Example #1
0
 public function submit($problem_id)
 {
     try {
         $problem = new Problem($problem_id);
         $language = fRequest::get('language', 'integer');
         if (!array_key_exists($language, static::$languages)) {
             throw new fValidationException('Invalid language.');
         }
         fSession::set('last_language', $language);
         $code = trim(fRequest::get('code', 'string'));
         if (strlen($code) == 0) {
             throw new fValidationException('Code cannot be empty.');
         }
         if ($problem->isSecretNow()) {
             if (!User::can('view-any-problem')) {
                 throw new fAuthorizationException('Problem is secret now. You are not allowed to submit this problem.');
             }
         }
         $record = new Record();
         $record->setOwner(fAuthorization::getUserToken());
         $record->setProblemId($problem->getId());
         $record->setSubmitCode($code);
         $record->setCodeLanguage($language);
         $record->setSubmitDatetime(Util::currentTime());
         $record->setJudgeStatus(JudgeStatus::PENDING);
         $record->setJudgeMessage('Judging... PROB=' . $problem->getId() . ' LANG=' . static::$languages[$language]);
         $record->setVerdict(Verdict::UNKNOWN);
         $record->store();
         Util::redirect('/status');
     } catch (fException $e) {
         fMessaging::create('error', $e->getMessage());
         fMessaging::create('code', '/submit', fRequest::get('code', 'string'));
         Util::redirect("/submit?problem={$problem_id}");
     }
 }
Example #2
0
 public function testAddToNonArray()
 {
     $this->setExpectedException('fProgrammerException');
     fSession::open();
     fSession::set('non_array', 'value');
     fSession::add('non_array', 'value2');
 }
 /**
  * Creates a message that is stored in the session and retrieved by another page
  *
  * @param  string $name       A name for the message
  * @param  string $recipient  The intended recipient - this may be ommitted
  * @param  string $message    The message to send
  * @param  string :$name
  * @param  string :$message
  * @return void
  */
 public static function create($name, $recipient, $message = NULL)
 {
     // This allows for the $recipient parameter to be optional
     if ($message === NULL) {
         $message = $recipient;
         $recipient = '{default}';
     }
     fSession::set(__CLASS__ . '::' . $recipient . '::' . $name, $message);
 }
Example #4
0
 /**
  * Set the sort direction to be used on returning pages
  *
  * @param  string $sort_direction  The sort direction to save
  * @return void
  */
 private static function setPreviousSortDirection($sort_direction)
 {
     fSession::set(__CLASS__ . '::' . fURL::get() . '::previous_sort_direction', $sort_direction);
 }
Example #5
0
 /**
  * Validates a request token generated by ::generateCSRFToken()
  * 
  * This method takes a request token and ensures it is valid, otherwise
  * it will throw an fValidationException.
  * 
  * @throws fValidationException  When the CSRF token specified is invalid
  * 
  * @param  string $token  The request token to validate
  * @param  string $url    The URL to validate the token for, default to the current page
  * @return void
  */
 public static function validateCSRFToken($token, $url = NULL)
 {
     if ($url === NULL) {
         $url = fURL::get();
     }
     $key = __CLASS__ . '::' . $url . '::csrf_tokens';
     $tokens = fSession::get($key, array());
     if (!in_array($token, $tokens)) {
         throw new fValidationException('The form submitted could not be validated as authentic, please try submitting it again');
     }
     $tokens = array_diff($tokens, array($token));
     fSession::set($key, $tokens);
 }
 try {
     fRequest::validateCSRFToken($_POST['token']);
     $validator = new fValidation();
     $validator->addRequiredFields('password', 'email');
     $validator->addEmailFields('email');
     $validator->validate();
     $users = fRecordSet::build('User', array('email=' => strtolower($_POST['email'])));
     if ($users->count() == 0) {
         throw new fValidationException('Invalid username or password.');
     }
     $rec = $users->getRecords();
     $user = $rec[0];
     if (!fCryptography::checkPasswordHash($_POST['password'], $user->getPassword())) {
         throw new fValidationException('Invalid username or password.');
     }
     fSession::set('user', $user->getId());
     if (fRequest::get('persistent_login', 'boolean')) {
         fSession::enablePersistence();
     }
     if (isset($_POST['forward'])) {
         fURL::redirect('http://' . $_SERVER['SERVER_NAME'] . $_POST['forward']);
     } else {
         fURL::redirect('/members');
     }
     exit;
 } catch (fValidationException $e) {
     echo "<p>" . $e->printMessage() . "</p>";
 } catch (fSQLException $e) {
     echo "<p>An unexpected error occurred, please try again later</p>";
     trigger_error($e);
 }
Example #7
0
$errmsg = '';
if (fRequest::isPost()) {
    $old_password = fRequest::get('old-password');
    $new_password = fRequest::get('new-password');
    $confirm_password = fRequest::get('confirm-password');
    $token = fAuthorization::getUserToken();
    $username = $token['name'];
    $user_id = $token['id'];
    if (empty($old_password) or empty($new_password) or empty($confirm_password)) {
        $errmsg = '密码不能为空';
    } else {
        if ($new_password != $confirm_password) {
            $errmsg = '两次输入的新密码不一致';
        } else {
            if (login_check_credential($db, $username, $old_password) == false) {
                $errmsg = '旧密码错误';
            } else {
                if (login_change_password($db, $user_id, $new_password)) {
                    fURL::redirect(fSession::delete('change-password-referer', SITE_BASE));
                } else {
                    $errmsg = '修改密码失败';
                }
            }
        }
    }
} else {
    if (fSession::get('change-password-referer') == null) {
        fSession::set('change-password-referer', login_get_referer(SITE_BASE));
    }
}
include __DIR__ . '/tpl/change-password.php';
 /**
  * Sets some piece of information to use to identify the current user
  *
  * @param  mixed $token  The user's token. This could be a user id, an email address, a user object, etc.
  * @return void
  */
 public static function setUserToken($token)
 {
     fSession::set(__CLASS__ . '::user_token', $token);
     fSession::regenerateID();
 }
 public function testRequestedUrl()
 {
     fSession::set('fAuthorization::requested_url', 'test_url.php?query_string=TRUE');
     $this->assertEquals('test_url.php?query_string=TRUE', fAuthorization::getRequestedURL(FALSE));
     $this->assertEquals('test_url.php?query_string=TRUE', fAuthorization::getRequestedURL(TRUE));
     $this->assertEquals(NULL, fAuthorization::getRequestedURL(TRUE));
     $this->assertEquals('test_url2.php?query_string=TRUE', fAuthorization::getRequestedURL(TRUE, 'test_url2.php?query_string=TRUE'));
 }
Example #10
0
                case 32:
                    $permissions['franchise'][] = 'edit';
                    break;
                case 33:
                    $permissions['franchise'][] = 'delete';
                    break;
            }
        }
        $tmp = UserRegion::getByIdUser($u->prepareIdUser());
        $regions = array();
        foreach ($tmp as $item) {
            $regions[] = $item->prepareIdRegion();
        }
        $regions = implode(',', $regions);
        fSession::set(SESSION_ID_USER, $u->prepareIdUser());
        fSession::set(SESSION_REGIONS, $regions);
        fAuthorization::setUserACLs($permissions);
        header('Location: ' . SITE);
    }
}
?>
<!DOCTYPE html>
<html>
	
	<head>
	
		<title>Login</title>
		
		<link type="text/css" rel="stylesheet" href="<?php 
echo CSS;
?>
Example #11
0
$action = fRequest::get('action');
// --------------------------------- //
if ('log_out' == $action) {
    fAuthorization::destroyUserInfo();
    fSession::destroy();
    fMessaging::create('success', User::makeUrl('login'), 'You were successfully logged out');
    fURL::redirect(User::makeUrl('login'));
    // --------------------------------- //
} else {
    if (!fAuthorization::checkLoggedIn()) {
        if (fRequest::isPost()) {
            try {
                $user = new User(array('username' => fRequest::get('username')));
                $valid_pass = fCryptography::checkPasswordHash(fRequest::get('password'), $user->getPassword());
                if (!$valid_pass) {
                    throw new fValidationException('The login or password entered is invalid');
                }
                fAuthorization::setUserToken($user->getEmail());
                fAuthorization::setUserAuthLevel($user->getRole());
                fSession::set('user_id', $user->getUserId());
                fSession::set('user_name', $user->getUsername());
                fURL::redirect(fAuthorization::getRequestedURL(TRUE, 'index.php'));
            } catch (fExpectedException $e) {
                fMessaging::create('error', fURL::get(), $e->getMessage());
            }
        }
        include VIEW_PATH . '/log_in.php';
    } else {
        fURL::redirect('index.php');
    }
}
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/init.php';
# Persist closed alert boxes in the user's session. See also the event handler for
# '.alert .close[data-persist]' in main.js.
if (isset($_POST['suppress_profile_notification'])) {
    fSession::set('suppress_profile_notification', true);
}
Example #13
0
                case 30:
                    $permissions['user'][] = 'delete';
                    break;
                case 43:
                    $permissions['geolocation'][] = 'add';
                    break;
                case 44:
                    $permissions['geolocation'][] = 'edit';
                    break;
                case 45:
                    $permissions['geolocation'][] = 'delete';
                    break;
            }
        }
        fSession::set('idUsuario', $u->prepareIdUser());
        fSession::set(SESSION_ID_USER, $u->prepareIdUser());
        fAuthorization::setUserACLs($permissions);
        header('Location: ' . SITE);
    }
}
?>
<!DOCTYPE html>
<html>
	
	<head>
	
		<title>Login</title>
		
		<link type="text/css" rel="stylesheet" href="<?php 
echo CSS;
?>
Example #14
0
 /**
  * Sets some piece of information to use to identify the current user
  * 
  * @param  mixed $token  The user's token. This could be a user id, an email address, a user object, etc.
  * @return void
  */
 public static function setUserToken($token)
 {
     fSession::set('user_token', $token, __CLASS__ . '::');
     self::regenerate();
 }