Example #1
0
 /**
  * 打卡签到接口
  */
 public function pageSignIn()
 {
     $model = new model_kaoqin();
     $mdl_user = new model_user();
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         $info = $GLOBALS['HTTP_RAW_POST_DATA'];
         $data = json_decode($info, true);
         $user_id = $condition['user_id'] = $data['user_id'];
         if ($this->verifySignIn($user_id, $data['status'])) {
             $res = $mdl_user->selectOne($user_id, 'username,nickname');
             $condition['username'] = $res['username'];
             $condition['nickname'] = $res['nickname'];
             $condition['status'] = $data['status'];
             $condition['createtime'] = $this->_time;
             $condition['createymd'] = $this->_date;
             $model->insert($condition);
             $lastInsertId = $model->lastInsertId();
             if ($lastInsertId) {
                 $msg = '上班打卡成功';
                 lib_BaseUtils::jsonp($msg, 1, 0);
             } else {
                 $msg = '上班打卡失败';
                 lib_BaseUtils::jsonp($msg, 1, 0);
             }
         } else {
             $msg = '抱歉,您已经打过卡了';
             lib_BaseUtils::jsonp($msg, 1, 1);
         }
     }
 }
Example #2
0
 function hapus($var)
 {
     cek_keamanan(array("admin"));
     $this->model("model_user");
     $this->model_user->delete($var[model_user::pk()]);
     $this->redirect();
 }
Example #3
0
 function new_page()
 {
     if (isset($_POST) && !empty($_POST)) {
         $id = model::factory('page')->add_page($_POST['title'], $_POST['body'], model_user::instance()->getId(), $sim);
         header('location: ' . model::factory('renderer')->url('/admin/page/edit/' . $id));
     }
     $renderer = model::factory('renderer', 'page');
     model::factory('renderer')->add_css('/css/form.css');
     return model::factory('renderer')->admin_content = $renderer->render('template/admin/page/edit.php');
 }
Example #4
0
 function new_file()
 {
     // If a form was posted, add a file to the site.
     if (isset($_POST) && !empty($_POST)) {
         $id = model::factory('file')->add_file($_FILES['file']['name'], $_POST['title'], $_FILES['file']['type'], file_get_contents($_FILES['file']['tmp_name']), model_user::instance()->getId());
         // and send user to file list
         header('location: ' . model::factory('renderer')->url('/admin/file/'));
     }
     // if not render an addition form
     $renderer = model::factory('renderer', 'post');
     model::factory('renderer')->add_css('/css/form.css');
     model::factory('renderer')->admin_content = $renderer->render('template/admin/file/edit.php', true);
 }
Example #5
0
 public static function create($request)
 {
     $firstName = $request['firstName'];
     $lastName = $request['lastName'];
     $emailId = $request['emailId'];
     $facebookId = $request['facebookId'];
     $dateOfBirth = $request['dateOfBirth'];
     $result = model_user::saveUser($firstName, $lastName, $emailId, $facebookId, $dateOfBirth);
     $resultObj = new stdClass();
     $resultObj->id = $result['id'];
     $resultObj->result = "Success";
     return $resultObj;
 }
Example #6
0
 function pageAddUser()
 {
     $model = new model_user();
     $model->set('nickname', '李四');
     $model->set('username', 'lisi');
     $model->set('pwd', '123456');
     $model->set('status', '1');
     $model->set('createtime', $this->_time);
     $model->set('createymd', $this->_date);
     $res = $model->save();
     if ($res) {
         $this->ShowMsg("用户添加成功");
     } else {
         $this->ShowMsg("用户添加失败");
     }
 }
Example #7
0
 function login()
 {
     // Check to see if there are any login-attempts
     if (isset($_POST) && !empty($_POST)) {
         // If there is, initialize a user-model and check username and password against the database.
         $user = model_user::instance();
         $user->login_by_username_and_password($_POST['username'], $_POST['password']);
         //Are we logged in?
         if ($user->logged_in()) {
             // Yes! Ship the user to adminpanel!
             header('location: ' . model::factory('renderer')->url('/admin'));
         } else {
             // Ha! You wish. Back to where you came from!
             header('location: ' . $_SERVER['HTTP_REFERER']);
         }
     }
     // If no login attempt do some cosmetic stuff.
     // Set page title using pagename from database.
     model::factory('renderer')->title = 'Logga in - ' . model::factory('conf')->get_value('site_name');
     // Also provide a short text to tell whether or not the user is logged in or not.
     model::factory('renderer')->logged_in = model_user::instance()->logged_in() ? 'inloggad' : 'INTE inloggad';
 }
Example #8
0
 /**
  * creates a new ad
  * @param  array $data 
  * @param  model_user $user 
  * @return array       
  */
 public static function new_ad($data, $user)
 {
     $return_message = '';
     $checkout_url = '';
     //akismet spam filter
     if (isset($data['title']) and isset($data['description']) and core::akismet($data['title'], $user->email, $data['description']) == TRUE) {
         // is user marked as spammer? Make him one :)
         if (core::config('general.black_list')) {
             $user->user_spam();
         }
         return array('error' => __('This post has been considered as spam! We are sorry but we can not publish this advertisement.'), 'error_type' => Alert::ALERT);
     }
     //akismet
     $ad = new Model_Ad();
     $ad->id_user = $user->id_user;
     $ad->values($data);
     $ad->seotitle = $ad->gen_seo_title($ad->title);
     $ad->created = Date::unix2mysql();
     try {
         $ad->save();
     } catch (ORM_Validation_Exception $e) {
         return array('validation_errors' => $e->errors('ad'));
     } catch (Exception $e) {
         return array('error' => $e->getMessage(), 'error_type' => Alert::ALERT);
     }
     /////////// NOTIFICATION Emails,messages to user and Status of the ad
     // depending on user flow (moderation mode), change usecase
     $moderation = core::config('general.moderation');
     //calculate how much he needs to pay in case we have payment on
     if ($moderation == Model_Ad::PAYMENT_ON or $moderation == Model_Ad::PAYMENT_MODERATION) {
         // check category price, if 0 check parent
         if ($ad->category->price == 0) {
             $cat_parent = new Model_Category($ad->category->id_category_parent);
             //category without price
             if ($cat_parent->price == 0) {
                 //swapping moderation since theres no price :(
                 if ($moderation == Model_Ad::PAYMENT_ON) {
                     $moderation = Model_Ad::POST_DIRECTLY;
                 } elseif ($moderation == Model_Ad::PAYMENT_MODERATION) {
                     $moderation = Model_Ad::MODERATION_ON;
                 }
             } else {
                 $amount = $cat_parent->price;
             }
         } else {
             $amount = $ad->category->price;
         }
     }
     //where and what we say to the user depending ont he moderation
     switch ($moderation) {
         case Model_Ad::PAYMENT_ON:
         case Model_Ad::PAYMENT_MODERATION:
             $ad->status = Model_Ad::STATUS_NOPUBLISHED;
             $order = Model_Order::new_order($ad, $user, Model_Order::PRODUCT_CATEGORY, $amount, NULL, Model_Order::product_desc(Model_Order::PRODUCT_CATEGORY) . ' ' . $ad->category->name);
             // redirect to invoice
             $return_message = __('Please pay before we publish your advertisement.');
             $checkout_url = Route::url('default', array('controller' => 'ad', 'action' => 'checkout', 'id' => $order->id_order));
             break;
         case Model_Ad::EMAIL_MODERATION:
         case Model_Ad::EMAIL_CONFIRMATION:
             $ad->status = Model_Ad::STATUS_UNCONFIRMED;
             $url_ql = $user->ql('oc-panel', array('controller' => 'myads', 'action' => 'confirm', 'id' => $ad->id_ad));
             $user->email('ads-confirm', array('[URL.QL]' => $url_ql, '[AD.NAME]' => $ad->title));
             $return_message = __('Advertisement is posted but first you need to activate. Please check your email!');
             break;
         case Model_Ad::MODERATION_ON:
             $ad->status = Model_Ad::STATUS_NOPUBLISHED;
             $url_ql = $user->ql('oc-panel', array('controller' => 'myads', 'action' => 'update', 'id' => $ad->id_ad));
             $user->email('ads-notify', array('[URL.QL]' => $url_ql, '[AD.NAME]' => $ad->title));
             // email to notify user of creating, but it is in moderation currently
             $return_message = __('Advertisement is received, but first administrator needs to validate. Thank you for being patient!');
             break;
         case Model_Ad::POST_DIRECTLY:
         default:
             $ad->status = Model_Ad::STATUS_PUBLISHED;
             $ad->published = $ad->created;
             $url_cont = $user->ql('contact');
             $url_ad = $user->ql('ad', array('category' => $ad->category->seoname, 'seotitle' => $ad->seotitle));
             $user->email('ads-user-check', array('[URL.CONTACT]' => $url_cont, '[URL.AD]' => $url_ad, '[AD.NAME]' => $ad->title));
             Model_Subscribe::notify($ad);
             $return_message = __('Advertisement is posted. Congratulations!');
             break;
     }
     //save the last changes on status
     $ad->save();
     //notify admins new ad
     $ad->notify_admins();
     return array('message' => $return_message, 'checkout_url' => $checkout_url, 'ad' => $ad);
 }
Example #9
0
            $params = explode('/', $parts[3]);
        } else {
            $params = array();
        }
        // Instantiate the class
        $class_name = 'controller_' . $parts[0] . '_' . $parts[1];
        $class = new $class_name();
        // And finish with the method
        $method = isset($parts[2]) && !empty($parts[2]) ? $parts[2] : 'index';
    } else {
        // if parts is empty, use the default welcome-controller
        if ($parts[0] == '') {
            $parts[0] = 'welcome';
        }
        // Prepare the parameters
        if (isset($parts[2])) {
            $params = explode('/', $parts[2]);
        } else {
            $params = array();
        }
        // Instantiate the class
        $class_name = 'controller_' . $parts[0];
        $class = new $class_name();
        // And finish with the method
        $method = isset($parts[1]) && !empty($parts[1]) ? $parts[1] : 'index';
    }
    // Once done. return an array with the stuff
    return array('class' => $class, 'params' => $params, 'method' => $method);
}
model_user::instance();
Example #10
0
 /**
  * Проверка подлинности сессии
  */
 private function check_session() : bool
 {
     $check = false;
     $login = self::$session->read('login');
     $action_time = self::$session->read('action_time');
     $hash = self::$session->read('hash');
     $sid = self::$session->read('sid');
     $row = self::$db->selectOne('SELECT `user`, `sid`,`action_time` FROM `Auth` WHERE `user` = :login AND `sid` = :hash AND `action_time` = :action_time', ['login' => $login, 'action_time' => $action_time, 'hash' => $hash]);
     if (!empty($row) && $row['sid'] === $hash) {
         $row = self::$db->selectOne('SELECT `login`, `user_group`, `sid`, `control_ip`, `action_time` FROM Users WHERE `login` = :login', ['login' => $login]);
         if (!empty($row) && $row['sid'] === self::hash($sid, $row['action_time'], $row['control_ip'])) {
             if (self::$config['tech_work'] && !$row['user_group'] < 5) {
                 if ($action_time < self::mtime()) {
                     self::$session->recreate($login, $sid);
                     self::$db->runQuery('UPDATE Auth SET `sid` = :sid, `action_time` = :action_time WHERE `user` = :login LIMIT 1', ['login' => $login, 'sid' => self::$session->read('hash'), 'action_time' => self::$session->read('action_time')]);
                     $check = true;
                 } else {
                     $check = true;
                 }
             } else {
                 $check = false;
             }
         } else {
             $check = false;
         }
     } else {
         $check = false;
     }
     if ($check) {
         self::$login = $row['login'];
         self::$user_group = $row['user_group'];
         return true;
     } else {
         return false;
     }
 }
Example #11
0
    die;
}
// was the ROOT trying to log in?
if ($name == 'mwaroot' && $rootPasswd != "" && $password == $rootPasswd) {
    // match, create root userdata.
    $userdata = array();
    $userdata['id'] = 0;
    $userdata['name'] = "mwaroot";
    $userdata['groups'] = "root";
} else {
    // are there any user models?
    $mdl = sprintf("%s/model/user.php", ROOT);
    if (!file_exists($mdl)) {
        // no user model, asumming only root user.
        http_response::redir('/admin');
        die;
    }
    // try login
    $mdlUser = new model_user();
    $userdata = $mdlUser->login($name, $password);
}
if ($userdata == null) {
    http_response::redir('/admin');
    die;
}
// init login session
$user = user::getInstance();
$user->login($userdata['id'], $userdata['name'], $userdata['groups'], $remember);
// enter admin
http_response::redir('/admin/index');
die;
Example #12
0
<div class="page-header">
  <h1><?php 
echo $judul;
?>
</h1>
</div>
<form <?php 
form_properties("user", $aksi, $data[model_user::pk()], true);
?>
>
	<table border="0">
		<tr>
			<td>Nama</td>
      <td><?php 
input("nama", $data);
?>
</td>
		</tr>
		<tr>
			<td>Email</td>
			<td><?php 
input("email", $data);
?>
</td>
		</tr>
		<tr>
			<td>Handphone</td>
			<td><?php 
input("hp", $data);
?>
</td>
Example #13
0
    define('key', '');
}
// Include init.php if not already included earlier.
require_once 'init.php';
// Change the session-timeout to something from the database.
ini_set("session.cookie_lifetime", $conf['session_timeout']);
// and start it
session_start();
// Initialize a new global rendering object accessible from model::factory('renderer')
$renderer = new model_renderer();
// Do some magic with the url
$parts = model::factory('url')->get_parts();
switch ($parts[0]) {
    case 'admin':
        // Admin? are you sure you are admin?
        if (model_user::instance()->isAdmin()) {
            // Seems like it.
            $parts = resolv($_GET);
            // Which controller do you want? Ah yes! That one.
            $class = new $parts['class']();
            // Run the before part if there is one.
            if (method_exists($class, 'before')) {
                $class->before();
            }
            // Alright, enough foreplay. Call the class already and its method. And don't forget the parameters!
            call_user_func_array(array($class, $parts['method']), $parts['params']);
            // Echo back the results.
            echo model::factory('renderer')->render('template/admin/main.html');
            break;
        }
    case 'login':