public function submit($problem_id)
{
try {
$problem = new Problem($problem_id);
$language = fRequest::get('language', 'integer');
if (!array_key_exists($language, static::$languages)) {
throw new fValidationException('Invalid language.');
}
fSession::set('last_language', $language);
$code = trim(fRequest::get('code', 'string'));
if (strlen($code) == 0) {
throw new fValidationException('Code cannot be empty.');
}
if ($problem->isSecretNow()) {
if (!User::can('view-any-problem')) {
throw new fAuthorizationException('Problem is secret now. You are not allowed to submit this problem.');
}
}
$record = new Record();
$record->setOwner(fAuthorization::getUserToken());
$record->setProblemId($problem->getId());
$record->setSubmitCode($code);
$record->setCodeLanguage($language);
$record->setSubmitDatetime(Util::currentTime());
$record->setJudgeStatus(JudgeStatus::PENDING);
$record->setJudgeMessage('Judging... PROB=' . $problem->getId() . ' LANG=' . static::$languages[$language]);
$record->setVerdict(Verdict::UNKNOWN);
$record->store();
Util::redirect('/status');
} catch (fException $e) {
fMessaging::create('error', $e->getMessage());
fMessaging::create('code', '/submit', fRequest::get('code', 'string'));
Util::redirect("/submit?problem={$problem_id}");
}
}
public function testAddToNonArray()
{
$this->setExpectedException('fProgrammerException');
fSession::open();
fSession::set('non_array', 'value');
fSession::add('non_array', 'value2');
}
/**
* Creates a message that is stored in the session and retrieved by another page
*
* @param string $name A name for the message
* @param string $recipient The intended recipient - this may be ommitted
* @param string $message The message to send
* @param string :$name
* @param string :$message
* @return void
*/
public static function create($name, $recipient, $message = NULL)
{
// This allows for the $recipient parameter to be optional
if ($message === NULL) {
$message = $recipient;
$recipient = '{default}';
}
fSession::set(__CLASS__ . '::' . $recipient . '::' . $name, $message);
}
/**
* Set the sort direction to be used on returning pages
*
* @param string $sort_direction The sort direction to save
* @return void
*/
private static function setPreviousSortDirection($sort_direction)
{
fSession::set(__CLASS__ . '::' . fURL::get() . '::previous_sort_direction', $sort_direction);
}
/**
* Validates a request token generated by ::generateCSRFToken()
*
* This method takes a request token and ensures it is valid, otherwise
* it will throw an fValidationException.
*
* @throws fValidationException When the CSRF token specified is invalid
*
* @param string $token The request token to validate
* @param string $url The URL to validate the token for, default to the current page
* @return void
*/
public static function validateCSRFToken($token, $url = NULL)
{
if ($url === NULL) {
$url = fURL::get();
}
$key = __CLASS__ . '::' . $url . '::csrf_tokens';
$tokens = fSession::get($key, array());
if (!in_array($token, $tokens)) {
throw new fValidationException('The form submitted could not be validated as authentic, please try submitting it again');
}
$tokens = array_diff($tokens, array($token));
fSession::set($key, $tokens);
}
try {
fRequest::validateCSRFToken($_POST['token']);
$validator = new fValidation();
$validator->addRequiredFields('password', 'email');
$validator->addEmailFields('email');
$validator->validate();
$users = fRecordSet::build('User', array('email=' => strtolower($_POST['email'])));
if ($users->count() == 0) {
throw new fValidationException('Invalid username or password.');
}
$rec = $users->getRecords();
$user = $rec[0];
if (!fCryptography::checkPasswordHash($_POST['password'], $user->getPassword())) {
throw new fValidationException('Invalid username or password.');
}
fSession::set('user', $user->getId());
if (fRequest::get('persistent_login', 'boolean')) {
fSession::enablePersistence();
}
if (isset($_POST['forward'])) {
fURL::redirect('http://' . $_SERVER['SERVER_NAME'] . $_POST['forward']);
} else {
fURL::redirect('/members');
}
exit;
} catch (fValidationException $e) {
echo "<p>" . $e->printMessage() . "</p>";
} catch (fSQLException $e) {
echo "<p>An unexpected error occurred, please try again later</p>";
trigger_error($e);
}
$errmsg = '';
if (fRequest::isPost()) {
$old_password = fRequest::get('old-password');
$new_password = fRequest::get('new-password');
$confirm_password = fRequest::get('confirm-password');
$token = fAuthorization::getUserToken();
$username = $token['name'];
$user_id = $token['id'];
if (empty($old_password) or empty($new_password) or empty($confirm_password)) {
$errmsg = '密码不能为空';
} else {
if ($new_password != $confirm_password) {
$errmsg = '两次输入的新密码不一致';
} else {
if (login_check_credential($db, $username, $old_password) == false) {
$errmsg = '旧密码错误';
} else {
if (login_change_password($db, $user_id, $new_password)) {
fURL::redirect(fSession::delete('change-password-referer', SITE_BASE));
} else {
$errmsg = '修改密码失败';
}
}
}
}
} else {
if (fSession::get('change-password-referer') == null) {
fSession::set('change-password-referer', login_get_referer(SITE_BASE));
}
}
include __DIR__ . '/tpl/change-password.php';
/**
* Sets some piece of information to use to identify the current user
*
* @param mixed $token The user's token. This could be a user id, an email address, a user object, etc.
* @return void
*/
public static function setUserToken($token)
{
fSession::set(__CLASS__ . '::user_token', $token);
fSession::regenerateID();
}
public function testRequestedUrl()
{
fSession::set('fAuthorization::requested_url', 'test_url.php?query_string=TRUE');
$this->assertEquals('test_url.php?query_string=TRUE', fAuthorization::getRequestedURL(FALSE));
$this->assertEquals('test_url.php?query_string=TRUE', fAuthorization::getRequestedURL(TRUE));
$this->assertEquals(NULL, fAuthorization::getRequestedURL(TRUE));
$this->assertEquals('test_url2.php?query_string=TRUE', fAuthorization::getRequestedURL(TRUE, 'test_url2.php?query_string=TRUE'));
}
case 32:
$permissions['franchise'][] = 'edit';
break;
case 33:
$permissions['franchise'][] = 'delete';
break;
}
}
$tmp = UserRegion::getByIdUser($u->prepareIdUser());
$regions = array();
foreach ($tmp as $item) {
$regions[] = $item->prepareIdRegion();
}
$regions = implode(',', $regions);
fSession::set(SESSION_ID_USER, $u->prepareIdUser());
fSession::set(SESSION_REGIONS, $regions);
fAuthorization::setUserACLs($permissions);
header('Location: ' . SITE);
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<link type="text/css" rel="stylesheet" href="<?php
echo CSS;
?>
$action = fRequest::get('action');
// --------------------------------- //
if ('log_out' == $action) {
fAuthorization::destroyUserInfo();
fSession::destroy();
fMessaging::create('success', User::makeUrl('login'), 'You were successfully logged out');
fURL::redirect(User::makeUrl('login'));
// --------------------------------- //
} else {
if (!fAuthorization::checkLoggedIn()) {
if (fRequest::isPost()) {
try {
$user = new User(array('username' => fRequest::get('username')));
$valid_pass = fCryptography::checkPasswordHash(fRequest::get('password'), $user->getPassword());
if (!$valid_pass) {
throw new fValidationException('The login or password entered is invalid');
}
fAuthorization::setUserToken($user->getEmail());
fAuthorization::setUserAuthLevel($user->getRole());
fSession::set('user_id', $user->getUserId());
fSession::set('user_name', $user->getUsername());
fURL::redirect(fAuthorization::getRequestedURL(TRUE, 'index.php'));
} catch (fExpectedException $e) {
fMessaging::create('error', fURL::get(), $e->getMessage());
}
}
include VIEW_PATH . '/log_in.php';
} else {
fURL::redirect('index.php');
}
}
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/init.php';
# Persist closed alert boxes in the user's session. See also the event handler for
# '.alert .close[data-persist]' in main.js.
if (isset($_POST['suppress_profile_notification'])) {
fSession::set('suppress_profile_notification', true);
}
case 30:
$permissions['user'][] = 'delete';
break;
case 43:
$permissions['geolocation'][] = 'add';
break;
case 44:
$permissions['geolocation'][] = 'edit';
break;
case 45:
$permissions['geolocation'][] = 'delete';
break;
}
}
fSession::set('idUsuario', $u->prepareIdUser());
fSession::set(SESSION_ID_USER, $u->prepareIdUser());
fAuthorization::setUserACLs($permissions);
header('Location: ' . SITE);
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<link type="text/css" rel="stylesheet" href="<?php
echo CSS;
?>
/**
* Sets some piece of information to use to identify the current user
*
* @param mixed $token The user's token. This could be a user id, an email address, a user object, etc.
* @return void
*/
public static function setUserToken($token)
{
fSession::set('user_token', $token, __CLASS__ . '::');
self::regenerate();
}