public function restrictAdmin() { if (!$this->session->read('authAdmin')) { $this->session->setFlash('danger', "Vous n'êtes pas Admin, vous n'avez pas les droits nécessaires"); theApp::redirect('../action/login.php'); } }
static function getDataBase() { if (!self::$db) { self::$db = new Database('root', '', 'depannage_sarr'); } return self::$db; }
<?php require_once 'bootstrapAdmin.php'; $auth = theApp::getAuth(); $auth->restrictAdmin(); include '../inc/header.php'; ?> <div class="row"> <ul> <li> <a class ="all_link" href="ajouter.php" >Ajouter un nouveau client</a> </li> <li> <a class ="all_link" href="upload.php">Envoyer des fichiers aux clients</a> </li> <li> <a class ="all_link" href="list_client.php">Liste des clients/fichiers</a> </li> <li> <a class ="all_link" href="supprimer.php">Supprimer / Modifier un client</a> </li> <li> <a class ="all_link" href="modifEpace.php">Modifier Votre compte personel</a> </li> </ul> </div> <?php include '../inc/footer.php';
<?php /** * Created by PhpStorm. * User: moussa * Date: 22/01/2016 * Time: 19:31 */ require '../inc/bootstrap.php'; theApp::getAuth()->logout(); Session::getInstance()->setFlash('success', "Vous avez bien été déconnecté au revoir et à bientôt"); theApp::redirect('login.php');
if ($validator->isValid()) { $password = password_hash($_POST['password'], PASSWORD_BCRYPT); $reqUp = $db->query('UPDATE users SET reset_token = NULL, reset_at = NULL, password = ? WHERE id=?', [$password, $_GET['id']]); Session::getInstance()->setFlash('success', "Votre mot de passe a bien été réinitialisé!"); theApp::redirect('account.php'); } else { Session::getInstance()->setFlash('danger', "Les deux mots de passe ne match pas!"); theApp::redirect('login.php'); } } } else { Session::getInstance()->setFlash('danger', "ce compte est introuvable!"); theApp::getAuth('login.php'); } } else { theApp::getAuth('login.php'); } ?> <?php require 'inc/header.php'; ?> <form action="" method="POST"> <div class="form-group"> <label for="">Nouveau mot de passe</label> <input type="password" name="password" class="form-control"> </div> <div class="form-group"> <label for="">Confirmation nouveau mot de passe</label>
<?php require_once 'bootstrapClient.php'; $auth = theApp::getAuth(); $auth->isPermit(); $db = theApp::getDataBase(); if (isset($_GET['id'])) { $id = $_GET['id']; $status = $_GET['status']; if ($status === admin) { $table = "upload_for_users"; } else { $table = "upload"; } $prepared = "DELETE FROM {$table} WHERE id = ?"; $req = $db->query($prepared, [$id]); //header('Location: index.php'); header("Location: {$_SERVER['HTTP_REFERER']}"); exit; }
<?php require_once '../inc/bootstrap.php'; $user_id = $_GET['id']; $token = $_GET['token']; $db = theApp::getDataBase(); $auth = theApp::getAuth(); if ($auth->confirm($db, $user_id, $token)) { Session::getInstance()->setFlash('success', 'Votre compte a été bien crée!'); theApp::redirect('../client'); } else { Session::getInstance()->setFlash('danger', 'Ce lien n\'est pas valide!!'); theApp::redirect('../action/login.php'); }
<?php require 'bootstrapAdmin.php'; require 'lib/inc.prepend.php'; $auth = theApp::getAuth(); $auth->restrictAdmin(); $session = Session::getInstance(); $db = theApp::getDataBase(); $users = theApp::getDataBase()->query('SELECT * FROM users'); if (isset($_POST['upload']) && !empty($_POST['nom_client']) && $_FILES['userfile']['size'] > 0) { $fileName = $_FILES['userfile']['name']; $tmpName = $_FILES['userfile']['tmp_name']; $fileSize = $_FILES['userfile']['size']; $fileType = $_FILES['userfile']['type']; $id_client = $_POST['nom_client']; $fp = fopen($tmpName, 'r'); $content = fread($fp, filesize($tmpName)); $content = addslashes($content); fclose($fp); if (!get_magic_quotes_gpc()) { $fileName = addslashes($fileName); } $db->query("INSERT INTO upload_for_users (name, size, type, content, id_client ) " . "VALUES ('{$fileName}', '{$fileSize}', '{$fileType}', '{$content}', '{$id_client}')"); foreach ($users as $userEmail) { if ($userEmail->id === $id_client) { mail($userEmail->email, "Notification par ecotoit.fr", "Bonjour, \nLe client {$userEmail->username} a mis à votre disposition des documents\n dans le site ecotoit.fr"); } } echo "<script>alert(\"File {$fileName} uploaded\")</script>"; } ?>
$auth = theApp::getAuth(); $db = theApp::getDataBase(); $auth->reconnect_from_cookie($db); /*if($auth->user()){ theApp::redirect('index.php'); }*/ if (!empty($_POST) && !empty($_POST['username']) && !empty($_POST['password'])) { $user = $auth->login($db, $_POST['username'], $_POST['password'], isset($_POST['remember'])); $session = Session::getInstance(); if ($user) { if ($user->isAdmin) { $session->setFlash('success', "Vous êtes maintenant bien connecté. Vous êtes l'administrateur de ce site !"); theApp::redirect('../admin'); } else { $session->setFlash('success', "Vous êtes maintenant bien connecté !"); theApp::redirect('../client/'); } } else { $session->setFlash('danger', "Mot de pass ou identifiant incorrect!"); } } require '../inc/header.php'; ?> <form action="" method="POST"> <div class="form-group"> <label for="">Pseudo ou Email</label> <input type="text" name="username" class="form-control"> </div> <div class="form-group">