echo $ajax ? '' : '<pre style="font-size:11px;border:1px solid #606060;color:#606060;background:#eee;margin:8px;padding:8px;">'; $simple ? print_r($data) : var_dump($data); echo $ajax ? '' : '</pre>'; } /** * Dump doctrine object * * @param type $data */ function ddump($data) { \Doctrine\Common\Util\Debug::dump($data); } } // start session \CB\Session::start(); // leave no exception uncaught try { // process request $request = rtrim(explode('?', $_SERVER['REQUEST_URI'])[0], '/\\'); // simple request mapping switch ($request) { // default default: case \CB\Config::get('folder.root') . '/api/info': new \CB\Controller\Info(); break; // extjs api string // extjs api string case \CB\Config::get('folder.root') . '/api': new \CB\Controller\Api();
/** * Change user password. */ public function changePassword($p) { if (!User::isVerified()) { return array('success' => false, 'verify' => true); } /* passord could be changed by: admin, user owner, user himself */ if (empty($p['password']) || $p['password'] != $p['confirmpassword']) { throw new \Exception(L\get('Wrong_input_data')); } $user_id = $this->extractId($p['id']); /* check for old password if users changes password for himself */ if ($_SESSION['user']['id'] == $user_id) { $res = DB\dbQuery('SELECT id FROM users_groups WHERE id = $1 AND `password` = MD5(CONCAT(\'aero\', $2))', array($user_id, $p['currentpassword'])) or die(DB\dbQueryError()); if (!$res->fetch_assoc()) { throw new \Exception(L\get('WrongCurrentPassword')); } $res->close(); } /* end of check for old password if users changes password for himself */ if (!Security::canEditUser($user_id)) { throw new \Exception(L\get('Access_denied')); } DB\dbQuery('UPDATE users_groups SET `password` = MD5(CONCAT(\'aero\', $2)) ,uid = $3 WHERE id = $1', array($user_id, $p['password'], $_SESSION['user']['id'])) or die(DB\dbQueryError()); Session::clearUserSessions($user_id); return array('success' => true); }
/** * Logout user. * * @access public * @return void */ public function logout() { // delete session \CB\Session::destroy(); // delete autologin if (\CB\Cookie::get('autologin')) { // delete token $this->getService('Token')->remove(\CB\Cookie::get('autologin')); // delete cookie \CB\Cookie::remove('autologin'); } }