";
?>
/js/scriptbreaker-multiple-accordion-1.js"></script>
<script src="<?php 
echo $hostname . "/admin/common";
?>
/js/head_scripts.js" type="text/javascript"></script>
<!--=== ENABLE HTML5 TAGS FOR IE ===-->
<!--[if IE]><script src="<?php 
echo $hostname . "/admin/common";
?>
/js/html5.js"></script><![endif]-->

<title>vDeal.asia - Admin Control Panel</title>

<?php 
require_once '../admin/class/login/authentication.php';
$checkAuth = new authentication();
echo isset($_SESSION['admin']);
$checkAuth->preventUserNotLogin($Util);
Example #11
0
 /**
  * context所需資訊
  * @param String $json
  * @param String $callback
  */
 function info($json, $callback = NULL)
 {
     if (is_null($callback)) {
         $callback = $json;
         $json = NULL;
     }
     //分析json
     if (isset($json)) {
         $input_data = json_to_object($json);
         if (isset($input_data->anchor_navigation_type)) {
             $type = $input_data->anchor_navigation_type;
             $GLOBALS['context']->set_anchor_navigation_type($type);
         }
     }
     $data = array();
     $data['KALS_language'] = $this->_load_lang();
     $data['Window_profile'] = array('sex' => array(0, 1, 2), 'locale' => array('zh_tw', 'en_us'));
     require_once 'authentication.php';
     $authentication = new authentication();
     $data['KALS_authentication'] = $authentication->default_data();
     //$data['KALS_view_manager'] = $this->_load_viewes();
     // 20140517 Pulipuli Chen
     //$data['webpage_id'] = get_context_webpage()->get_id();
     /**
      * @author Pulipuli Chen <*****@*****.**> 20150117
      * 不,不能這樣做
      * 要把navigation data拆開來之後再做快取
      * 快取網址要搭配 webpage_id 跟 user_id
      */
     //$this->output->cache($this->config->item('output.cache.info.expiration'));
     $this->_display_jsonp($data, $callback);
 }
Example #12
0
//  }
//=====================================================
$pass = false;
if ($service == "login" && $method == "loginuser") {
    // if login service
    $pass = false;
    $obj = new $service();
    if ($data) {
        // echo implode(" ",$data);
        $obj->{$method}($data);
    } else {
        $obj->{$method}(null);
    }
} else {
    //validate user
    $auth = new authentication();
    $pass = $auth->checkuser(true);
}
if ($pass) {
    $obj = new $service();
    if ($data) {
        // echo implode(" ",$data);
        $obj->{$method}($data);
    } else {
        $obj->{$method}(null);
    }
}
?>


Example #13
0
<?php

if (basename($_SERVER["PHP_SELF"]) == "init.php") {
    die("Acesso negado.");
}
// arquivos padrões
require_once "config.php";
// arquivos comuns
require_once $common_directory . "connection.class.php";
require_once $common_directory . "authentication.class.php";
require_once $common_directory . "functions.php";
require_once $common_directory . "geral.class.php";
require_once $common_directory . "user.class.php";
// arquivos da aplicação
$user_info = null;
$connection = new connection($db_server, $db_user, $db_pass, $db_name);
if ($connection) {
    $authentication = new authentication();
    $authentication->execute_authentication();
}
Example #14
0
 public function isAuthenticated()
 {
     $jwt = new authentication();
     $token = $jwt->validate();
     $this->json($token);
 }